Updates from: 04/07/2023 01:29:46
Service Microsoft Docs article Related commit history on GitHub Change details
v1.0 Accesspackage Getapplicablepolicyrequirements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackage-getapplicablepolicyrequirements.md
Content-Type: application/json
#### Request
-<!-- { "blockType": "ignored" } -->
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["b15419bb-5ffc-ea11-b207-c8d9d21f4e9a"],
+ "name": "get_req_for_given_user"
+}-->
+ ```http
-POST /identityGovernance/entitlementManagement/accessPackages(ΓÇÿb15419bb-5ffc-ea11-b207-c8d9d21f4e9aΓÇÖ)/getApplicablePolicyRequirements
+POST /identityGovernance/entitlementManagement/accessPackages/b15419bb-5ffc-ea11-b207-c8d9d21f4e9a/getApplicablePolicyRequirements
{ "subject": {
POST /identityGovernance/entitlementManagement/accessPackages(ΓÇÿb15419bb-5ffc-e
#### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.accessPackageAssignmentRequestRequirements)"
+}
+-->
+ ```http HTTP/1.1 200 OK Content-Type: application/json
v1.0 Accesspackageassignmentpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentpolicy-get.md
Content-type: application/json
} ```
+### Example 3: Retrieve the custom extension stage settings for a policy
+
+#### Request
+
+The following is an example of a request to retrieve the collection of custom extension stage settings that are defined for a policy and their associated access package custom workflow extension.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accesspackageassignmentpolicy_expand_customextensionstagesettings"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197?$expand=customExtensionStageSettings($expand=customExtension)
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "id": "4540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with custom access package workflow extension",
+ "description": "Run specified custom access package workflow extension at different stages.",
+ "canExtend": true,
+ "durationInDays": 0,
+ "expirationDateTime": null,
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "accessReviewSettings": null,
+ "requestorSettings": {
+ "scopeType": "AllExistingDirectorySubjects",
+ "acceptRequests": true,
+ "allowedRequestors": []
+ },
+ "requestApprovalSettings": {
+ "isApprovalRequired": false,
+ "isApprovalRequiredForExtension": false,
+ "isRequestorJustificationRequired": false,
+ "approvalMode": "NoApproval",
+ "approvalStages": []
+ },
+ "customExtensionStageSettings": [
+ {
+ "id": "5a38d27a-b702-48d9-ac72-dcf158ba1b0d",
+ "stage": "assignmentRequestCreated",
+ "customExtension": {
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8",
+ "displayName": "test_action_1",
+ "description": "Test logic app",
+ "createdDateTime": "2022-01-11T05:19:16.97Z",
+ "lastModifiedDateTime": "2022-01-11T05:19:16.97Z",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "resourcegroup",
+ "logicAppWorkflowName": "customextension_test",
+ "url": "https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+ }
+ ]
+}
+```
+ <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
v1.0 Accesspackageassignmentpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentpolicy-update.md
Content-Type: application/json
"accessReviewSettings": null } ```
+### Example 3: Remove the customExtensionStageSettings from a policy
+
+To remove the collection of **customExtensionStageSettings** and their associated custom workflow extension objects from a policy, assign an empty collection to the **customExtensionStageSettings** object.
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_accesspackageassignmentpolicy_delete_customExtensionStageSettings"
+}
+-->
+
+```http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197
+Content-Type: application/json
+
+{
+ "id": "5540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with access package custom workflow extension",
+ "description": "Run specified access package custom workflow extension at different stages.",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": []
+ },
+ "accessReviewSettings": null,
+ "customExtensionHandlers": []
+}
+```
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+#### Response
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "4540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with access package custom workflow extension",
+ "description": "Run specified access package custom workflow extension at different stages.",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": []
+ },
+ "accessReviewSettings": null
+}
+```
<!-- {
v1.0 Accesspackageassignmentrequest Resume https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequest-resume.md
+
+ Title: "accessPackageAssignmentRequest: resume"
+description: "Resume accessPackageAssignmentRequest objects."
+ms.localizationpriority: medium
+++
+# accessPackageAssignmentRequest: resume
+Namespace: microsoft.graph
++
+In [Azure AD entitlement management](../resources/entitlementmanagement-overview.md), when an access package policy has been enabled to call out a custom extension and the request processing is waiting for the callback from the customer, the customer can initiate a resume action. It is performed on an [accessPackageAssignmentRequest](../resources/accesspackageassignmentrequest.md) object whose **requestStatus** is in a `WaitingForCallback` state.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+| Delegated (work or school account) | EntitlementManagement.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/entitlementManagement/accessPackageAssignmentRequests/{accessPackageAssignmentRequestId}/resume
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|source|String|Source from where customer is trying to resume the request, which can be stored in service and will be helpful for auditing.|
+|type|String|Indicate at which stage the custom callout extension was executed. The possible values are: `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated`, `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestApproved`, `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestGranted`, `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestRemoved`|
+|data|[accessPackageAssignmentRequestCallbackData](../resources/accesspackageassignmentrequestcallbackdata.md)| Contains information about the instance of the callout that was made to the customer endpoint. |
+++
+## Response
+
+If successful, this action returns a `204 No Content` response code.
+
+## Examples
+
+### Example 1: Resume an access package assignment request
+
+#### Request
+The following is an example of a call to resume an access package assignment request that's waiting for a callback.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "accesspackageassignmentrequestthis.resume"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentRequests/0e60f18c-b2a0-4887-9da8-da2e30a39d99/resume
+Content-Type: application/json
+
+{
+ "source": "Contoso.SodCheckProcess",
+ "type": "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
+ "data": {
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData",
+ "stage": "assignmentRequestCreated",
+ "customExtensionStageInstanceId": "957d0c50-466b-4840-bb5b-c92cea7141ff",
+ "customExtensionStageInstanceDetail": "This user is all verified"
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Resume and deny an access package assignment request
+
+#### Request
+The following is an example to resume the processing of an access package assignment request by denying the request that's waiting for a callback. A request cannot be denied at the `assignmentRequestCreated` stage of the callout.
+<!-- {
+ "blockType": "request"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentRequests/9e60f18c-b2a0-4887-9da8-da2e30a39d99/resume
+Content-Type: application/json
+
+{
+ "source": "Contoso.SodCheckProcess",
+ "type": "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
+ "data": {
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData",
+ "stage": "AssignmentRequestCreated",
+ "customExtensionStageInstanceId": "857d0c50-466b-4840-bb5b-c92cea7141ff",
+ "state": "denied",
+ "customExtensionStageInstanceDetail": "Potential risk user based on the SOD check"
+ }
+}
+```
++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequestworkflowextension-delete.md
+
+ Title: "Delete accessPackageAssignmentRequestWorkflowExtension"
+description: "Delete an accessPackageAssignmentRequestWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Delete accessPackageAssignmentRequestWorkflowExtension
+Namespace: microsoft.graph
++
+Delete an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object. The custom workflow extension must first be removed from any associated [policies](../resources/accesspackageassignmentpolicy.md) before it can be deleted. Follow these steps to remove the custom workflow extension from any associated policies:
+1. First retrieve the accessPackageCatalogId by calling the [Get accessPackageAssignmentPolicies](accesspackageassignmentpolicy-get.md) operation and appending `?$expand=accessPackage($expand=accessPackageCatalog)` to the query. For example, `https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies?$expand=accessPackage($expand=accessPackageCatalog)`.
+2. Use the access package catalog ID and retrieve the ID of the **accessPackageCustomWorkflowExtension** object that you want to delete by running the [List accessPackageCustomWorkflowExtensions](accesspackagecatalog-list-accesspackagecustomworkflowextensions.md) operation.
+3. Call the [Update accessPackageAssignmentPolicy](accesspackageassignmentpolicy-update.md) operation to remove the custom workflow extension object from the policy. For an example, see [Example 3: Remove the customExtensionStageSettings from a policy](accesspackageassignmentpolicy-update.md#example-3-remove-the-customextensionstagesettings-from-a-policy).
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application| EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "delete_accesspackageassignmentrequestworkflowextension"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/E3D4CE35-B16A-4E19-ADF2-616B64D336DC
+```
++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequestworkflowextension-get.md
+
+ Title: "Get accessPackageAssignmentRequestWorkflowExtension"
+description: "Read the properties and relationships of an accessPackageAssignmentRequestWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Get accessPackageAssignmentRequestWorkflowExtension
+Namespace: microsoft.graph
++
+Read the properties and relationships of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions/{accessPackageCustomWorkflowExtensionId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accesspackageassignmentrequestworkflowextension"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequestworkflowextension-update.md
+
+ Title: "Update accessPackageAssignmentRequestWorkflowExtension"
+description: "Update the properties of an accessPackageAssignmentRequestWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Update accessPackageAssignmentRequestWorkflowExtension
+Namespace: microsoft.graph
++
+Update the properties of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PUT /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Authentication type. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|description|String|Description for the accessPackageCustomWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|displayName|String|Display name for the accessPackageCustomWorkflowExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The timeout duration for callback. Optional.|
+++
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_accesspackageassignmentrequestworkflowextension"
+}
+-->
+``` http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124_email",
+ "description": "this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
v1.0 Accesspackageassignmentworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentworkflowextension-delete.md
+
+ Title: "Delete accessPackageAssignmentWorkflowExtension"
+description: "Delete an accessPackageAssignmentWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Delete accessPackageAssignmentWorkflowExtension
+Namespace: microsoft.graph
++
+Delete an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object. The custom workflow extension must first be removed from any associated [policies](../resources/accesspackageassignmentpolicy.md) before it can be deleted. Follow these steps to remove the custom workflow extension from any associated policies:
+1. First retrieve the accessPackageCatalogId by calling the [Get accessPackageAssignmentPolicies](accesspackageassignmentpolicy-get.md) operation and appending `?$expand=accessPackage($expand=accessPackageCatalog)` to the query. For example, `https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies?$expand=accessPackage($expand=accessPackageCatalog)`.
+2. Use the access package catalog ID and retrieve the ID of the **accessPackageCustomWorkflowExtension** object that you want to delete by running the [List accessPackageCustomWorkflowExtensions](accesspackagecatalog-list-accesspackagecustomworkflowextensions.md) operation.
+3. Call the [Update accessPackageAssignmentPolicy](accesspackageassignmentpolicy-update.md) operation to remove the custom workflow extension object from the policy. For an example, see [Example 3: Remove the customExtensionStageSettings from a policy](accesspackageassignmentpolicy-update.md#example-3-remove-the-customextensionstagesettings-from-a-policy).
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application| EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "delete_accesspackageassignmentworkflowextension"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/5FD6D8D5-E8F1-4B54-A1E6-1D0FE0B6E6EC
+```
++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Accesspackageassignmentworkflowextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentworkflowextension-get.md
+
+ Title: "Get accessPackageAssignmentWorkflowExtension"
+description: "Read the properties and relationships of an accessPackageAssignmentWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Get accessPackageAssignmentWorkflowExtension
+Namespace: microsoft.graph
++
+Read the properties and relationships of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions/{accessPackageCustomWorkflowExtensionId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accesspackageassignmentworkflowextension"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0127_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/7ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
v1.0 Accesspackageassignmentworkflowextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentworkflowextension-update.md
+
+ Title: "Update accessPackageAssignmentWorkflowExtension"
+description: "Update the properties of an accessPackageAssignmentWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Update accessPackageAssignmentWorkflowExtension
+Namespace: microsoft.graph
++
+Update the properties of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PUT /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Authentication type. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|description|String|Description for the accessPackageCustomWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|displayName|String|Display name for the accessPackageCustomWorkflowExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The timeout duration for callback. Optional.|
+++
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_accesspackageassignmentworkflowextension"
+}
+-->
+``` http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0127_email",
+ "description": "this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/7ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
v1.0 Accesspackagecatalog List Accesspackagecustomworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-list-accesspackagecustomworkflowextensions.md
+
+ Title: "List accessPackagecustomWorkflowExtensions"
+description: "Get a list of the accessPackageCustomWorkflowExtension objects and their properties."
+
+ms.localizationpriority: medium
++
+# List accessPackageCustomWorkflowExtensions
+Namespace: microsoft.graph
++
+Get a list of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) and [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) objects and their properties. The resulting list includes all the **customAccessPackageWorkflowExtension** objects for the catalog that the caller has access to read. Each object includes an `@odata.type` property that indicates whether the object is an **accessPackageAssignmentRequestWorkflowExtension** or an **accessPackageAssignmentWorkflowExtension**.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions
+```
+
+## Optional query parameters
+This method supports the `$select` and `$filter` OData query parameters to help customize the response. For example, to search for access packages with a particular name, include a filter such as `$filter=contains(tolower(displayName),'team')` in the query. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) objects in the response body.
+
+## Examples
+
+### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "list_accesspackagecustomworkflowextension"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions
+```
+
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.customCalloutExtension)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions",
+ "value":[
+ {
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ },
+ {
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/9ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+ ]
+}
+```
v1.0 Accesspackagecatalog Post Accesspackagecustomworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-post-accesspackagecustomworkflowextensions.md
+
+ Title: "Create accessPackageCustomWorkflowExtension"
+description: "Create a new accessPackageCustomWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Create accessPackageCustomWorkflowExtension
+Namespace: microsoft.graph
++
+Create a new [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object and add it to an existing [accessPackageCatalog](../resources/accesspackagecatalog.md) object.
+
+You must explicitly provide an `@odata.type` property that indicates whether the object is an **accessPackageAssignmentRequestWorkflowExtension** or an **accessPackageAssignmentWorkflowExtension**.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.
+
+You can specify the following properties when creating a **accessPackageCustomWorkflowExtension**.
+
+|Property|Type|Description|
+|:|:|:|
+|description|String|Description for the customAccessPackageWorkflowExtension object.|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow.|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow.|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The callback configuration for a custom extension. This is suppoted for `accessPackageAssignmentRequestWorkflowExtension`. |
+
+You must also supply an **@odata.type** property with a value of the specific access package workflow extension type. For example, `"@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension"`.
+
+## Response
+
+If successful, this method returns a `201 Created` response code and a [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object in the response body.
+
+## Examples
+
+### Example 1: Create a custom extension for use with an access package assignment request
+The following is an example of a access package assignment request custom workflow extension.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accessPackageAssignmentRequestWorkflowExtension"
+}
+-->
+
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackagecustomWorkflowExtensions
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "displayName":"test_action_0124_email",
+ "description":"this is for graph testing only",
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customCalloutExtension"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
+### Example 2: Create a custom extension for use with an access package assignment
+The following is an example of a access package assignment custom workflow extension.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accessPackageAssignmentWorkflowExtension"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackagecustomWorkflowExtensions
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "displayName":"test_action_0127_email",
+ "description":"this is for graph testing only",
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customCalloutExtension"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0127_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/7ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
v1.0 Accesspackagecatalog Post Customaccesspackageworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md
If successful, this method returns a `201 Created` response code and a [customAc
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_customaccesspackageworkflowextension_from_"
+ "name": "create_customaccesspackageworkflowextension_"
} --> ``` http
Content-Type: application/json
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Accessreviewinstance Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewinstance-update.md
Attempting to remove existing **fallbackReviewers** returns a `409 Conflict` res
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_accessreviewinstance"
+ "name": "update_accessreviewinstance_e1"
} --> ```msgraph-interactive
v1.0 Administrativeunit Delete Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-delete-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | AdministrativeUnit.ReadWrite.All |
-To remove a member from an administrative unit, the calling principal must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-
-* Privileged Role Administrator
-* Global Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Administrativeunit Delete Scopedrolemembers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-delete-scopedrolemembers.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.ReadWrite.Directory |
-To remove a role assignment from an administrative unit, the calling principal must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-
-* Privileged Role Administrator
-* Global Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Administrativeunit Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | AdministrativeUnit.ReadWrite.All |
-To delete an administrative unit, the calling principal must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-
-* Privileged Role Administrator
-* Global Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Administrativeunit Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All | + ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Administrativeunit List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-list-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All |
-> Note: To list the members of a hidden membership in an administrative unit, the Member.Read.Hidden permission is required.
+> [!NOTE]
+> To view the members with a hidden membership in an administrative unit, the app must be granted the `Member.Read.Hidden` delegated or application permission.
+ [!INCLUDE [limited-info](../../includes/limited-info.md)]
v1.0 Administrativeunit Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-post-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | AdministrativeUnit.ReadWrite.All |
-To add a user, group, or device to an administrative unit, the calling principal must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-
-* Privileged Role Administrator
-* Global Administrator
+To add a user, group, or device to an administrative unit, the calling user must be assigned the *Privileged Role Administrator* [Azure AD role](/azure/active-directory/roles/permissions-reference).
### Permissions to create a new group |Permission type | Permissions (from least to most privileged) |
To add a user, group, or device to an administrative unit, the calling principal
|Delegated (personal Microsoft account) | Not supported. | |Application | Directory.ReadWrite.All |
-To create a new group in an administrative unit, the calling principal must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-
-* Privileged Role Administrator
-* Global Administrator
-* Groups Administrator
+To create a new group in an administrative unit, the calling user must be assigned the *Privileged Role Administrator* or *Groups Administrator* [Azure AD role](/azure/active-directory/roles/permissions-reference).
## HTTP request
Content-type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#groups/$entity",
- "id": "45b7d2e7-b882-4a80-ba97-10b7a63b8fa4",
- "deletedDateTime": null,
- "classification": null,
- "createdDateTime": "2018-12-22T02:21:05Z",
- "description": "Self help community for golf",
- "displayName": "Golf Assist",
- "expirationDateTime": null,
- "groupTypes": [
- "Unified"
- ],
+ "id": "45b7d2e7-b882-4a80-ba97-10b7a63b8fa4",
+ "deletedDateTime": null,
+ "classification": null,
+ "createdDateTime": "2018-12-22T02:21:05Z",
+ "description": "Self help community for golf",
+ "displayName": "Golf Assist",
+ "expirationDateTime": null,
+ "groupTypes": [
+ "Unified"
+ ],
"isAssignableToRole": null,
- "mail": "golfassist@contoso.com",
- "mailEnabled": true,
- "mailNickname": "golfassist",
- "membershipRule": null,
- "membershipRuleProcessingState": null,
- "onPremisesLastSyncDateTime": null,
- "onPremisesSecurityIdentifier": null,
- "onPremisesSyncEnabled": null,
- "preferredDataLocation": "CAN",
- "preferredLanguage": null,
- "proxyAddresses": [
- "SMTP:golfassist@contoso.onmicrosoft.com"
- ],
- "renewedDateTime": "2018-12-22T02:21:05Z",
- "resourceBehaviorOptions": [],
- "resourceProvisioningOptions": [],
- "securityEnabled": false,
+ "mail": "golfassist@contoso.com",
+ "mailEnabled": true,
+ "mailNickname": "golfassist",
+ "membershipRule": null,
+ "membershipRuleProcessingState": null,
+ "onPremisesLastSyncDateTime": null,
+ "onPremisesSecurityIdentifier": null,
+ "onPremisesSyncEnabled": null,
+ "preferredDataLocation": "CAN",
+ "preferredLanguage": null,
+ "proxyAddresses": [
+ "SMTP:golfassist@contoso.onmicrosoft.com"
+ ],
+ "renewedDateTime": "2018-12-22T02:21:05Z",
+ "resourceBehaviorOptions": [],
+ "resourceProvisioningOptions": [],
+ "securityEnabled": false,
"securityIdentifier": "S-1-12-1-1753967289-1089268234-832641959-555555555",
- "theme": null,
- "visibility": "Public",
- "onPremisesProvisioningErrors": []
+ "theme": null,
+ "visibility": "Public",
+ "onPremisesProvisioningErrors": []
} ```
v1.0 Administrativeunit Post Scopedrolemembers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-post-scopedrolemembers.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.ReadWrite.Directory |
-To assign Azure AD roles with an administrative unit scope, the calling principal must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-
-* Privileged Role Administrator
-* Global Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Adminwindowsupdates List Deployments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/adminwindowsupdates-list-deployments.md
If successful, this method returns a `200 OK` response code and a collection of
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_deployment"
+ "name": "list_deployment_e1"
} --> ``` http
v1.0 Agreement Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Not supported. |
-When calling on behalf of a user, the user needs to belong to one of the following directory roles. To learn more about directory roles, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Conditional Access Administrator
-+ Security Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Agreement Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Not supported. |
-When calling on behalf of a user, the user needs to belong to one of the following directory roles. To learn more about directory roles, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Conditional Access Administrator
-+ Security Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Agreement Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Not supported. |
-When calling on behalf of a user, the user needs to belong to one of the following directory roles. To learn more about directory roles, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Conditional Access Administrator
-+ Security Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Appmanagementpolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appManagementPolicy-delete.md
Delete an [appManagementPolicy](../resources/appManagementPolicy.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Policy.ReadWrite.ApplicationConfiguration |
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
## HTTP request
The following is an example of the request.
"name": "delete_appManagementPolicy" }-->
-```msgraph-interactive
+```http
DELETE https://graph.microsoft.com/beta/policies/appManagementPolicies/{id} ```
v1.0 Appmanagementpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appManagementPolicy-list-appliesTo.md
List application and service principal objects assigned an [appManagementPolicy]
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
| Delegated (work or school account) | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
| Application | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration | ## HTTP request
v1.0 Appmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appManagementPolicy-update.md
Update an [appManagementPolicy](../resources/appManagementPolicy.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Policy.ReadWrite.ApplicationConfiguration |
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
## HTTP request
In the request body, supply the values for relevant fields from the [appManageme
Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
-| Property | Type | Description |
-|:|:-|:--|
-| displayName | String | The display name of the policy. Inherited from [policyBase](../resources/policybase.md). |
-| description | String | The description of the policy. Inherited from [policyBase](../resources/policybase.md). |
-| isEnabled | Boolean | Denotes whether the policy is enabled. |
-| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
+| Property | Type | Description |
+| :-- | :-- | : |
+| displayName | String | The display name of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| description | String | The description of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| isEnabled | Boolean | Denotes whether the policy is enabled. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
## Response
The following is an example of the request.
"name": "update_appManagementPolicy" }-->
-```msgraph-interactive
+```http
PATCH https://graph.microsoft.com/beta/policies/appManagementPolicies/{id} {
v1.0 Appcatalogs List Teamsapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appcatalogs-list-teamsapps.md
One of the following permissions is required to call this API. To learn more, in
| Permission Type | Permissions (from least to most privileged) | |:|:|
-| Delegated (work or school account) | AppCatalog.Submit, AppCatalog.Read.All, AppCatalog.ReadWrite.All, Directory.Read.All**, Directory.ReadWrite.All** |
+| Delegated (work or school account) | AppCatalog.Submit, AppCatalog.Read.All, AppCatalog.ReadWrite.All, Directory.Read.All<sup>1</sup>, Directory.ReadWrite.All<sup>1</sup> |
| Delegated (personal Microsoft account) | Not supported. | | Application | AppCatalog.Read.All, AppCatalog.ReadWrite.All |
-> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
+> **Note**:
+<br><sup>1</sup> These permissions are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission and avoid using these permissions going forward.
## HTTP request
Content-Type: application/json
"azureADAppId": null, "displayName": "Test App", "version": "1.0.1",
- "requiredResourceSpecificApplicationPermissions": [],
- "publishingState": "published"
+ "publishingState": "published",
+ "authorization":
+ {
+ "requiredPermissionSet":
+ {
+ "resourceSpecificPermissions": []
+ }
+ }
} ] }
Content-Type: application/json
"azureADAppId": null, "displayName": "Ducks-3", "version": "1.0.9",
- "requiredResourceSpecificApplicationPermissions": [],
"publishingState": "rejected", "shortdescription": "quaerat quasi magnam. slight change. 5", "description": "Aliquid placeat animi debitis accusamus. Non perferendis ullam. Quis est consequuntur vitae provident. Sunt laudantium id aut. slight change 5",
Content-Type: application/json
"userIdentityType": "aadUser" } },
+ "authorization": {
+ "requiredPermissionSet": {
+ "resourceSpecificPermissions": []
+ }
+ },
"bot": { "id": "bb9f67a4-893b-48d7-ab17-40ed466c0f16" }
Content-Type: application/json
"azureADAppId": "d75abc57-8255-4309-9c29-a3c689e20341", "displayName": "Self-Install-App-E2E-Tests", "version": "6.0.0",
- "requiredResourceSpecificApplicationPermissions": [],
"publishingState": "submitted", "shortdescription": "A conversational smart assistant from MSX that surfaces real-time insights.", "description": "For MSX Users: A conversational role-based smart assistant that will enable Enterprise sellers (AE, ATS, SSP, TSP) to be more productive by surfacing real-time insights, recommendations, actions and notifications, and by automating repetitive tasks.",
Content-Type: application/json
"userIdentityType": "aadUser" } },
+ "authorization": {
+ "requiredPermissionSet": {
+ "resourceSpecificPermissions": []
+ }
+ },
"bot": { "id": "da7d471b-de7d-4152-8556-1cdf7a564f6c" }
Content-Type: application/json
] } ```
+### Example 7: List applications with a given ID and return only the resource specific permissions required by the app
+
+The following example lists the apps with a given ID and returns the resource-specific permissions that are associated with it.
+
+#### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_teamsapp_with_rsc_permissions"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/appCatalogs/teamsApps?$filter=id+eq+'a5228c26-a9ae-4702-90e0-79a5246d2f7d'&$expand=appDefinitions($select=id,authorization)
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "name": "list_teamsapp_with_rsc_permissions",
+ "@odata.type": "microsoft.graph.teamsApp",
+ "truncated": true,
+ "isCollection": true
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#appCatalogs/teamsApps(appDefinitions(id,authorization))",
+ "value": [
+ {
+ "id": "a5228c26-a9ae-4702-90e0-79a5246d2f7d",
+ "externalId": "a55ec032-36e9-4b60-b604-34b2fe55abf1",
+ "displayName": "teamsDelegatedRscTests",
+ "distributionMethod": "organization",
+ "appDefinitions@odata.context": "https://graph.microsoft.com/beta/$metadata#appCatalogs/teamsApps('a5228c26-a9ae-4702-90e0-79a5246d2f7d')/appDefinitions(id,authorization)",
+ "appDefinitions": [
+ {
+ "id": "YTUyMjhjMjYtYTlhZS00NzAyLTkwZTAtNzlhNTI0NmQyZjdkIyMxLjAuMCMjUHVibGlzaGVk",
+ "authorization": {
+ "requiredPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "Channel.Create.Group",
+ "permissionType": "application"
+ },
+ {
+ "permissionValue": "Channel.Delete.Group",
+ "permissionType": "application"
+ },
+ {
+ "permissionValue": "ChannelMeeting.ReadBasic.Group",
+ "permissionType": "delegated"
+ }
+ ]
+ }
+ }
+ }
+ ]
+ }
+ ]
+}
+```
## See also - [List apps installed in a team](team-list-installedapps.md) - [List apps installed in a chat](chat-list-installedapps.md) - [List apps installed in the personal scope of a user](userteamwork-list-installedapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
v1.0 Application Delete Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-delete-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies/{id}/$ref
+DELETE https://graph.microsoft.com/beta/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/$ref
``` # [C#](#tab/csharp)
DELETE https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies/
The following is an example of the response.
-> **Note:** The response object shown here might be shortened for readability.
- <!-- { "blockType": "response", "truncated": true
v1.0 Application List Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-list-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies
+GET https://graph.microsoft.com/beta/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.tokenLifetimePolicy)",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Application Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-POST https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies
+POST https://graph.microsoft.com/beta/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/$ref
Content-Type: application/json {
- "@odata.id":"https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/cd3d9b57-0aee-4f25-8ee3-ac74ef5986a9"
+ "@odata.id":"https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4"
} ```
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/create-tokenlifetimepolicy-from-application-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/create-tokenlifetimepolicy-from-application-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Appmanagementpolicy Delete Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-delete-appliesto.md
+
+ Title: "Remove appliesTo"
+description: "Remove an appManagementPolicy from an application or service principal object."
+ms.localizationpriority: medium
+++
+# Remove appliesTo
+
+Namespace: microsoft.graph
++
+Remove an [appManagementPolicy](../resources/appManagementPolicy.md) policy object from an application or service principal object. When you remove the appManagementPolicy, the application or service principal adopts the tenant-wide [tenantAppManagementPolicy](../resources/tenantappmanagementpolicy.md) setting.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /applications/{id}/appManagementPolicies/$ref
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Example 1: Remove an appManagementPolicy from an application object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from an application.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo_e1"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/beta/applications/{id}/appManagementPolicies/$ref
+Content-type: application/json
+
+{
+ "@odata.id":"https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Remove an appManagementPolicy from a service principal object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from a service principal.
+++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo_e2"
+}-->
+
+``` http
+DELETE https://graph.microsoft.com/beta/servicePrincipals/{id}/appManagementPolicies/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-get.md
Read the properties of an [appManagementPolicy](../resources/appManagementPolicy
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
+| Permission type | Permissions (from least to most privileged) |
| :- | : | | Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration | | Delegated (personal Microsoft account) | Not supported. |
v1.0 Appmanagementpolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-list.md
Retrieve a list of [appManagementPolicy](../resources/appManagementPolicy.md) ob
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
+| Permission type | Permissions (from least to most privileged) |
| :- | : | | Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration | | Delegated (personal Microsoft account) | Not supported. |
v1.0 Appmanagementpolicy Post Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-post-appliesto.md
Assign an [appManagementPolicy](../resources/appManagementPolicy.md) policy obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration | ## HTTP request
POST /applications/{id}/appManagementPolicies/$ref
## Request headers | Name | Description |
-|:--|:-|
+| : | :-- |
| Authorization | Bearer {token}. Required. | | Content-Type | application/json. Required. |
The following is an example of the request to assign an appManagementPolicy to a
"name": "ApplicationsAppManagementPolicies" }-->
-```msgraph-interactive
+```http
POST https://graph.microsoft.com/beta/applications/{id}/appManagementPolicies/$ref Content-type: application/json
v1.0 Appmanagementpolicy Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-post.md
Create an [appManagementPolicy](../resources/appManagementPolicy.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Policy.ReadWrite.ApplicationConfiguration |
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
## HTTP request
POST /policies/appManagementPolicies
| Authorization | Bearer {token}. Required. | | Content-Type | application/json. Required. |
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
## Request body
-In the request body, provide a JSON representation of an [appManagementPolicy](../resources/appManagementPolicy.md).
+In the request body, supply a JSON representation of the [appManagementPolicy](../resources/appmanagementpolicy.md) object.
+
+You can specify the following properties when creating an **appManagementPolicy**.
+
+| Property | Type | Description |
+| :-- | :- | : |
+| displayName | String | The display name of the policy. Required. |
+| description | String | The description of the policy. Required. |
+| isEnabled | Boolean | Denotes whether the policy is enabled. Optional. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. Optional. |
## Response
-If successful, this method returns a `201 Created` response code with the new [appManagementPolicy ](../resources/appmanagementpolicy.md) object in the response payload.
+If successful, this method returns a `201 Created` response code with the new [appManagementPolicy](../resources/appmanagementpolicy.md) object in the response payload.
## Examples
v1.0 Attachment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/attachment-delete.md
DELETE /me/calendar/events/{id}/attachments/{id}
DELETE /users/{id | userPrincipalName}/calendar/events/{id}/attachments/{id} ```
-Attachments for an [event](../resources/event.md) in the specified [calendar](../resources/calendar.md) belonging to the user.
+Attachments for an [event](../resources/event.md) in the specified [calendar](../resources/calendar.md) that belongs to the user.
<!-- { "blockType": "ignored" } --> ```http DELETE /me/calendars/{id}/events/{id}/attachments/{id}
DELETE /groups/{id}/events/{id}/attachments/{id}
DELETE /groups/{id}/calendar/events/{id}/attachments/{id} -->
-Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) belonging to the user's default [calendarGroup](../resources/calendargroup.md).
+Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) that belongs to the user's default [calendarGroup](../resources/calendargroup.md).
<!-- { "blockType": "ignored" } --> ```http DELETE /me/calendars/{id}/events/{id}/attachments/{id} DELETE /users/{id | userPrincipalName}/calendars/{id}/events/{id}/attachments/{id} ```
-Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) belonging to a user's [calendarGroup](../resources/calendargroup.md).
+Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) that belongs to a user's [calendarGroup](../resources/calendargroup.md).
<!-- { "blockType": "ignored" } --> ```http DELETE /me/calendargroups/{id}/calendars/{id}/events/{id}/attachments/{id}
DELETE /me/mailFolders/{id}/messages/{id}/attachments/{id}
DELETE /users/{id | userPrincipalName}/mailFolders/{id}/messages/{id}/attachments/{id} ```
-Attachments for a [message](../resources/message.md) contained in a child folder of a [mailFolder](../resources/mailfolder.md) in a user's mailbox. The
-example below shows one level of nesting, but a message can be located in a child of a child and so on.
+Attachments for a [message](../resources/message.md) contained in a child folder of a [mailFolder](../resources/mailfolder.md) in a user's mailbox. The following
+example shows one level of nesting, but a message can be located in a child of a child and so on.
<!-- { "blockType": "ignored" } --> ```http
DELETE /me/outlook/tasks/{id}/attachments/{id}
DELETE /users/{id}/outlook/tasks/{id}/attachments/{id} ```
-Attachments for a [post](../resources/post.md) in a [thread](../resources/conversationthread.md) belonging to a [conversation](../resources/conversation.md) of a group.
+Attachments for a [post](../resources/post.md) in a [thread](../resources/conversationthread.md) that belongs to a [conversation](../resources/conversation.md) of a group.
<!-- { "blockType": "ignored" } --> ```http
Do not supply a request body for this method.
## Response
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Example ### Request
-Here is an example of the request to delete an attachment on an event.
+The following is an example of the request to delete an attachment on an event.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/beta/me/events/{id}/attachments/{id}
### Response
-Here is an example of the response.
+The following is an example of the response.
<!-- { "blockType": "response", "truncated": true
HTTP/1.1 204 No Content
] } -->--
v1.0 Authentication List Emailmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-list-emailmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own email authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/emailMethods
+```
+
+Get details of your own or another user's email authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/emailMethods ```
v1.0 Authentication List Methods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-list-methods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
+List your own authentication methods.
<!-- { "blockType": "ignored" } -->-
-```http
+``` http
GET /me/authentication/methods
+```
+
+List your own or another user's authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/methods ```
v1.0 Authentication List Passwordmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-list-passwordmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
+Get details of your own password authentication method.
<!-- { "blockType": "ignored" } -->- ```http GET /me/authentication/passwordMethods
+```
+
+Get details of your own or another user's password authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/passwordMethods ```
v1.0 Authentication List Phonemethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-list-phonemethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
+List your own phone authentication methods.
<!-- { "blockType": "ignored" } -->-
-```http
+``` http
GET /me/authentication/phoneMethods
+```
+
+List your own or another user's phone authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/phoneMethods ```
v1.0 Authentication List Softwareoathmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-list-softwareoathmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs [one of the following directory roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global Reader
-* Authentication administrator
-* Privileged authentication administrator
-* Global administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own software OATH token authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/softwareOathMethods
+```
+
+Get details of your own or another user's software OATH token authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/softwareOathMethods ```
v1.0 Authentication List Temporaryaccesspassmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-list-temporaryaccesspassmethods.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve a list of a user's [temporaryAccessPassAuthenticationMethod](../resources/temporaryaccesspassauthenticationmethod.md) objects and their properties. This API will only return a single object in the collection as a user can have only one Temporary Access Pass method.
+Retrieve a list of a user's [temporaryAccessPassAuthenticationMethod](../resources/temporaryaccesspassauthenticationmethod.md) objects and their properties. This API will only return a single object in the collection as a user can have only one Temporary Access Pass (TAP) method.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
| Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
+Get details of your own temporary access pass (TAP) authentication method.
+<!-- { "blockType": "ignored" } -->
+```http
GET /me/authentication/temporaryAccessPassMethods
+```
+
+Get details of your own or another user's temporary access pass (TAP) authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods ```
v1.0 Authentication Post Emailmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-post-emailmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Add an email method to your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+``` http
+POST /me/authentication/emailMethods
+```
+
+Add an email authentication method to another user's account.
+<!-- { "blockType": "ignored" } -->
``` http POST /users/{id | userPrincipalName}/authentication/emailMethods ```
v1.0 Authentication Post Phonemethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-post-phonemethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
+Add a phone authentication method to your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
<!-- { "blockType": "ignored" } -->- ```http POST /me/authentication/phoneMethods
+```
+
+Add a phone authentication method to another user's account.
+<!-- { "blockType": "ignored" } -->
+```http
POST /users/{id | userPrincipalName}/authentication/phoneMethods ```
v1.0 Authentication Post Temporaryaccesspassmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authentication-post-temporaryaccesspassmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
v1.0 Authenticationflowspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationflowspolicy-update.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-PATCH https://graph.microsoft.com/beta/policies/authenticationFlowsPolicy
+PATCH /policies/authenticationFlowsPolicy
``` ## Request headers
v1.0 Authenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | Not supported. | | Application | Not applicable. | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
v1.0 Authenticationmethod Resetpassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethod-resetpassword.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | Not supported. |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
v1.0 Authenticationmethodspolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodspolicy-get.md
Title: "Get authenticationMethodsPolicy" description: "Read the properties and relationships of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Authenticationmethodspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodspolicy-update.md
Title: "Update authenticationMethodsPolicy" description: "Update the properties of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Authenticationoperation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationoperation-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | Not supported. | | Application | Not supported. | Not supported. |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
v1.0 Authorizationpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authorizationpolicy-get.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET /policies/authorizationPolicy/authorizationPolicy
+GET /policies/authorizationPolicy
``` ## Request headers
If successful, this method returns a `200 OK` response code and the single [auth
The following is an example of the request. ```msgraph-interactive
-GET https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy
+GET https://graph.microsoft.com/beta/policies/authorizationPolicy
```
v1.0 Bookingappointment Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bookingappointment-cancel.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http POST /bookingBusinesses/{id}/appointments/{id}/cancel- ``` ## Request headers
In the request body, provide a JSON object with the following parameters.
If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
-If you attempt to cancel an appointment that does not exist, this method returns `HTTP 404 Not found`.
+If you attempt to cancel an appointment that does not exist, this method returns `HTTP 404 Not Found`.
## Example
-The following is an example of how to call this API.
- ### Request The following is an example of the request.
HTTP/1.1 204 No content
] } -->--
v1.0 Browsersitelist Delete Sharedcookies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/browsersitelist-delete-sharedcookies.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "delete_browsersharedcookie",
+ "name": "delete_browsersharedcookie_e1",
"@odata.type": "microsoft.graph.browserSharedCookie", "sampleKeys": ["7cf831d2-8a9b-4826-b120-911566f6fd6a", "07b4cc32-237f-4a1a-9d7f-531efc26220e"] }
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "delete_browsersharedcookie",
+ "name": "delete_browsersharedcookie_e2",
"sampleKeys": ["7cf831d2-8a9b-4826-b120-911566f6fd6a", "07f4030f-45ff-4ad1-9277-3b8f6ee74141"] } -->
v1.0 Browsersitelist Delete Sites https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/browsersitelist-delete-sites.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "delete_browsersite",
+ "name": "delete_browsersite_e1",
"sampleKeys": ["07f4030f-45ff-4ad1-9277-3b8f6ee74141", "a22cbc85-d5d2-4e61-8414-42e6704c36f7"] } -->
HTTP/1.1 204 No Content
The following is an example of a request. <!-- { "blockType": "request",
- "name": "delete_browsersite",
+ "name": "delete_browsersite_e2",
"sampleKeys": ["07f4030f-45ff-4ad1-9277-3b8f6ee74141", "a22cbc85-d5d2-4e61-8414-42e6704c36f7"] } -->
v1.0 Browsersitelist Publish https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/browsersitelist-publish.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "browsersitelist_publish",
+ "name": "browsersitelist_publish_e1",
"sampleKeys": ["36ba61eb-c492-4283-a38b-963a1dbb2f69"] } -->
Content-Type: application/json
The following is an example of a request. <!-- { "blockType": "request",
- "name": "browsersitelist_publish",
+ "name": "browsersitelist_publish_e2",
"sampleKeys": ["36ba61eb-c492-4283-a38b-963a1dbb2f69"] } -->
v1.0 Bundle List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bundle-list.md
To request an enumeration of all bundles defined in the drive, you can make a re
The following is an example of a request. # [HTTP](#tab/http)
-<!-- { "blockType": "request", "name": "list-all-bundles", "tags": "service.onedrive" } -->
+<!-- { "blockType": "request", "name": "list-all-bundles_e1", "tags": "service.onedrive" } -->
```msgraph-interactive GET https://graph.microsoft.com/beta/drive/bundles
To filter the list of bundles returned from a request to the bundles collection,
The following is an example of a request. # [HTTP](#tab/http)
-<!-- {"blockType": "request", "name": "list-album-bundles", "tags": "service.onedrive" } -->
+<!-- {"blockType": "request", "name": "list-album-bundles-e2", "tags": "service.onedrive" } -->
```msgraph-interactive GET https://graph.microsoft.com/beta/drive/bundles?filter=bundle/album%20ne%20null
v1.0 Businessscenarioplanner List Tasks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/businessscenarioplanner-list-tasks.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_businessscenariotask",
+ "name": "list_businessscenariotask_e1",
"sampleKeys": ["c5d514e6c6864911ac46c720affb6e4d"] } -->
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_businessscenariotask",
+ "name": "list_businessscenariotask_e2",
"sampleKeys": ["c5d514e6c6864911ac46c720affb6e4d"] } -->
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_businessscenariotask",
+ "name": "list_businessscenariotask_e3",
"sampleKeys": ["c5d514e6c6864911ac46c720affb6e4d"] } -->
v1.0 Calendar List Events https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/calendar-list-events.md
Retrieve a list of events in a calendar. The calendar can be one for a [user](.
To get expanded event instances, you can [get the calendar view](calendar-list-calendarview.md), or [get the instances of an event](event-list-instances.md).
+> [!NOTE]
+> If your target mailbox calendar contains any private items, the caller must either:
+> * Be granted `FullAccess` mailbox permissions over the target mailbox (via the [Add-MailboxPermission](/powershell/module/exchange/add-mailboxpermission) cmdlet).
+> * Be granted the `Delegate` + `CanViewPrivateItems` flags (similar to the previous option, but through the [Add-MailboxFolderPermission](/powershell/module/exchange/add-mailboxfolderpermission) cmdlet). This option routes all meeting requests to the delegate mailbox. For a workaround, see [SharingPermissionFlags](/powershell/module/exchange/add-mailboxfolderpermission?view=exchange-ps#-sharingpermissionflags).
+>
+> Failure to meet these conditions will result in a `The specified object was not found in the store` response.
+ ## Permissions Depending on the type of calendar that the events are in and the permission type (delegated or application) requested, one of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Callrecords Callrecord Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/callrecords-callrecord-get.md
There are two ways to get the **id** of a **callRecord**:
* Subscribe to [change notifications](/graph/api/resources/webhooks) to the `/communications/callRecords` endpoint. * Use the **callChainId** property of a [call](../resources/call.md). The call record is available only after the associated call is completed.
+> [!WARNING]
+>
+> A call record is created after a call or meeting ends and will remain available for **30 days**. Requests for call records older than 30 days will receive a `404 Not Found` response.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body.
+If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body. A request for a call record older than 30 days will receive a `404 Not Found` response.
## Examples
GET https://graph.microsoft.com/beta/communications/callRecords/{id}?$expand=ses
#### Response
-The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions.
+The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions. The default page size for sessions is 60 entries.
> **Note:** The response object shown here might be shortened for readability.
v1.0 Calltranscript Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/calltranscript-get.md
If successful, this method returns a `200 OK` response code and a [callTranscrip
## Examples
+> [!NOTE]
+> The docx format for transcripts will be deprecated starting May 31, 2023.
+ ### Example 1: Get a callTranscript #### Request
GET https://graph.microsoft.com/beta/users/ba321e0d-79ee-478d-8e28-85a19507f456/
#### Response
-Response contains bytes for the transcript in the body. `content-type` header specifies type of the transcript content.
+Response contains bytes for the transcript in the body. `content-type` header specifies type of the transcript content. Negative offsets indicate that the transcription began while the conversation was ongoing.
+ >**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
WEBVTT
0:0:0.0 --> 0:0:5.320 <v User Name>This is a transcript test.</v> ```+ ### Example 4: Get a callTranscript content specifying Accept header+
+>**Note:** The docx format and `Accept` header will be deprecated starting May 31, 2023.
+ #### Request # [HTTP](#tab/http)
User Name
This is a transcript test. ``` ### Example 5: Get a callTranscript content with $format getting precedence over the Accept header+
+>**Note:** The docx format and `$format` query parameter will be deprecated starting May 31, 2023.
+ #### Request # [HTTP](#tab/http)
WEBVTT
0:0:0.0 --> 0:0:5.320 <v User Name>This is a transcript test.</v> ```+
+### Example 6: Get a callTranscript metadataContent
+#### Request
+<!-- {
+  "blockType": "request",
+  "name": "get_callTranscript_metadatacontent"
+}
+-->
+``` http
+GET https://graph.microsoft.com/bethkLWFkNDItOTE2ZDNmZjkwZGY4/metadataContent
+```
+
+#### Response
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "stream"
+}
+-->
+```http
+HTTP/1.1 200 OK
+Content-type: text/vtt
+
+WEBVTT
+
+00:00:16.246 --> 00:00:17.726
+{"startDateTime":"2023-03-08T08:22:30.0461639+00:00","endDateTime":"2023-03-08T08:22:31.5261639+00:00","speakerName":"User Name","spokenText":"This is a transcription test.","spokenLanguage":"en-us"}
+```
v1.0 Channel Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/channel-post-members.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "channel_add_member_6",
+ "name": "channel_add_member_e6",
"sampleKeys": ["ece6f0a1-7ca4-498b-be79-edf6c8fc4d82", "19%3ALpxShHZZh9utjNcEmUS5aOEP9ASw85OUn05NcWYAhX81%40thread.tacv2"] } --> ```http
v1.0 Channel Removeemail https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/channel-removeemail.md
If successful, this action returns a `204 No Content` response code.
<!-- { "blockType": "request", "sampleKeys": ["893075dd-2487-4122-925f-022c42e20265", "19:561fbdbbfca848a484f0a6f00ce9dbbd@thread.tacv2"],
- "name": "channel_removeemail"
+ "name": "channel_removeemail_e1"
} --> ```http
v1.0 Chat Get Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-get-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | TeamsAppInstallation.ReadForChat, TeamsAppInstallation.ReadWriteSelfForChat, TeamsAppInstallation.ReadWriteForChat | |Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.Read.Chat*, Chat.Manage.Chat*, TeamsAppInstallation.ReadForChat.All, TeamsAppInstallation.ReadWriteSelfForChat.All, TeamsAppInstallation.ReadWriteForChat.All |
+|Application | TeamsAppInstallation.Read.Chat<sup>1</sup>, Chat.Manage.Chat<sup>1</sup>, TeamsAppInstallation.ReadForChat.All, TeamsAppInstallation.ReadWriteSelfForChat.All, TeamsAppInstallation.ReadWriteForChat.All |
-> **Note**: Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+> **Note**:
+<br><sup>1</sup> These permissions use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
## HTTP request
GET /chats/{chat-id}/installedApps/{app-installation-id}
## Response
-If successful, this method returns a `200 OK` and a [teamsApp](../resources/teamsapp.md) object in the body.
+If successful, this method returns a `200 OK` response code and [teamsAppInstallation](../resources/teamsappinstallation.md) object in the response body.
-## Example
+## Examples
-### Request
+### Example 1 : Get the app installed in the specified chat
+
+#### Request
The following example gets an app installed in the specified chat.
GET https://graph.microsoft.com/beta/chats/19:d65713bc498c4a428c71ef9353e6ce20@t
-### Response
+#### Response
<!-- { "blockType": "response",
Content-type: application/json
"id": "MTk6ZDY1NzEzYmM0OThjNGE0MjhjNzFlZjkzNTNlNmNlMjBAdGhyZWFkLnYyIyMwMDAwMTAxNi1kZTA1LTQ5MmUtOTEwNi00ODI4ZmM4YTg2ODc=" } ```
+### Example 2: Get the set of resource-specific permissions consented for the app installed in the specified chat
+
+The following example gets the list of any [resource-specific permissions that were granted to an app](../resources/teamsapppermissionset.md) as part of installation. A `$select` query parameterd is required to show the consented permission set.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_installedApps_in_chat_select_consentedPermissionSet",
+ "sampleKeys": ["19%5bd86ec7f6b247d3b9e519b0bfef5d03%40thread.v2"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/betNAdGhyZWFkLnYyIyMyYjUyNGUyOC05NWNlLTRjOWItOTc3My00YTViZDZlYzE3NzA=?$select=consentedPermissionSet,id
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "name": "get_installedApps_in_chat_select_consentedPermissionSet",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.teamsAppInstallation",
+ "isCollection": false
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/chats('19%3A5bd86ec7f6b247d3b9e519b0bfef5d03%40thread.v2')/installedApps(consentedPermissionSet,id)/$entity",
+ "id": "MTk6NWJkODZlYzdmNmIyNDdkM2I5ZTUxOWIwYmZlZjVkMDNAdGhyZWFkLnYyIyMyYjUyNGUyOC05NWNlLTRjOWItOTc3My00YTViZDZlYzE3NzA=",
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "OnlineMeeting.ReadBasic.Chat",
+ "permissionType": "delegated"
+ },
+ {
+ "permissionValue": "OnlineMeetingIncomingAudio.Detect.Chat",
+ "permissionType": "delegated"
+ }
+ ]
+ }
+}
+```
+## See also
+- [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC -->
v1.0 Chat Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-get.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_group_chat",
+ "name": "get_group_chat_e1",
"sampleKeys": ["19:b8577894a63548969c5c92bb9c80c5e1@thread.v2"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_chat",
+ "name": "get_chat_e2",
"sampleKeys": ["8b081ef6-4792-4def-b2c9-c363a1bf41d5", "19:8b081ef6-4792-4def-b2c9-c363a1bf41d5_877192bd-9183-47d3-a74c-8aa0426716cf@unq.gbl.spaces"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_chat_withmembers",
+ "name": "get_chat_withmembers_e3",
"sampleKeys": ["19:b8577894a63548969c5c92bb9c80c5e1@thread.v2"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_meeting_chat",
+ "name": "get_meeting_chat_e4",
"sampleKeys": ["19:meeting_ZDZlYTYxOWUtYzdlMi00ZmMxLWIxMTAtN2YzODZlZjAxYzI4@thread.v2"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_meeting_chat",
+ "name": "get_meeting_chat_e5",
"sampleKeys": ["19:ebe3857aa388434bab0cad9d2e09f4de@thread.v2"] }--> ```msgraph-interactive
v1.0 Chat List Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-list-installedapps.md
Namespace: microsoft.graph
List all [app installations](../resources/teamsappinstallation.md) within a [chat](../resources/chat.md).
-> **Note**: If the chat is associated with an [onlineMeeting](../resources/onlinemeeting.md) instance, then, effectively, the **teamsApp**s installed in the meeting will be listed.
+If the chat is associated with an [onlineMeeting](../resources/onlinemeeting.md) instance, then, effectively, the **teamsApp**s installed in the meeting will be listed.
> [!NOTE] > The `id` of a **teamsAppInstallation** resource is not the same value as the `id` of the associated **teamsApp** resource.
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadForChat, TeamsAppInstallation.ReadWriteSelfForChat, TeamsAppInstallation.ReadWriteForChat |
+|Delegated (work or school account) | TeamsAppInstallation.ReadForChat, TeamsAppInstallation.ReadWriteSelfForChat, TeamsAppInstallation.ReadWriteForChat, TeamsAppInstallation.ReadWriteAndConsentSelfForChat<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentForChat<sup>1</sup> |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.Read.Chat*, Chat.Manage.Chat*, TeamsAppInstallation.ReadForChat.All, TeamsAppInstallation.ReadWriteSelfForChat.All, TeamsAppInstallation.ReadWriteForChat.All |
+|Application | TeamsAppInstallation.Read.Chat<sup>1</sup>, Chat.Manage.Chat<sup>1</sup>, TeamsAppInstallation.ReadForChat.All, TeamsAppInstallation.ReadWriteSelfForChat.All, TeamsAppInstallation.ReadWriteForChat.All, TeamsAppInstallation.ReadWriteAndConsentSelfForChat.All<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentForChat.All<sup>1</sup> |
-> **Note**: Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+> **Note**:
+<br><sup>1</sup> These permissions use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
## HTTP request
Content-type: application/json
] } ```
+### Example 4: Get the set of resource specific permissions consented for the apps installed in the specified chat
+
+The following example gets the list of any [resource-specific permissions that were granted to an app](../resources/teamsapppermissionset.md) as part of installation. A `$select` query parameter is required to show the consented permission set.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_installed_apps_in_chat_select_consentedPermissionSet",
+ "sampleKeys": ["19%5bd86ec7f6b247d3b9e519b0bfef5d03%40thread.v2"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/chats/19%5bd86ec7f6b247d3b9e519b0bfef5d03%40thread.v2/installedApps?$select=consentedPermissionSet,id
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "name": "list_installed_apps_in_chat_select_consentedPermissionSet",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.teamsAppInstallation",
+ "isCollection": true
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/chats('19%3A5bd86ec7f6b247d3b9e519b0bfef5d03%40thread.v2')/installedApps(consentedPermissionSet,id)",
+ "value": [
+ {
+ "id": "MTk6NWJkODZlYzdmNmIyNDdkM2I5ZTUxOWIwYmZlZjVkMDNAdGhyZWFkLnYyIyM0ZTVhNmMzYy1jOTU5LTRiY2EtOGRiNy0wMGRiM2E0ODdjZTE=",
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "ChatMessage.Read.Chat",
+ "permissionType": "application"
+ }
+ ]
+ }
+ },
+ {
+ "id": "MTk6NWJkODZlYzdmNmIyNDdkM2I5ZTUxOWIwYmZlZjVkMDNAdGhyZWFkLnYyIyMyYjUyNGUyOC05NWNlLTRjOWItOTc3My00YTViZDZlYzE3NzA=",
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "OnlineMeeting.ReadBasic.Chat",
+ "permissionType": "delegated"
+ },
+ {
+ "permissionValue": "OnlineMeetingIncomingAudio.Detect.Chat",
+ "permissionType": "delegated"
+ }
+ ]
+ }
+ }
+ ]
+}
+```
+ ## See also - [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 Chat Post Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-post-installedapps.md
Install a [teamsApp](../resources/teamsapp.md) to the specified [chat](../resour
> **Notes**: > - If the chat is associated with an [onlineMeeting](../resources/onlinemeeting.md) instance, then, effectively, the **teamsApp** will get installed to the meeting.
-> - Currently, this operation does not support installation of apps that require resource-specific consent permissions. For details, see [Known issues](/graph/known-issues#Installation-of-apps-that-require-resource-specific-consent-permissions-is-not-supported).
+> - Currently, installing an app that requires resource-specific consent permissions is not supported in application context.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForChat, TeamsAppInstallation.ReadWriteForChat |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForChat<sup>1</sup>, TeamsAppInstallation.ReadWriteForChat<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentSelfForChat, TeamsAppInstallation.ReadWriteAndConsentForChat |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | Chat.Manage.Chat*, TeamsAppInstallation.ReadWriteSelfForChat.All, TeamsAppInstallation.ReadWriteForChat.All |
+|Application | Chat.Manage.Chat<sup>2</sup>, TeamsAppInstallation.ReadWriteSelfForChat.All<sup>1</sup>, TeamsAppInstallation.ReadWriteForChat.All<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentSelfForChat.All, TeamsAppInstallation.ReadWriteAndConsentForChat.All |
-> **Note**: Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+> **Note**:
+<br><sup>1</sup> These permissions cannot be used to install apps that require consent to resource-specific permissions.
+<br><sup>2</sup> These permissions use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
## HTTP request
POST /chats/{chat-id}/installedApps
## Request body
-The request body should contain the catalog app's generated app ID. For details, see [teamsApp properties](../resources/teamsapp.md#properties).
+The request body should contain the catalog generated app ID for the app catalog. For details, see [teamsApp properties](../resources/teamsapp.md#properties).
+The following table lists additional parameters that can be used with the request body.
+
+|Parameter|Type|Description|
+|:|:|:|
+|consentedPermissionSet|[teamsAppPermissionSet](../resources/teamsapppermissionset.md)|Set of resource-specific permissions that are being consented to.|
+
+> **Note**: The permissions consented to during the install must be same as the resource-specific permissions present in the [teamsAppDefinition](../resources/teamsAppDefinition.md) of the app. To get the application and delegated resource-specific permissions, see [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app). If only delegated resource-specific permissions are present in **teamsAppDefinition**, permissions can be omitted in the body of this request.
## Response
If successful, this method returns a `201 Created` response code.
## Examples
-### Request
+### Example 1: Install app in a chat
+
+#### Request
# [HTTP](#tab/http)
Content-Type: application/json
-### Response
+#### Response
+
+<!-- {
+ "blockType": "response"
+} -->
+
+```http
+HTTP/1.1 201 Created
+```
+### Example 2: Install app in a chat and and consent to the resource-specific permissions required by the app
+To get the list of resource-specific permissions required by the app, get the app from **appCatalog**, as shown in [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app).
+
+#### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "add_app_in_chat",
+ "sampleKeys": ["19:ea28e88c00e94c7786b065394a61f296@thread.v2"]
+}-->
+
+```http
+POST https://graph.microsoft.com/beta/chats/19:ea28e88c00e94c7786b065394a61f296@thread.v2/installedApps
+Content-Type: application/json
+
+{
+ "teamsApp@odata.bind" : "https://graph.microsoft.com/beta/appCatalogs/teamsApps/2b524e28-95ce-4c9b-9773-4a5bd6ec1770",
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "OnlineMeeting.ReadBasic.Chat",
+ "permissionType": "Delegated"
+ },
+ {
+ "permissionValue": "OnlineMeetingIncomingAudio.Detect.Chat",
+ "permissionType": "Delegated"
+ },
+ {
+ "permissionValue": "ChatMember.Read.Chat",
+ "permissionType": "Application"
+ },
+ {
+ "permissionValue": "ChatMessage.Read.Chat",
+ "permissionType": "Application"
+ }]
+ }
+}
+```
+
+#### Response
<!-- { "blockType": "response"
Content-Type: application/json
HTTP/1.1 201 Created ```
+## See also
+- [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
+ <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 Chat Teamsappinstallation Upgrade https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-teamsappinstallation-upgrade.md
Upgrade an [app installation](../resources/teamsappinstallation.md) within a [ch
> **Notes**: > - If the chat is associated with an [onlineMeeting](../resources/onlinemeeting.md) instance, then effectively, the **teamsApp** installed in the meeting will get upgraded.
-> - Currently, this operation does not support upgrade of apps that require resource-specific consent permissions. For details, see [Known issues](/graph/known-issues#Installation-of-apps-that-require-resource-specific-consent-permissions-is-not-supported).
+> - Currently, upgrading an app that requires resource-specific consent permissions is not supported in application context.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForChat, TeamsAppInstallation.ReadWriteForChat |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForChat<sup>1</sup>, TeamsAppInstallation.ReadWriteForChat<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentSelfForChat, TeamsAppInstallation.ReadWriteAndConsentForChat |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | Chat.Manage.Chat*, TeamsAppInstallation.ReadWriteSelfForChat.All, TeamsAppInstallation.ReadWriteForChat.All |
+|Application | Chat.Manage.Chat<sup>2</sup>, TeamsAppInstallation.ReadWriteSelfForChat.All<sup>1</sup>, TeamsAppInstallation.ReadWriteForChat.All<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentSelfForChat.All, TeamsAppInstallation.ReadWriteAndConsentForChat.All |
-> **Note**: Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+> **Notes:**
+<br><sup>1</sup> These permissions cannot be used to install apps that require consent to resource-specific permissions.
+<br><sup>2</sup> These permissions use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
## HTTP request <!-- { "blockType": "ignored" } -->
One of the following permissions is required to call this API. To learn more, in
```http POST /chats/{chat-id}/installedApps/{app-installation-id}/upgrade ```
+## Request body
+
+In the request body, supply a JSON representation of the parameters.
+
+The following table lists additional parameters that can be used with the upgrade action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|consentedPermissionSet|[teamsAppPermissionSet](../resources/teamsapppermissionset.md)|The set of resource-specific permissions that are being consented to.|
+
+> **Note**:
+> The permissions consented to during the upgrade must be the same as the resource-specific permissions present in the [teamsAppDefinition](../resources/teamsAppDefinition.md) of the app. To get the application and delegated resource-specific permissions, see [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app). If only delegated resource-specific permissions are present in **teamsAppDefinition**, permissions can be omitted in the body of this request.
## Response If successful, this method returns a `204 No Content` response code.
-## Example
+## Examples
+
+### Example 1: Upgrade the teams app installed in chat
-### Request
+#### Request
The following example upgrades an app installed in a chat. # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "upgrade_installedApps_in_chat",
+ "name": "upgrade_installedApps_in_chat_e1",
"sampleKeys": ["19:ea28e88c00e94c7786b065394a61f296@thread.v2", "NjRiOWM3NDYtYjE1NS00MDQyLThkNDctOTQxYmQzODE2ODFiIyMwZDgyMGVjZC1kZWYyLTQyOTctYWRhZC03ODA1NmNkZTdjNzg="] }-->
POST https://graph.microsoft.com/beta/chats/19:ea28e88c00e94c7786b065394a61f296@
-### Response
+#### Response
<!-- { "blockType": "response",
POST https://graph.microsoft.com/beta/chats/19:ea28e88c00e94c7786b065394a61f296@
HTTP/1.1 204 No Content ```
+### Example 2: Upgrade app installed in a chat and consent to the resource specific permissions
+
+To get the list of resource-specific permissions required by the app, get the app from **appCatalog**, as shown in [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app).
+
+#### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "upgrade_installedApps_in_chat_e2",
+ "sampleKeys": ["19:ea28e88c00e94c7786b065394a61f296@thread.v2", "NjRiOWM3NDYtYjE1NS00MDQyLThkNDctOTQxYmQzODE2ODFiIyMwZDgyMGVjZC1kZWYyLTQyOTctYWRhZC03ODA1NmNkZTdjNzg="]
+}-->
+
+```http
+POST https://graph.microsoft.com/betQyLThkNDctOTQxYmQzODE2ODFiIyMwZDgyMGVjZC1kZWYyLTQyOTctYWRhZC03ODA1NmNkZTdjNzg=/upgrade
+Content-Type: application/json
+
+{
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "OnlineMeeting.ReadBasic.Chat",
+ "permissionType": "Delegated"
+ },
+ {
+ "permissionValue": "ChatMember.Read.Chat",
+ "permissionType": "Application"
+ }]
+ }
+}
+```
+
+#### Response
+
+<!-- {
+ "blockType": "response"
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+## See also
+- [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 Chatmessage Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-delta.md
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
v1.0 Chatmessage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-get.md
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
v1.0 Chatmessage List Replies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-list-replies.md
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
v1.0 Chatmessage Post Replies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-post-replies.md
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline", "userIdentityType": "aadUser"
HTTP/1.1 200 OK
"application":null, "device":null, "user":{
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id":"8c0a1a67-50ce-4114-bb6c-da9c5dbcf6ca", "displayName":"Joh Doe",
- "userIdentityType":"aadUser"
+ "userIdentityType":"aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body":{
v1.0 Chatmessage Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-post.md
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "ef1c916a-3135-4417-ba27-8eb7bd084193", "displayName": "Jane Smith", "userIdentityType": "aadUser"
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "post_chatmessage_10",
+ "name": "post_chatmessage_e10",
"sampleKeys": ["fbe2bf47-16c8-47cf-b4a5-4b9b187c508b", "19:4a95f7d8db4c4e7fae857bcebe0623e6@thread.tacv2"] }-->
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
HTTP/1.1 201 Created
Content-type: application/json {
- "@odata.context": "https://canary.graph.microsoft.com/testprodbetateamsgraphsumanach/$metadata#chats('19%3A7fb82b685f9c457296a0ab6a1d98b4c1%40thread.v2')/messages/$entity",
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#chats('19%3A7fb82b685f9c457296a0ab6a1d98b4c1%40thread.v2')/messages/$entity",
"id": "1675459162626", "replyToId": null, "etag": "1675459162626",
v1.0 Chatmessagehostedcontent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessagehostedcontent-get.md
GET https://graph.microsoft.com/beta/chats/19:2da4c29f6d7041eca70b638b43d45437@t
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript)
GET https://graph.microsoft.com/beta/chats/19:2da4c29f6d7041eca70b638b43d45437@t
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell)
GET https://graph.microsoft.com/beta/chats/19:2da4c29f6d7041eca70b638b43d45437@t
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Cloudpc Getcloudpclaunchinfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpc-getcloudpclaunchinfo.md
If successful, this function returns a `200 OK` response code and a [cloudPcLaun
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "cloudpcthis.getcloudpclaunchinfo"
+ "name": "cloudpc.getcloudpclaunchinfo"
} --> ``` http
GET https://graph.microsoft.com/beta/me/cloudPCs/{cloudPCId}/getCloudPcLaunchInf
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Cloudpc Getshiftworkcloudpcaccessstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpc-getshiftworkcloudpcaccessstate.md
+
+ Title: "cloudPC: getShiftWorkCloudPcAccessState"
+description: "Get the access state of a shift work Cloud PC. Callers can get the latest shift work Cloud PC accessState and determine if the shift work Cloud PC is accessible to the user."
+
+ms.localizationpriority: medium
++
+# cloudPC: getShiftWorkCloudPcAccessState
+Namespace: microsoft.graph
++
+Get the [shiftWorkCloudPcAccessState](../resources/cloudpc.md#shiftworkcloudpcaccessstate-values) of a shift work Cloud PC.
+
+This API only supports shared-use licenses. For more information, see [cloudPcProvisioningPolicy](../resources/cloudpcprovisioningpolicy.md#cloudpcprovisioningtype-values). Shared-use licenses allow three users per license, with one user signed in at a time. Callers can get the latest shift work Cloud PC **accessState** and determine whether the shift work Cloud PC is accessible to the user.
+
+If a web client needs to connect to a shift work Cloud PC, the **sharedCloudPcAccessState** validates the bookmark scenario. If **sharedCloudPcAccessState** is not active/activating/hibernated, the web client shows a "bad bookmark".
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/cloudPCs/{cloudPCId}/getShiftWorkCloudPcAccessState
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [shiftWorkCloudPcAccessState](../resources/cloudpc.md#shiftworkcloudpcaccessstate-values) object in the response body.
+
+If the Cloud PC has been provisioned as a dedicated device, this method returns `400 Bad request`.
+
+## Examples
+
+### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "cloudpc.getShiftWorkCloudPcAccessState"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/cloudPCs/{cloudPCId}/getShiftWorkCloudPcAccessState
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "string"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/$metadata#Edm.String",
+ "value": "noLicensesAvailable"
+}
+```
+
v1.0 Contactmergesuggestions Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/contactmergesuggestions-get.md
If successful, this method returns a `200 OK` response code and a [contactMergeS
## Examples
-The following is an example of the request to get **contactMergeSuggestions** settings for the user.
- ### Request
+The following is an example of the request to get **contactMergeSuggestions** settings for the user.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
GET https://graph.microsoft.com/beta/me/settings/contactMergeSuggestions
### Response+
+The following is an example of the response.
+ >**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
Content-Type: application/json
"isEnabled": true } ```-
v1.0 Device Delete Registeredusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/device-delete-registeredusers.md
Here is an example of the request.
DELETE https://graph.microsoft.com/beta/devices/{id}/registeredUsers/{id}/$ref ```
+# [C#](#tab/csharp)
+ # [JavaScript](#tab/javascript) [!INCLUDE [sample-code](../includes/snippets/javascript/delete-registeredusers-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
DELETE https://graph.microsoft.com/beta/devices/{id}/registeredUsers/{id}/$ref
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+ ##### Response
v1.0 Device Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/device-get.md
The following example shows a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_device"
+ "name": "get_device_e1"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices/000005c3-b7a6-4c61-89fc-80bf5ccfc366
The following request retrieves the **id** and **extensionAttributes** property
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_device_select"
+ "name": "get_device_select_e2"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices/6a59ea83-02bd-468f-a40b-f2c3d1821983?$select=id,extensionAttributes
v1.0 Device List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/device-list.md
Here is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_devices"
+ "name": "get_devices_e1"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices
The following is an example of the request. This request requires the **Consiste
<!-- { "blockType": "ignored",
- "name": "get_count_only"
+ "name": "get_count_only_e2"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices/$count
Content-type: text/plain
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_devices_select"
+ "name": "get_devices_select_e3"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices?$select=id,extensionAttributes
The following is an example of the request. This request requires the **Consiste
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_devices_startswith"
+ "name": "list_devices_startswith_e4"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices?$filter=startswith(displayName, 'a')&$count=true&$top=1&$orderby=displayName
The following is an example of the request. This request requires the **Consiste
<!-- { "blockType": "ignored",
- "name": "get_video_count"
+ "name": "get_video_count_e5"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices?$search="displayName:Android"&$count=true
The following is an example of the request. This request requires the **Consiste
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_devices_by_extensionAttribute"
+ "name": "get_devices_by_extensionAttribute_e6"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/devices?$filter=extensionAttributes/extensionAttribute1 eq 'BYOD-Device'&$count=true
v1.0 Directory Deleteditems Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-deleteditems-delete.md
Permanently delete a recently deleted [application](../resources/application.md)
Administrative units **cannot** be permanently deleted by using the **deletedItems** API. Soft-deleted administrative units will be permanently deleted 30 days after initial deletion unless they are restored. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### For applications and service principals:
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [application](../resources/application.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [group](../resources/group.md) | Group.ReadWrite.All | Not supported. | Not supported. |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [user](../resources/user.md) | User.ReadWrite.All | Not supported. | Not supported. |
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
-
-The calling user must be the owner of the application or the calling app must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Application Administrator
-+ Cloud Application Administrator
-+ Hybrid Identity Administrator
-
-### For users:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-The signed-in user needs to have one of the following roles: *Global Administrator* or *User Administrator*.
-
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-The requestor needs to have one of the following roles: *Global Administrator* or *Groups Administrator*.
## HTTP request <!-- { "blockType": "ignored" } --> ```http DELETE /directory/deleteditems/{id} ```+ ## Request headers | Name | Description| |:|:-|
v1.0 Directory Deleteditems Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-deleteditems-get.md
Retrieve the properties of a recently deleted [application](../resources/applica
>**Note:** Deleted security groups are deleted permanently and can't be retrieved through this API. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### For applications and service principals:
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.Read.All, Application.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.Read.All |
-
-### For users:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All, Directory.Read.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.Read.All, Group.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-
-### For administrative units:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [administrativeUnit](../resources/administrativeunit.md) | AdministrativeUnit.Read.All | Not supported. | AdministrativeUnit.Read.All |
+| [application](../resources/application.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [group](../resources/group.md) | Group.Read.All | Not supported. | Group.Read.All |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [user](../resources/user.md) | User.Read.All | Not supported. | User.Read.All |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Directory Deleteditems List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-deleteditems-list.md
Retrieve a list of recently deleted directory objects. Currently, deleted items
## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-### For applications and service principals:
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [administrativeUnit](../resources/administrativeunit.md) | AdministrativeUnit.Read.All | Not supported. | AdministrativeUnit.Read.All |
+| [application](../resources/application.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [group](../resources/group.md) | Group.Read.All | Not supported. | Group.Read.All |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [user](../resources/user.md) | User.Read.All | Not supported. | User.Read.All |
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.Read.All, Application.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.Read.All, Application.ReadWrite.All, Directory.Read.All |
-
-### For users:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All, Directory.Read.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.Read.All, Group.ReadWrite.All, Directory.Read.All |
-
-### For administrative units:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
## HTTP request <!-- { "blockType": "ignored" } -->
The OData cast type is a required part of the URI and calling `GET /directory/de
## Optional query parameters
-This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
+This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. This API returns 100 objects by default and supports returning up to 999 objects per page using `$top`.
+
+Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
```msgraph-interactive https://graph.microsoft.com/beta/directory/deletedItems/microsoft.graph.group?&$count=true&$orderBy=deletedDateTime desc&$select=id,displayName,deletedDateTime
v1.0 Directory Deleteditems Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-deleteditems-restore.md
Restore a recently deleted [application](../resources/application.md), [group](.
A recently deleted item will remain available for up to 30 days. After 30 days, the item is permanently deleted. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### For applications and service principals:
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [administrativeUnit](../resources/administrativeunit.md) | AdministrativeUnit.ReadWrite.All | Not supported. | AdministrativeUnit.ReadWrite.All |
+| [application](../resources/application.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [group](../resources/group.md) | Group.ReadWrite.All | Not supported. | Not supported. |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [user](../resources/user.md) | User.ReadWrite.All | Not supported. | Not supported. |
-The calling app must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Application Administrator
-+ Cloud Application Administrator
-+ Hybrid Identity Administrator
-
-### For users:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.ReadWrite.All |
-
-To restore users with privileged administrator roles in delegated scenarios, the app must be assigned with *Directory.AccessAsUser.All* delegated permission, and the calling user must also be assigned a higher privileged administrator role as indicated in [Who can perform sensitive actions](../resources/users.md#who-can-perform-sensitive-actions).
-
-In app-only scenarios, the *User.ReadWrite.All* application permission isn't enough privilege to restore deleted users with privileged administrator roles. The app must be assigned a higher privileged administrator role as indicated in [Who can perform sensitive actions](../resources/users.md#who-can-perform-sensitive-actions).
-
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.ReadWrite.All |
-
-### For administrative units:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.ReadWrite.All |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Directory List Administrativeunits https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-list-administrativeunits.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All | + ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Directory List Inboundshareduserprofiles https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-list-inboundshareduserprofiles.md
+
+ Title: "List inboundSharedUserProfiles"
+description: "Retrieve the properties of an inboundSharedUserProfiles."
+
+ms.localizationpriority: medium
++
+# List inboundSharedUserProfiles
+
+Namespace: microsoft.graph
++
+Retrieve the properties of all [inboundSharedUserProfiles](../resources/inboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /directory/inboundSharedUserProfiles
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [inboundSharedUserProfile](../resources/inboundshareduserprofile.md) collection in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_inboundshareduserprofiles"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/beta/directory/inboundSharedUserProfiles
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.inboundSharedUserProfile"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "userId":"c228b2ae-c4fb-4eda-9620-7e73dddd1cac",
+ "userPrincipalName":"bob@contoso.onmicrosoft.com",
+ "displayName":"Bob",
+ "homeTenantId":"486fb458-9474-4c44-896b-b30942d055f0"
+ },
+ {
+ "userId":"5586b2ae-c4fb-4eda-9620-7e73dddd1cac",
+ "userPrincipalName":"alice@fabrikam.com",
+ "displayName":"Alice",
+ "homeTenantId":"385ab357-9774-4c44-896b-a35942d755e8"
+ }
+ ]
+}
+
+```
v1.0 Directory List Outboundshareduserprofiles https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-list-outboundshareduserprofiles.md
+
+ Title: "List outboundSharedUserProfiles"
+description: "Retrieve the properties of all outboundSharedUserProfiles."
+
+ms.localizationpriority: medium
++
+# List outboundSharedUserProfiles
+
+Namespace: microsoft.graph
++
+Retrieve the properties of all [outboundSharedUserProfiles](../resources/outboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CrossTenantUserProfileSharing.Read, CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /directory/outboundSharedUserProfiles
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [outboundSharedUserProfiles](../resources/outboundshareduserprofile.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_outboundshareduserprofile_e1"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/beta/directory/outboundSharedUserProfiles
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.outboundSharedUserProfile"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directory/outboundSharedUserProfiles",
+ "value": [
+ {
+ "userId":"62bfb458-9474-4c44-896b-b30942d055f0"
+ },
+ {
+ "userId":"5269b458-9474-4a44-996b-a30942d05000"
+ }
+ ]
+}
+```
v1.0 Directory List Recommendation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-list-recommendation.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_recommendation"
+ "name": "list_recommendation_e1"
} --> ``` http
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_recommendation"
+ "name": "get_recommendation_e2"
} --> ``` http
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_recommendation"
+ "name": "get_recommendation_e3"
} --> ``` http
v1.0 Directoryobject Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryobject-delete.md
Namespace: microsoft.graph
Delete a directory object, for example, a group, user, application, or service principal. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### Delete a user
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.ReadWrite.All |
-
-### Delete a group
-
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Group.ReadWrite.All |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Group.ReadWrite.All |
-
-### Delete an application or service principal
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.ReadWrite.All |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [application](../resources/application.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.All |
+| [group](../resources/group.md) | Group.ReadWrite.All | Not supported. | Group.ReadWrite.All |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.All |
+| [user](../resources/user.md) | User.ReadWrite.All | Not supported. | User.ReadWrite.All |
## HTTP request
v1.0 Directoryobject Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryobject-delta.md
GET https://graph.microsoft.com/beta/directoryObjects/delta?filter=isof('microso
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=isof('{resource type}')`. Note the presence of the _members@delta_ property which includes the ids of member objects in the group.
GET https://graph.microsoft.com/beta/directoryObjects/delta?$filter=id eq '87d34
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=id eq '{id}'`.
GET https://graph.microsoft.com/beta/directoryObjects/delta?$filter=isof('micros
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization. Note that both properties are included in the response and it is not known which ones have changed since the `@odata.deltaLink` was obtained.
v1.0 Directoryrole Delete Member https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryrole-delete-member.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.ReadWrite.Directory | + ## HTTP request You can address the directory role using either its **id** or **roleTemplateId**.
v1.0 Directoryrole Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryrole-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All | + ## HTTP request You can address the directory role using either its **id** or **roleTemplateId**.
v1.0 Directoryrole List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryrole-list-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All | + [!INCLUDE [limited-info](../../includes/limited-info.md)] ## HTTP request
v1.0 Directoryrole List Scopedmembers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryrole-list-scopedmembers.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All | + ## HTTP request You can address the directory role using either its **id** or **roleTemplateId**.
v1.0 Directoryrole List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryrole-list.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All | + ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Directoryrole Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryrole-post-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.ReadWrite.Directory | + ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Driveitem Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/driveitem-restore.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "restore-item",
+ "name": "restore-item-e1",
"scopes": "files.readwrite", "target": "action" }-->
v1.0 Dynamics Companies Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/dynamics-companies-get.md
Title: Get companies
-description: Gets a company object in Dynamics 365 Business Central.
--
+ Title: "Get companies"
+description: "Get a companies object in Dynamics 365 Business Central."
+
+documentationcenter: ""
+ ms.localizationpriority: medium ms.prod: "dynamics-365-business-central" doc_type: apiPageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve the properties and relationships of a companies object for Dynamics 365 Business Central.
+Get a [companies](../resources/dynamics-companies.md) object in Dynamics 365 Business Central.
## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type |Permissions (from least to most privileged)|
One of the following permissions is required to call this API. To learn more, in
|Application|Financials.ReadWrite.All| ## HTTP request+
+<!-- { "blockType": "ignored" } -->
```http GET /financials/companies ``` ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
## Request headers+ |Header|Value| ||--| |Authorization |Bearer {token}. Required. | ## Request body+ Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a **companies** object in the response body.
+
+If successful, this method returns a `200 OK` response code and a [companies](../resources/dynamics-companies.md) object in the response body.
## Example
-**Request**
+### Request
+
+The following is an example of the request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "get_companies"
+}-->
-Here is an example of the request.
```http GET https://graph.microsoft.com/beta/financials/companies ```
-**Response**
+### Response
-Here is an example of the response.
+The following is an example of the response.
> **Note**: The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "ignored",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.companies"
+} -->
+ ```json
+HTTP/1.1 200 OK
+Content-Type: application/json
+ { "id": "id-value", "systemVersion": "17806",
Here is an example of the response.
"businessProfileId": "" } ```--
v1.0 Ediscovery Unifiedgroupsource Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-unifiedgroupsource-delete.md
DELETE https://graph.microsoft.com/beta/compliance/ediscovery/cases/{caseId}/cus
[!INCLUDE [sample-code](../includes/snippets/go/delete-unifiedgroupsource-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/delete-unifiedgroupsource-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Educationassignmentdefaults Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignmentdefaults-update.md
If successful, this method returns a `200 OK` response code and an updated [educ
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_educationassignmentdefaults"
+ "name": "update_educationassignmentdefaults_e1"
} --> ``` http
v1.0 Educationassignmentresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignmentresource-get.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_educationassignmentresource"
+ "name": "get_educationassignmentresource_e1"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/education/classes/72a7baec-c3e9-4213-a850-f62de0adad5f/assignments/1618dfb0-3ff2-4edf-8d5c-b8f81df00e80/resources/fb92ec62-3996-4c3a-ad41-720dd930c834
The following is an example of the request.
<!-- { "blockType": "request", "sampleKeys": ["72a7baec-c3e9-4213-a850-f62de0adad5f","1618dfb0-3ff2-4edf-8d5c-b8f81df00e80","a2f95693-aea2-4d5e-a936-11ef390f8f20"],
- "name": "get_educationlinkresource_from_educationassignment"
+ "name": "get_educationlinkresource_from_educationassignment_e2"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/education/classes/72a7baec-c3e9-4213-a850-f62de0adad5f/assignments/1618dfb0-3ff2-4edf-8d5c-b8f81df00e80/resources/a2f95693-aea2-4d5e-a936-11ef390f8f20
The following is an example of the request.
<!-- { "blockType": "request", "sampleKeys": ["72a7baec-c3e9-4213-a850-f62de0adad5f","1618dfb0-3ff2-4edf-8d5c-b8f81df00e80","517b36a6-9ca2-4e7b-9748-3af25f5cd4fd"],
- "name": "get_educationexcelresource_from_educationassignment"
+ "name": "get_educationexcelresource_from_educationassignment_e3"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/education/classes/72a7baec-c3e9-4213-a850-f62de0adad5f/assignments/1618dfb0-3ff2-4edf-8d5c-b8f81df00e80/resources/517b36a6-9ca2-4e7b-9748-3af25f5cd4fd
The following is an example of the request.
<!-- { "blockType": "request", "sampleKeys": ["72a7baec-c3e9-4213-a850-f62de0adad5f","1618dfb0-3ff2-4edf-8d5c-b8f81df00e80","3cb7968b-082f-4756-bdfb-782b4538cc0a"],
- "name": "get_educationpowerpointresource_from_educationassignment"
+ "name": "get_educationpowerpointresource_from_educationassignment_e4"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/education/classes/72a7baec-c3e9-4213-a850-f62de0adad5f/assignments/1618dfb0-3ff2-4edf-8d5c-b8f81df00e80/resources/3cb7968b-082f-4756-bdfb-782b4538cc0a
The following is an example of the request.
<!-- { "blockType": "request", "sampleKeys": ["72a7baec-c3e9-4213-a850-f62de0adad5f","1618dfb0-3ff2-4edf-8d5c-b8f81df00e80","a7a2fec0-2a26-47bf-8d40-2319c0afb1f4"],
- "name": "get_educationfileresource_from_educationassignment"
+ "name": "get_educationfileresource_from_educationassignment_e5"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/education/classes/72a7baec-c3e9-4213-a850-f62de0adad5f/assignments/1618dfb0-3ff2-4edf-8d5c-b8f81df00e80/resources/a7a2fec0-2a26-47bf-8d40-2319c0afb1f4
The following is an example of the request.
<!-- { "blockType": "request", "sampleKeys": ["72a7baec-c3e9-4213-a850-f62de0adad5f","1618dfb0-3ff2-4edf-8d5c-b8f81df00e80","f3687fc5-908b-4006-8040-dbba9e04023c"],
- "name": "get_educationmediaresource_from_educationassignment"
+ "name": "get_educationmediaresource_from_educationassignment_e6"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/education/classes/72a7baec-c3e9-4213-a850-f62de0adad5f/assignments/1618dfb0-3ff2-4edf-8d5c-b8f81df00e80/resources/f3687fc5-908b-4006-8040-dbba9e04023c
v1.0 Emailauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethod-delete.md
Deletes a user's [email Authentication Method](../resources/emailauthenticationm
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+### Permissions acting on self
+ |Permission type | Permissions (from least to most privileged) | |:|:-| | Delegated (work or school account) | UserAuthenticationMethod.ReadWrite |
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication admin
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete the email method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /me/authentication/emailMethods/{id}
+```
+
+Delete the email authentication method from another user's account.
+<!-- { "blockType": "ignored" } -->
``` http DELETE /users/{id | userPrincipalName}/authentication/emailMethods/{id} ```
v1.0 Emailauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own email authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/emailMethods/{id}
+```
+
+Get details of your own or another user's email authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/emailMethods/{id} ```
v1.0 Emailauthenticationmethod Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethod-update.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
+Users without one of the supported Azure AD roles cannot update their own email authentication method.
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Update the email method for your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+``` http
+PATCH /me/authentication/emailMethods/{id}
+```
+
+Update the email authentication method for another user's account.
+<!-- { "blockType": "ignored" } -->
``` http PATCH /users/{id | userPrincipalName}/authentication/emailMethods/{id} ```
v1.0 Emailauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Emailauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
For delegated scenarios, the administrator needs one of the following [Azure AD
--> ```http
-GET https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/email
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/email
``` ## Request headers
v1.0 Emailauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Entitlementmanagement Post Accesspackageassignmentpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/entitlementmanagement-post-accesspackageassignmentpolicies.md
Content-type: application/json
} ``` -- ### Example 4: Create a policy and specify the stages to trigger pre-defined custom workflow extensions #### Request
Content-type: application/json
} ```
+### Example 5: Create a policy and specify the stages to trigger pre-defined access package custom extensions
+
+#### Request
+
+In the following example, the pre-defined **accessPackageCustomWorkflowExtension** object is triggered when an access package assignment request is created and when it's granted. The identifier provided within the **customExtension** field is the **accessPackageCustomWorkflowExtension** object's ID.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accesspackageassignmentpolicy_accessPackageCustomWorkflowExtension"
+}-->
++
+```msgraph-interactive
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
+Content-type: application/json
+
+{
+ "displayName": "extension-policy",
+ "description": "test",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "canExtend": false,
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": [],
+ "isOnBehalfAllowed": false
+ },
+ "accessReviewSettings": null,
+ "questions": [],
+ "customExtensionStageSettings": [
+ {
+ "stage": "assignmentRequestCreated",
+ "customExtension": {
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
+ }
+ },
+ {
+ "stage": "assignmentRequestGranted",
+ "customExtension": {
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
+ }
+ }
+ ]
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+#### Response
+
+The following is an example of the response. The **customExtensionStageSettings** object isn't returned by default. To retrieve this object, use the **GET** method with `$expand`. For more information, see [Retrieve the custom extension stage settings for a policy](accesspackageassignmentpolicy-get.md#example-3-retrieve-the-custom-extension-stage-settings-for-a-policy)
+
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+} -->
+
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "id": "d0324cbb-24a2-4edb-acca-fee5384c6a5e",
+ "displayName": "extension-policy",
+ "description": "test",
+ "canExtend": false,
+ "durationInDays": 0,
+ "expirationDateTime": null,
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "accessReviewSettings": null,
+ "questions": [],
+ "requestorSettings": {
+ "scopeType": "AllExistingDirectorySubjects",
+ "acceptRequests": true,
+ "allowedRequestors": []
+ },
+ "requestApprovalSettings": {
+ "isApprovalRequired": false,
+ "isApprovalRequiredForExtension": false,
+ "isRequestorJustificationRequired": false,
+ "approvalMode": "NoApproval",
+ "approvalStages": []
+ }
+}
+```
+ <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
v1.0 Externalconnectors Externalitem Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalitem-get.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_externalitem",
+ "name": "get_externalitem_e1",
"sampleKeys": ["contosohr", "TSP228082938"] } -->
v1.0 Externalconnectors Externalitem Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalitem-update.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/update-externalitem-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/update-externalitem-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Fido2authenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethod-delete.md
Deletes a user's [FIDO2 Security Key Authentication Method](../resources/fido2au
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type|Permissions acting on self (from least to most privileged)|Permissions acting on others (from least to most privileged)|
-|:|:|:--|
-| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite | UserAuthenticationMethod.ReadWrite.All |
-| Delegated (personal Microsoft account) | Not supported. | Not supported. |
-| Application | Not applicable. | UserAuthenticationMethod.ReadWrite.All |
+### Permissions acting on self
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+|Permission type | Permissions (from least to most privileged) |
+|:|:-|
+| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
+### Permissions acting on other users
+
+|Permission type | Permissions (from least to most privileged) |
+|:|:-|:--|
+| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | UserAuthenticationMethod.ReadWrite.All |
+ ## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
+Remove a FIDO2 authentication method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+```http
+DELETE /me/authentication/fido2Methods/{id}
+```
+
+Remove a FIDO2 authentication method from another user's account.
+<!-- { "blockType": "ignored" } -->
+```http
DELETE /users/{id | userPrincipalName}/authentication/fido2Methods/{id} ```
v1.0 Fido2authenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own FIDO2 authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/fido2Methods/{id}
+```
+
+Get details of your own or another user's FIDO2 authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/fido2Methods/{id} ```
v1.0 Fido2authenticationmethod List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethod-list.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve the details of your own FIDO2 authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/fido2Methods
+```
+
+Retrieve the details of your own or another user's FIDO2 authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/fido2Methods ```
v1.0 Fido2authenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Fido2authenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Fido2authenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Governanceresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceresource-get.md
Namespace: microsoft.graph
Retrieve the properties and relationships of a [governanceResource](../resources/governanceresource.md) object. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
-
-Besides the permission scope, this API requires the requestor to have at least one role assignment on the resource.
+The requestor must also have at least one role assignment on the resource.
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Governanceresource List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceresource-list.md
Namespace: microsoft.graph
Retrieve a collection of [governanceResource](../resources/governanceresource.md) that the requestor has access to. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
-
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Governanceresource Register https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceresource-register.md
Register a [governanceResource](../resources/governanceresource.md) object in Pr
## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
->**Note:** This API also requires that the requester have at least one active role assignment on the resource.
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | Not supported. |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | Not supported. |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | Not supported. |
-### Azure resources
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
+The requester must also have at least one active role assignment on the resource.
## HTTP request
This method **only** supports the `$select` and `$expand` [OData query parameter
## Request body
-| Properties | Type | Description |
+| Properties | Type | Description |
|:- |:- |:-- | | externalId | String | The external identifier of the resource to be registered in PIM. If registering a subscription, the identifier is the subscription identifier prepended by `/subscriptions/`. For example, `/subscriptions/c14ae696-5e0c-4e5d-88cc-bef6637737ac`. |
v1.0 Governanceroleassignment Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignment-export.md
Namespace: microsoft.graph
Retrieve a collection of [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) in the format `application/octet-stream`, which can be parsed as a .csv file in the browser. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
-
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
+The requestor must also have at least one role assignment on the resource.
## HTTP request <!-- { "blockType": "ignored" } -->
-Export a collection of [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) on a resource
-
->**Note:** Besides the permission scope, this request requires the requestor to have at least one role assignment on the resource.
+Export a collection of [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) on a resource.
```http GET /privilegedAccess/azureResources/roleAssignments/export?$filter=resourceId+eq+'{resourceId}' ```
-Export a collection of [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) of mine
+Export a collection of [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) for the signed-in user.
```http GET /privilegedAccess/azureResources/roleAssignments/export?$filter=subjectId+eq+'{myId}' ```
v1.0 Governanceroleassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignment-get.md
Namespace: microsoft.graph
Retrieve the properties and relationships of a [governanceRoleAssignment](../resources/governanceroleassignment.md). ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
+The requestor must also have at least one role assignment on the resource.
## HTTP request <!-- { "blockType": "ignored" } -->
-1. Get a [governanceRoleAssignment](../resources/governanceroleassignment.md) on a resource
+1. Get a [governanceRoleAssignment](../resources/governanceroleassignment.md) on a resource.
- *Note: Besides the permission scope, it requires the requestor to have at least one role assignment on the resource.*
```http GET /privilegedAccess/azureResources/resources/{resourceId}/roleAssignments/{id} GET /privilegedAccess/azureResources/roleAssignments/{id}?$filter=resourceId+eq+'{resourceId}' ```
-2. Get a [governanceRoleAssignment](../resources/governanceroleassignment.md) of mine
+2. Get a [governanceRoleAssignment](../resources/governanceroleassignment.md) for the signed-in user.
```http GET /privilegedAccess/azureResources/roleAssignments/{id}?$filter=subjectId+eq+'{myId}' ```
v1.0 Governanceroleassignment List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignment-list.md
Namespace: microsoft.graph
Retrieve a collection of [governanceRoleAssignments](../resources/governanceroleassignment.md). ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
+The requestor must also have at least one role assignment on the resource.
## HTTP request <!-- { "blockType": "ignored" } --> List a collection of [governanceRoleAssignments](../resources/governanceroleassignment.md) on a resource.
->**Note:** Besides the permission scope, this request requires the requestor to have at least one role assignment on the resource.
```http GET /privilegedAccess/azureResources/resources/{resourceId}/roleAssignments GET /privilegedAccess/azureResources/roleAssignments?$filter=resourceId+eq+'{resourceId}' ```
-List a collection of [governanceRoleAssignments](../resources/governanceroleassignment.md) of mine.
+List a collection of [governanceRoleAssignments](../resources/governanceroleassignment.md) for the signed-in user.
```http GET /privilegedAccess/azureResources/roleAssignments?$filter=subjectId+eq+'{myId}' ```
v1.0 Governanceroleassignmentrequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-get.md
Namespace: microsoft.graph
Get a [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md). ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
-
-Besides the permission scope, it requires the requestor
-* to have at least one role assignment on the resource; or
-* is the subject of the [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md).
+The requester must also have at least one active role assignment on the resource or must be the subject of the [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md).
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Governanceroleassignmentrequest Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-post.md
Create a role assignment request to represent the operation you want on a role a
## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-### Azure resources
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | Not supported. |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | Not supported. |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | Not supported. |
## HTTP request
v1.0 Governanceroleassignmentrequest Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-update.md
Namespace: microsoft.graph
Enable administrators to update their decisions (`AdminApproved` or `AdminDenied`) on [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) that are in status of `PendingAdminDecision`. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
->**Note:** This API also requires that the requester have at least one `Active` administrator role assignment (`owner` or `user access administrator`) on the resource that the [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md) belongs to.
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-### Azure resources
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | Not supported. |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | Not supported. |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | Not supported. |
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
+The requester must also have at least one active administrator role assignment (`owner` or `user access administrator`) on the resource that the [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md) belongs to.
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Governanceroledefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroledefinition-get.md
Namespace: microsoft.graph
Retrieve the properties and relationships of a [governanceRoleDefinition](../resources/governanceroledefinition.md). ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
-
-Besides the permission scope, this API requires the requestor to have at least one role assignment on the resource, which the [governanceRoleDefinition](../resources/governanceroledefinition.md) belongs to.
+The requestor must also have at least one role assignment on the resource which the [governanceRoleDefinition](../resources/governanceroledefinition.md) belongs to.
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Governanceroledefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroledefinition-list.md
Namespace: microsoft.graph
Get a collection of [governanceRoleDefinitions](../resources/governanceroledefinition.md) on a resource. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
-
-Besides the permission scope, this API requires the requestor to have at least one role assignment on the resource.
+The requestor must also have at least one role assignment on the resource.
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Governancerolesetting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governancerolesetting-get.md
Namespace: microsoft.graph
Retrieve the properties and relationships of a [governanceRoleSetting](../resources/governancerolesetting.md). ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
+The requestor must also have at least one role assignment on the resource which the [governanceRoleSetting](../resources/governancerolesetting.md) belongs to.
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
-
-Besides the permission scope, this API requires the requestor to have at least one role assignment on the resource, which the [governanceRoleSetting](../resources/governancerolesetting.md) belongs to.
## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Governancerolesetting List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governancerolesetting-list.md
Namespace: microsoft.graph
Retrieve a collection of [governanceRoleSettings](../resources/governancerolesetting.md) on a resource. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
-### Azure resources
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureResources |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | PrivilegedAccess.Read.AzureAD |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | PrivilegedAccess.Read.AzureResources |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | PrivilegedAccess.Read.AzureADGroup |
-### Azure AD
+The requestor must also have at least one role assignment on the resource.
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureAD |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | PrivilegedAccess.Read.AzureADGroup |
-
-Besides the permission scope, this API requires the requestor to have at least one role assignment on the resource.
## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Governancerolesetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governancerolesetting-update.md
Namespace: microsoft.graph
Update the properties of [governanceRoleSetting](../resources/governancerolesetting.md). ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference#privileged-access-permissions).
->**Note:** This API also requires that the requester have at least one `Active` administrator role assignment (`owner` or `user access administrator`) on the resource.
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-|Permission type | Permissions |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-### Azure resources
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| Azure AD | PrivilegedAccess.ReadWrite.AzureAD | Not supported. | Not supported. |
+| Azure resources | PrivilegedAccess.ReadWrite.AzureResources | Not supported. | Not supported. |
+| [group](../resources/group.md) | PrivilegedAccess.ReadWrite.AzureADGroup | Not supported. | Not supported. |
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureResources |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Azure AD
-
-| Permission type | Permissions |
-|: |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Groups
-
-|Permission type | Permissions |
-|:-- |:-- |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureADGroup |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
+The requester must also have at least one active administrator role assignment (`owner` or `user access administrator`) on the resource.
## HTTP request <!-- { "blockType": "ignored" } -->
PATCH /privilegedAccess/azureResources/roleSettings/{id}
## Request body In the request body, supply the values for [governanceRuleSettings](../resources/governancerulesetting.md) that need to be updated.
-| Property | Type |Description|
+| Property | Type |Description|
|:|:--|:-| |adminEligibleSettings|[governanceRuleSetting](../resources/governancerulesetting.md) collection|The rule settings that are evaluated when an administrator tries to add an eligible role assignment.| |adminMemberSettings|[governanceRuleSetting](../resources/governancerulesetting.md) collection|The rule settings that are evaluated when an administrator tries to add a direct member role assignment.|
v1.0 Group Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-delta.md
The following is an example of the request. There is no `$select` parameter, so
<!-- { "blockType": "request",
- "name": "group_delta"
+ "name": "group_delta_e1"
}--> ```msgraph-interactive
The next example shows the initial request selecting 3 properties for change tra
<!-- { "blockType": "request",
- "name": "group_delta_with_selelct"
+ "name": "group_delta_with_selelct_e2"
}--> ```msgraph-interactive
The next example shows the initial request selecting 3 properties for change tra
<!-- { "blockType": "request",
- "name": "group_delta_minimal"
+ "name": "group_delta_minimal_e3"
}--> ```msgraph-interactive
v1.0 Group Evaluatedynamicmembership https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-evaluatedynamicmembership.md
Evaluate whether a user or device is or would be a member of a dynamic group. Th
## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
### Evaluate dynamic membership with member ID and group ID
-| Permission type | Permissions (from least to most privileged) |
-| :- | :-- |
-| Delegated (work or school account) | For user: Group.Read.All and User.Read.All, Directory.Read.All<br>For device: Group.Read.All and Device.Read.All, Directory.Read.All |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [device](../resources/device.md) | Group.Read.All and Device.Read.All | Not supported. | Not supported. |
+| [user](../resources/user.md) | Group.Read.All and User.Read.All | Not supported. | Not supported. |
### Evaluate dynamic membership with member ID and membership rule
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | For user: User.Read.All, Directory.Read.All<br>For device: Device.Read.All, Directory.Read.All |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [device](../resources/device.md) | Device.Read.All | Not supported. | Not supported. |
+| [user](../resources/user.md) | User.Read.All | Not supported. | Not supported. |
## HTTP request
v1.0 Group List Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-list-settings.md
One of the following permissions is required to call this API. To learn more, in
## HTTP request <!-- { "blockType": "ignored" } -->
-List tenant-wide or group settings
+List tenant-wide or group settings.
```http GET /settings ``` <!-- { "blockType": "ignored" } -->
-List group-specific settings
+List group-specific settings.
```http GET /groups/{groupId}/settings ```
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and collection of [directorySetting](../resources/directorysetting.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [directorySetting](../resources/directorysetting.md) objects in the response body.
## Example ### Request
-Here is an example of the request.
+
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
v1.0 Group Post Groups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-post-groups.md
The following table shows the properties that are required when you create the [
| :-- | : | :-- | | displayName | string | The name to display in the address book for the group. Maximum length is 256 characters. Required. | | mailEnabled | boolean | Set to `true` for mail-enabled groups. Required. |
-| mailNickname | string | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : . <> , SPACE`. Required. |
+| mailNickname | string | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : <> , SPACE`. Required. |
| securityEnabled | boolean | Set to `true` for security-enabled groups, including Microsoft 365 groups. Required. **Note:** Groups created using the Microsoft Azure portal always have **securityEnabled** initially set to `true`. | > [!IMPORTANT]
v1.0 Horizontalsection Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/horizontalsection-get.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_horizontalsection"
+ "name": "get_horizontalsection_e1"
} -->
With `select` and `expand` statements, you can retrieve horizontalSection metada
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_horizontalsection"
+ "name": "get_horizontalsection_e2"
} -->
v1.0 Horizontalsectioncolumn Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/horizontalsectioncolumn-get.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_horizontalsectioncolumn"
+ "name": "get_horizontalsectioncolumn_e1"
} -->
With `select` and `expand` statements, you can retrieve horizontalSectionColumn
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_horizontalSectionColumn"
+ "name": "get_horizontalSectionColumn_e2"
} -->
v1.0 Identityapiconnector Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityapiconnector-get.md
GET https://graph.microsoft.com/beta/identity/apiConnectors/{id}
[!INCLUDE [sample-code](../includes/snippets/go/get-identityapiconnector-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-identityapiconnector-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Identitygovernance Customtaskextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-customtaskextension-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Customtaskextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-customtaskextension-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Customtaskextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-customtaskextension-update.md
One of the following permissions is required to call this API. To learn more, in
> [!IMPORTANT] > The calling user also requires one of the following Azure Resource Manager roles for the specified Azure Logic App: **Logic App contributor**, **Contributor**, or **Owner**.
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Deleteditemcontainer Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-deletedItemcontainer-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Deleteditemcontainer Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-deleteditemcontainer-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Lifecyclemanagementsettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecyclemanagementsettings-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/settings/$entity",
- "workflowScheduleIntervalInHours": 1
+ "workflowScheduleIntervalInHours": 1,
+ "emailSettings": {
+ "senderDomain": "ContosoIndustries.net",
+ "useCompanyBranding": true
+ }
} ```
v1.0 Identitygovernance Lifecyclemanagementsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecyclemanagementsettings-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
PATCH /identityGovernance/lifecycleWorkflows/settings
|Property|Type|Description| |:|:|:| |workflowScheduleIntervalInHours|Int32|The workflow schedule interval. Required.|
+|emailSettings|[microsoft.graph.emailSettings](../resources/emailsettings.md)|The settings for emails sent from email-specific tasks within a workflow. Required.|
## Response
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/settings/$entity",
- "workflowScheduleIntervalInHours": 3
+ "workflowScheduleIntervalInHours": 3,
+ "emailSettings": {
+ "senderDomain": "ContosoIndustries.net",
+ "useCompanyBranding": true
+ }
} ```
v1.0 Identitygovernance Lifecycleworkflowscontainer List Customtaskextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-customtaskextensions.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Lifecycleworkflowscontainer List Deleteditems https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-deleteditems.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Lifecycleworkflowscontainer List Taskdefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-taskdefinitions.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. Because the **category** is a flagged enumeration that can be one of `joiner`, `joiner,leaver`, or `leaver`, the `has` operator checks tasks where the category includes "joiner". - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Lifecycleworkflowscontainer List Workflows https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-workflows.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Lifecycleworkflowscontainer List Workflowtemplates https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-workflowtemplates.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Lifecycleworkflowscontainer Post Customtaskextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-post-customtaskextensions.md
One of the following permissions is required to call this API. To learn more, in
> [!IMPORTANT] > The calling user also requires one of the following Azure Resource Manager roles for the specified Azure Logic App: **Logic App contributor**, **Contributor**, or **Owner**.
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Lifecycleworkflowscontainer Post Workflows https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-post-workflows.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
The following is an example of a request that creates a workflow with the follow
+ It runs for new users that are based in Australia, on their employeeHireDate. + Two tasks are carried out when the workflow runs: the user's account is enabled and a "Welcome" email is sent to the user. + # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Run Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "lifecycleworkflows_get_workflow_run"
+ "name": "lifecycleworkflows_get_workflow_run_e1"
} --> ``` http
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "lifecycleworkflows_get_workflow_run"
+ "name": "lifecycleworkflows_get_workflow_run_e2"
} --> ``` http
v1.0 Identitygovernance Run List Taskprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-list-taskprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Run List Userprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-list-userprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Run Summary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-summary.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Task Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-task-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Task Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-task-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
PATCH /identityGovernance/lifecycleWorkflows/workflows/{workflowId}/tasks/{taskI
|description|String|Describes the purpose of the task for administrative use.| |displayName|String|A unique string that identifies the task within the workflow.|
+> [!NOTE]
+> All other properties can be updated by creating a new workflow version. For details, see [workflow: createNewVersion](identitygovernance-workflow-createnewversion.md).
+ ## Response If successful, this action returns a `204 No Content` response code.
If successful, this action returns a `204 No Content` response code.
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Taskdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskdefinition-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Taskprocessingresult Resume https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskprocessingresult-resume.md
Title: "taskProcessingResult: resume"
-description: "An Azure Logic Apps system-assigned managed identity calls this API to resume the task processing result that's in progress."
+description: "In the default case an Azure Logic Apps system-assigned managed identity calls this API to resume the task processing result that's in progress."
ms.localizationpriority: medium ms.prod: "governance"
Namespace: microsoft.graph.identityGovernance
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Resume a task processing result that's `inProgress`. An Azure Logic Apps system-assigned managed identity calls this API.
+Resume a task processing result that's `inProgress`. In the default case an Azure Logic Apps system-assigned managed identity calls this API. For more information read about [Lifecycle Workflows extensibility approach](/azure/active-directory/governance/lifecycle-workflow-extensibility).
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|Not supported.|
+|Delegated (work or school account)|LifecycleWorkflows.ReadWrite.All|
|Delegated (personal Microsoft account)|Not supported.|
-|Application|Not Supported.|
+|Application|LifecycleWorkflows.ReadWrite.All (See note below for least privileged)|
+ > [!IMPORTANT]
-> Only the Azure Logic Apps system-assigned managed identity that's specified in the [custom task extension authentication Configuration](../resources/identitygovernance-customtaskextension.md) can call this API. The authorized resource doesn't require any Microsoft Graph permissions.
+> Apps specified in `authorizedApps` within the [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md) of the [custom task extension](../resources/identitygovernance-customtaskextension.md) are allowed to resume the task processing result without application permissions or role assignments.
+> The app specified in `resourceId` within the [azureAdTokenAuthentication](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md) of the [custom task extension](../resources/identitygovernance-customtaskextension.md) is allowed to resume the task processing result without an application permission or role assignment.
## HTTP request
v1.0 Identitygovernance Taskreport List Taskprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskreport-list-taskprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Taskreport Summary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskreport-summary.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Userprocessingresult Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-userprocessingresult-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "lifecycleworkflows_get_run_userprocessingresult"
+ "name": "lifecycleworkflows_get_run_userprocessingresult_e1"
} --> ``` http
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "lifecycleworkflows_get_run_userprocessingresult"
+ "name": "lifecycleworkflows_get_run_userprocessingresult_e2"
} --> ``` http
v1.0 Identitygovernance Userprocessingresult List Taskprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-userprocessingresult-list-taskprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
Content-Type: application/json
### Example 3: Get the task processing results for a user processing result in a run report for a workflow - # [HTTP](#tab/http) <!-- { "blockType": "request",
Content-Type: application/json
The following is an example of a request. -- # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Userprocessingresult Summary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-userprocessingresult-summary.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Workflow Activate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-activate.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Workflow Createnewversion https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-createnewversion.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this action returns a `200 OK` response code and a [microsoft.gra
## Examples
-### Request
+### Example 1: Create a new version of a workflow
+
+#### Request
The following is an example of a request.
Content-length: 631
{ "workflow":{
+ "category": "joiner",
"description": "Configure new hire tasks for onboarding employees on their first day", "displayName": "Global onboard new hire employee", "isEnabled": true,
Content-length: 631
-### Response
+#### Response
The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
The following is an example of the response
HTTP/1.1 200 OK Content-Type: application/json + { "workflow":{
+ "category": "joiner",
"description": "Configure new hire tasks for onboarding employees on their first day", "displayName": "Global onboard new hire employee", "isEnabled": true,
Content-Type: application/json
} } ```+
+### Example 2: Create a new version of a task with customized email
+
+#### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "lifecycleworkflows_workflowthis.createnewversion_customemail"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/{workflowId}/createNewVersion
+Content-Type: application/json
+Content-length: 631
+
+{
+ "workflow":{
+ "category": "joiner",
+ "description": "Configure new hire tasks for onboarding employees on their first day",
+ "displayName": "Global onboard new hire employee",
+ "isEnabled": true,
+ "isSchedulingEnabled": false,
+ "executionConditions": {
+ "@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
+ "scope": {
+ "@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
+ "rule": "(department eq 'Marketing')"
+ },
+ "trigger": {
+ "@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
+ "timeBasedAttribute": "employeeHireDate",
+ "offsetInDays": 1
+ }
+ },
+ "tasks": [
+ {
+ "continueOnError": false,
+ "description": "Enable user account in the directory",
+ "displayName": "Enable User Account",
+ "isEnabled": true,
+ "taskDefinitionId": "6fc52c9d-398b-4305-9763-15f42c1676fc",
+ "arguments": []
+ },
+ {
+ "continueOnError": false,
+ "description": "Send welcome email to new hire",
+ "displayName": "Send Welcome Email",
+ "isEnabled": true,
+ "taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
+ "arguments": [
+ {
+ "name": "cc",
+ "value": "1baa57fa-3c4e-4526-ba5a-db47a9df95f0"
+ },
+ {
+ "name": "customSubject",
+ "value": "Welcome to the organization {{userDisplayName}}!"
+ },
+ {
+ "name": "customBody",
+ "value": "Welcome to our organization {{userGivenName}}!"
+ },
+ {
+ "name": "locale",
+ "value": "en-us"
+ }
+ ]
+ }
+ ]
+ }
+}
+```
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+#### Response
++
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.identityGovernance.workflow"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "workflow":{
+ "category": "joiner",
+ "description": "Configure new hire tasks for onboarding employees on their first day",
+ "displayName": "Global onboard new hire employee",
+ "isEnabled": true,
+ "isSchedulingEnabled": false,
+ "executionConditions": {
+ "@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
+ "scope": {
+ "@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
+ "rule": "(department eq 'Marketing')"
+ },
+ "trigger": {
+ "@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
+ "timeBasedAttribute": "employeeHireDate",
+ "offsetInDays": 1
+ }
+ },
+ "tasks": [
+ {
+ "continueOnError": false,
+ "description": "Enable user account in the directory",
+ "displayName": "Enable User Account",
+ "isEnabled": true,
+ "taskDefinitionId": "6fc52c9d-398b-4305-9763-15f42c1676fc",
+ "arguments": []
+ },
+ {
+ "continueOnError": false,
+ "description": "Send welcome email to new hire",
+ "displayName": "Send Welcome Email",
+ "isEnabled": true,
+ "taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
+ "arguments": [
+ {
+ "name": "cc",
+ "value": "b47471b9-af8f-4a5a-bfa2-b78e82398f6e, a7a23ce0-909b-40b9-82cf-95d31f0aaca2"
+ },
+ {
+ "name": "customSubject",
+ "value": "Welcome to the organization {{userDisplayName}}!"
+ },
+ {
+ "name": "customBody",
+ "value": "Welcome to our organization {{userGivenName}} {{userSurname}}. \nFor more information, reach out to your manager {{managerDisplayName}} at {{managerEmail}}."
+ },
+ {
+ "name": "locale",
+ "value": "en-us"
+ },
+ ]
+ }
+ ]
+ }
+}
+```
v1.0 Identitygovernance Workflow Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Workflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
} ``` - ### Example 2: Retrieve specific properties of a workflow #### Request
v1.0 Identitygovernance Workflow List Runs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-runs.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Workflow List Task https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-task.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Workflow List Taskreports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-taskreports.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Workflow List Userprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-userprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Workflow List Versions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-versions.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Workflow Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-restore.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Workflow Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-update.md
Namespace: microsoft.graph.identityGovernance
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Update the properties of a [workflow](../resources/identitygovernance-workflow.md) object.
+Update the properties of a [workflow](../resources/identitygovernance-workflow.md) object. Only the properties listed in the [request body](identitygovernance-workflow-update.md#request-body) table can be updated. To update any other workflow properties, see [workflow: createNewVersion](identitygovernance-workflow-createnewversion.md).
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
PATCH /identityGovernance/lifecycleWorkflows/workflows/{workflowId}
|isEnabled|Boolean|A boolean value that denotes whether the workflow is set to run or not.| |isSchedulingEnabled|Boolean|A Boolean value that denotes whether scheduling is enabled or not. |
+> [!NOTE]
+> You can also update task name and description within a workflow without creating a new version. For more information on these properties, see: [update task](identitygovernance-task-update.md).
## Response
v1.0 Identitygovernance Workflowtemplate Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflowtemplate-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Workflowversion Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflowversion-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request. - # [HTTP](#tab/http) <!-- { "blockType": "request",
v1.0 Identitygovernance Workflowversion List Tasks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflowversion-list-tasks.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Inboundshareduserprofile Exportpersonaldata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/inboundshareduserprofile-exportpersonaldata.md
+
+ Title: "inboundSharedUserProfile: exportPersonalData"
+description: "Create a request to export the personal data for an inboundSharedUserProfile."
+
+ms.localizationpriority: medium
++
+# inboundSharedUserProfiles: exportPersonalData
+
+Namespace: microsoft.graph
++
+Create a request to export the personal data for an [inboundSharedUserProfile](../resources/inboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+POST /directory/inboundSharedUserProfiles/{userId}/exportPersonalData
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+In the request body, supply JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|storageLocation|String|The storage location to download the exported data to. This can be an Azure Storage Account.|
+
+## Response
+
+If successful, this method returns a `202 Accepted` response code and a **Location** header in the response body pointing to the storage location of the exported data.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "inboundshareduserprofile_exportpersonaldata"
+}
+-->
+
+``` http
+POST https://graph.microsoft.com/beta/directory/inboundSharedUserProfiles/c228b2ae-c4fb-4eda-9620-7e73dddd1cac/exportPersonalData
+
+{
+ "storageLocation": "MyStorageAccount"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.inboundSharedUserProfile"
+}
+-->
+
+``` http
+HTTP/1.1 202 Accepted
+
+{
+ "Location": "https://graph.microsoft.com/v1.0/dataPolicyOperations/d007e3da-cd9b-4b02-8d66-422403c53e3f",
+ "Retry-After": 60
+}
+```
v1.0 Inboundshareduserprofile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/inboundshareduserprofile-get.md
+
+ Title: "Get inboundSharedUserProfile"
+description: "Read the properties of an inboundSharedUserProfile."
+
+ms.localizationpriority: medium
++
+# Get inboundSharedUserProfile
+
+Namespace: microsoft.graph
++
+Read the properties of an [inboundSharedUserProfile](../resources/inboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CrossTenantUserProfileSharing.Read, CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /directory/inboundSharedUserProfiles/{userId}
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [inboundSharedUserProfile](../resources/inboundshareduserprofile.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_inboundshareduserprofile"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/beta/directory/inboundSharedUserProfiles/c228b2ae-c4fb-4eda-9620-7e73dddd1cac
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.inboundSharedUserProfile"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "userId": "c228b2ae-c4fb-4eda-9620-7e73dddd1cac",
+ "userPrincipalName": "bob@contoso.com",
+ "displayName": "Bob",
+ "homeTenantId": "486fb458-9474-4c44-896b-b30942d055f0"
+}
+```
v1.0 Inboundshareduserprofile Removepersonaldata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/inboundshareduserprofile-removepersonaldata.md
+
+ Title: "inboundSharedUserProfile: removePersonalData"
+description: "Create a request to remove the personal data for an inboundSharedUserProfile."
+
+ms.localizationpriority: medium
++
+# inboundSharedUserProfiles: removePersonalData
+
+Namespace: microsoft.graph
++
+Create a request to remove the personal data for an [inboundSharedUserProfile](../resources/inboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| CrossTenantUserProfileSharing.ReadWrite, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+POST /directory/inboundSharedUserProfiles/{userId}/removePersonalData
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "inboundshareuserprofile_removepersonaldata"
+}
+-->
+
+``` http
+POST https://graph.microsoft.com/beta/directory/inboundSharedUserProfiles/c228b2ae-c4fb-4eda-9620-7e73dddd1cac/removePersonalData
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Industrydata Azuredatalakeconnector Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request",
- "name": "delete_azuredatalakeconnector",
+ "name": "delete_azuredatalakeconnector_e1",
"sampleKeys": ["8c010e87-c28b-4350-bdc1-65ec29258b93"] } -->
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/dataConnectors/8c010e87-c28b-4350-bdc1-65ec29258b93 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request",
- "name": "get_azuredatalakeconnector",
+ "name": "get_azuredatalakeconnector_e1",
"sampleKeys": ["51dca0a0-85f6-4478-f526-08daddab2271"] } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors/51dca0a0-85f6-4478-f526-08daddab2271 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Getuploadsession https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-getuploadsession.md
If successful, this function returns a `200 OK` response code and a [microsoft.g
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "azuredatalakeconnectorthis.getuploadsession",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors/51dca0a0-85f6-4478-f526-08daddab2271/microsoft.graph.industryData.azureDataLakeConnector/getUploadSession ```
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request",
- "name": "list_azuredatalakeconnector"
+ "name": "list_azuredatalakeconnector_e1"
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_azureDataLakeConnector_from_dataConnectors"
Content-length: 104
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_azuredatalakeconnector",
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Filevalidateoperation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-filevalidateoperation-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_fileValidateOperation",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/operations/581b2ef8-dda2-4a3e-bb62-df13fd4a5808 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Filevalidateoperation List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-filevalidateoperation-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_fileValidateOperation" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/operations ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request",
- "name": "delete_inboundflow"
+ "name": "delete_inboundflow_e1"
} -->
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/inboundFlows/7bd62d17-8c37-4494-f68d-08daddab2911 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_inboundflow",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows/7bd62d17-8c37-4494-f68d-08daddab2911 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request",
- "name": "list_inboundflow"
+ "name": "list_inboundflow_e1"
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_inboundfileflow_from_inboundflows"
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request",
- "name": "update_inboundfileflow"
+ "name": "update_inboundfileflow_e1"
} -->
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_inboundflow",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/inboundFlows/0c629a1a-a85c-4365-bdf0-623a32ca69cb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request",
- "name": "get_inboundflow",
+ "name": "get_inboundflow_e1",
"sampleKeys": ["7bd62d17-8c37-4494-f68d-08daddab2911"] } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows/7bd62d17-8c37-4494-f68d-08daddab2911 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_inboundflow" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_inboundflow_from_inboundFlows"
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_inboundfileflow"
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_azuredatalakeconnector",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/dataConnectors/8c010e87-c28b-4350-bdc1-65ec29258b93 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_azuredatalakeconnector",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors/51dca0a0-85f6-4478-f526-08daddab2271 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_azuredatalakeconnector" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_industrydataconnector_from_dataConnectors"
Content-length: 104
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Validate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-validate.md
If successful, this action returns a `202 Accepted` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "industrydataconnectorthis.validate",
The following is an example of a request.
POST https://graph.microsoft.com/beta/external/industryData/dataConnectors/8c010e87-c28b-4350-bdc1-65ec29258b93/validate ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydatarun Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydatarun-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_industrydatarun",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/runs/918d4a8f-599b-4f6a-b409-e892855db534 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydatarun Getstatistics https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydatarun-getstatistics.md
If successful, this function returns a `200 OK` response code and a [microsoft.g
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "industrydatarunthis.getstatistics",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/runs/918d4a8f-599b-4f6a-b409-e892855db534/getStatistics ```
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydatarun List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydatarun-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_industrydatarun" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/runs ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Referencedefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-referencedefinition-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_referencedefinition",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/referenceDefinitions/RefAcademicSubject-01 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Referencedefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-referencedefinition-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_referencedefinition" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/referenceDefinitions ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Rolegroup Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-rolegroup-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_rolegroup",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/roleGroups/students ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Rolegroup List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-rolegroup-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_rolegroup" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/roleGroups ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_sourcesystemdefinition_from_",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/sourceSystems/0c629a1a-a85c-4365-bdf0-623a32ca69cb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_sourcesystemdefinition",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/sourceSystems/0190210e-8827-4747-6f2b-08dacc885e72 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_sourcesystemdefinition" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/sourceSystems ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_sourcesystemdefinition_from_sourceSystems"
Content-length: 250
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_sourcesystemdefinition",
Content-length: 250
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_yearTimePeriodDefinition_from_",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/years/0c629a1a-a85c-4365-bdf0-623a32ca69cb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_yeartimeperioddefinition",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/years/ebf18762-ab92-487e-21d1-08daddab28bb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_yearTimePeriodDefinition" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/years ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_yeartimeperioddefinition_from_years"
Content-length: 242
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_yeartimeperioddefinition",
Content-length: 242
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Intune Androidfotaservice Zebrafotadeployment Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-androidfotaservice-zebrafotadeployment-create.md
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/zebraFotaDeployments Content-type: application/json
-Content-length: 2024
+Content-length: 2079
{ "@odata.type": "#microsoft.graph.zebraFotaDeployment",
Content-length: 2024
"deploymentStatus": { "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus", "state": "createFailed",
+ "errorCode": "noDevicesFoundInSelectedAadGroups",
"totalDevices": 12, "totalCreated": 12, "totalScheduled": 14,
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 2073
+Content-Length: 2128
{ "@odata.type": "#microsoft.graph.zebraFotaDeployment",
Content-Length: 2073
"deploymentStatus": { "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus", "state": "createFailed",
+ "errorCode": "noDevicesFoundInSelectedAadGroups",
"totalDevices": 12, "totalCreated": 12, "totalScheduled": 14,
v1.0 Intune Androidfotaservice Zebrafotadeployment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-androidfotaservice-zebrafotadeployment-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2194
+Content-Length: 2251
{ "value": {
Content-Length: 2194
"deploymentStatus": { "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus", "state": "createFailed",
+ "errorCode": "noDevicesFoundInSelectedAadGroups",
"totalDevices": 12, "totalCreated": 12, "totalScheduled": 14,
v1.0 Intune Androidfotaservice Zebrafotadeployment List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-androidfotaservice-zebrafotadeployment-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2310
+Content-Length: 2369
{ "value": [
Content-Length: 2310
"deploymentStatus": { "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus", "state": "createFailed",
+ "errorCode": "noDevicesFoundInSelectedAadGroups",
"totalDevices": 12, "totalCreated": 12, "totalScheduled": 14,
v1.0 Intune Androidfotaservice Zebrafotadeployment Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-androidfotaservice-zebrafotadeployment-update.md
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/zebraFotaDeployments/{zebraFotaDeploymentId} Content-type: application/json
-Content-length: 2024
+Content-length: 2079
{ "@odata.type": "#microsoft.graph.zebraFotaDeployment",
Content-length: 2024
"deploymentStatus": { "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus", "state": "createFailed",
+ "errorCode": "noDevicesFoundInSelectedAadGroups",
"totalDevices": 12, "totalCreated": 12, "totalScheduled": 14,
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2073
+Content-Length: 2128
{ "@odata.type": "#microsoft.graph.zebraFotaDeployment",
Content-Length: 2073
"deploymentStatus": { "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus", "state": "createFailed",
+ "errorCode": "noDevicesFoundInSelectedAadGroups",
"totalDevices": 12, "totalCreated": 12, "totalScheduled": 14,
v1.0 Intune Apps Androidlobapp Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-androidlobapp-create.md
The following table shows the properties that are required when you create the a
|fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |packageId|String|The package identifier.|
-|identityName|String|The Identity Name. This property is deprecated starting in February 2023 (Release 2302).|
+|identityName|String|The Identity Name. This property is being deprecated in 2302(February 2023).|
|minimumSupportedOperatingSystem|[androidMinimumOperatingSystem](../resources/intune-apps-androidminimumoperatingsystem.md)|The value for the minimum applicable operating system.| |versionName|String|The version name of Android Line of Business (LoB) app.| |versionCode|String|The version code of Android Line of Business (LoB) app.|
-|identityVersion|String|The identity version. This property is deprecated starting in February 2023 (Release 2302).|
+|identityVersion|String|The identity version. This property is being deprecated in 2302(February 2023).|
v1.0 Intune Apps Androidlobapp Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-androidlobapp-update.md
The following table shows the properties that are required when you create the [
|fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |packageId|String|The package identifier.|
-|identityName|String|The Identity Name. This property is deprecated starting in February 2023 (Release 2302).|
+|identityName|String|The Identity Name. This property is being deprecated in 2302(February 2023).|
|minimumSupportedOperatingSystem|[androidMinimumOperatingSystem](../resources/intune-apps-androidminimumoperatingsystem.md)|The value for the minimum applicable operating system.| |versionName|String|The version name of Android Line of Business (LoB) app.| |versionCode|String|The version code of Android Line of Business (LoB) app.|
-|identityVersion|String|The identity version. This property is deprecated starting in February 2023 (Release 2302).|
+|identityVersion|String|The identity version. This property is being deprecated in 2302(February 2023).|
v1.0 Intune Apps Enterprisecodesigningcertificate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-enterprisecodesigningcertificate-create.md
The following table shows the properties that are required when you create the e
|:|:|:| |id|String|The unique identifier of the certificate, assigned upon creation. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Read-only.| |content|Binary|The Windows Enterprise Code-Signing Certificate in the raw data format. Set to null once certificate has been uploaded and other properties have been populated.|
-|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
+|status|certificateStatus|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
|subjectName|String|The subject name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |subject|String|The subject value for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |issuerName|String|The issuer name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.|
v1.0 Intune Apps Enterprisecodesigningcertificate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-enterprisecodesigningcertificate-update.md
The following table shows the properties that are required when you create the [
|:|:|:| |id|String|The unique identifier of the certificate, assigned upon creation. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Read-only.| |content|Binary|The Windows Enterprise Code-Signing Certificate in the raw data format. Set to null once certificate has been uploaded and other properties have been populated.|
-|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
+|status|certificateStatus|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
|subjectName|String|The subject name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |subject|String|The subject value for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |issuerName|String|The issuer name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.|
v1.0 Intune Apps Macoslobapp Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-macoslobapp-create.md
The following table shows the properties that are required when you create the m
|buildNumber|String|The build number of the package. This should match the package CFBundleShortVersionString of the .pkg file.| |versionNumber|String|The version number of the package. This should match the package CFBundleVersion in the packageinfo file.| |childApps|[macOSLobChildApp](../resources/intune-apps-macoslobchildapp.md) collection|List of ComplexType macOSLobChildApp objects. Represents the apps expected to be installed by the package.|
-|identityVersion|String|The identity version. This property is deprecated starting in 2211(November 2022).|
|md5HashChunkSize|Int32|The chunk size for MD5 hash. This is '0' or empty if the package was uploaded directly. If the Intune App Wrapping Tool is used to create a .intunemac, this value can be found inside the Detection.xml file.| |md5Hash|String collection|The MD5 hash codes. This is empty if the package was uploaded directly. If the Intune App Wrapping Tool is used to create a .intunemac, this value can be found inside the Detection.xml file.| |ignoreVersionDetection|Boolean|When TRUE, indicates that the app's version will NOT be used to detect if the app is installed on a device. When FALSE, indicates that the app's version will be used to detect if the app is installed on a device. Set this to true for apps that use a self update feature.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceAppManagement/mobileApps Content-type: application/json
-Content-length: 1762
+Content-length: 1714
{ "@odata.type": "#microsoft.graph.macOSLobApp",
Content-length: 1762
"versionNumber": "Version Number value" } ],
- "identityVersion": "Identity Version value",
"md5HashChunkSize": 0, "md5Hash": [ "Md5Hash value"
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 1934
+Content-Length: 1886
{ "@odata.type": "#microsoft.graph.macOSLobApp",
Content-Length: 1934
"versionNumber": "Version Number value" } ],
- "identityVersion": "Identity Version value",
"md5HashChunkSize": 0, "md5Hash": [ "Md5Hash value"
v1.0 Intune Apps Macoslobapp Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-macoslobapp-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2079
+Content-Length: 2029
{ "value": {
Content-Length: 2079
"versionNumber": "Version Number value" } ],
- "identityVersion": "Identity Version value",
"md5HashChunkSize": 0, "md5Hash": [ "Md5Hash value"
v1.0 Intune Apps Macoslobapp List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-macoslobapp-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2219
+Content-Length: 2167
{ "value": [
Content-Length: 2219
"versionNumber": "Version Number value" } ],
- "identityVersion": "Identity Version value",
"md5HashChunkSize": 0, "md5Hash": [ "Md5Hash value"
v1.0 Intune Apps Macoslobapp Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-macoslobapp-update.md
The following table shows the properties that are required when you create the [
|buildNumber|String|The build number of the package. This should match the package CFBundleShortVersionString of the .pkg file.| |versionNumber|String|The version number of the package. This should match the package CFBundleVersion in the packageinfo file.| |childApps|[macOSLobChildApp](../resources/intune-apps-macoslobchildapp.md) collection|List of ComplexType macOSLobChildApp objects. Represents the apps expected to be installed by the package.|
-|identityVersion|String|The identity version. This property is deprecated starting in 2211(November 2022).|
|md5HashChunkSize|Int32|The chunk size for MD5 hash. This is '0' or empty if the package was uploaded directly. If the Intune App Wrapping Tool is used to create a .intunemac, this value can be found inside the Detection.xml file.| |md5Hash|String collection|The MD5 hash codes. This is empty if the package was uploaded directly. If the Intune App Wrapping Tool is used to create a .intunemac, this value can be found inside the Detection.xml file.| |ignoreVersionDetection|Boolean|When TRUE, indicates that the app's version will NOT be used to detect if the app is installed on a device. When FALSE, indicates that the app's version will be used to detect if the app is installed on a device. Set this to true for apps that use a self update feature.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceAppManagement/mobileApps/{mobileAppId} Content-type: application/json
-Content-length: 1762
+Content-length: 1714
{ "@odata.type": "#microsoft.graph.macOSLobApp",
Content-length: 1762
"versionNumber": "Version Number value" } ],
- "identityVersion": "Identity Version value",
"md5HashChunkSize": 0, "md5Hash": [ "Md5Hash value"
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 1934
+Content-Length: 1886
{ "@odata.type": "#microsoft.graph.macOSLobApp",
Content-Length: 1934
"versionNumber": "Version Number value" } ],
- "identityVersion": "Identity Version value",
"md5HashChunkSize": 0, "md5Hash": [ "Md5Hash value"
v1.0 Intune Apps Managedandroidlobapp Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-managedandroidlobapp-create.md
The following table shows the properties that are required when you create the m
|fileName|String|The name of the main Lob application file. Inherited from [managedMobileLobApp](../resources/intune-apps-managedmobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [managedMobileLobApp](../resources/intune-apps-managedmobilelobapp.md)| |packageId|String|The package identifier.|
-|identityName|String|The Identity Name. This property is deprecated starting in February 2023 (Release 2302).|
+|identityName|String|The Identity Name. This property is being deprecated in 2302(February 2023).|
|minimumSupportedOperatingSystem|[androidMinimumOperatingSystem](../resources/intune-apps-androidminimumoperatingsystem.md)|The value for the minimum applicable operating system.| |versionName|String|The version name of managed Android Line of Business (LoB) app.| |versionCode|String|The version code of managed Android Line of Business (LoB) app.|
-|identityVersion|String|The identity version. This property is deprecated starting in February 2023 (Release 2302).|
+|identityVersion|String|The identity version. This property is being deprecated in 2302(February 2023).|
v1.0 Intune Apps Managedandroidlobapp Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-managedandroidlobapp-update.md
The following table shows the properties that are required when you create the [
|fileName|String|The name of the main Lob application file. Inherited from [managedMobileLobApp](../resources/intune-apps-managedmobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [managedMobileLobApp](../resources/intune-apps-managedmobilelobapp.md)| |packageId|String|The package identifier.|
-|identityName|String|The Identity Name. This property is deprecated starting in February 2023 (Release 2302).|
+|identityName|String|The Identity Name. This property is being deprecated in 2302(February 2023).|
|minimumSupportedOperatingSystem|[androidMinimumOperatingSystem](../resources/intune-apps-androidminimumoperatingsystem.md)|The value for the minimum applicable operating system.| |versionName|String|The version name of managed Android Line of Business (LoB) app.| |versionCode|String|The version code of managed Android Line of Business (LoB) app.|
-|identityVersion|String|The identity version. This property is deprecated starting in February 2023 (Release 2302).|
+|identityVersion|String|The identity version. This property is being deprecated in 2302(February 2023).|
v1.0 Intune Apps Symanteccodesigningcertificate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-symanteccodesigningcertificate-update.md
The following table shows the properties that are required when you create the [
|:|:|:| |id|String|The key of the entity.| |content|Binary|The Windows Symantec Code-Signing Certificate in the raw data format.|
-|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
+|status|certificateStatus|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
|password|String|The Password required for .pfx file.| |subjectName|String|The Subject Name for the cert.| |subject|String|The Subject value for the cert.|
v1.0 Intune Apps Windowsappx Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-windowsappx-create.md
The following table shows the properties that are required when you create the w
|committedContentVersion|String|The internal committed content version. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
-|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) for which this app can run on. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`, `arm64`.|
-|identityName|String|The Identity Name.|
-|identityPublisherHash|String|The Identity Publisher Hash.|
-|identityResourceIdentifier|String|The Identity Resource Identifier.|
-|isBundle|Boolean|Whether or not the app is a bundle.|
-|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system.|
-|identityVersion|String|The identity version.|
+|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) on which this app can run. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`; default value is `none`. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`, `arm64`.|
+|identityName|String|The identity name of the uploaded app package. For example: "Contoso.DemoApp".|
+|identityPublisherHash|String|The identity publisher hash of the uploaded app package. This is the hash of the publisher from the manifest. For example: "AB82CD0XYZ".|
+|identityResourceIdentifier|String|The identity resource identifier of the uploaded app package. For example: "TestResourceId".|
+|isBundle|Boolean|When TRUE, indicates that the app is a bundle. When FALSE, indicates that the app is not a bundle. By default, property is set to FALSE.|
+|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system. Valid values for a WindowsAppX app include `v8_0`, `v8_1` and `v10_0`. If the app is a bundle, the minimum supported OS has to be at least `v8_1`.|
+|identityVersion|String|The identity version of the uploaded app package. For example: "1.0.0.0".|
v1.0 Intune Apps Windowsappx Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-windowsappx-update.md
The following table shows the properties that are required when you create the [
|committedContentVersion|String|The internal committed content version. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
-|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) for which this app can run on. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`, `arm64`.|
-|identityName|String|The Identity Name.|
-|identityPublisherHash|String|The Identity Publisher Hash.|
-|identityResourceIdentifier|String|The Identity Resource Identifier.|
-|isBundle|Boolean|Whether or not the app is a bundle.|
-|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system.|
-|identityVersion|String|The identity version.|
+|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) on which this app can run. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`; default value is `none`. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`, `arm64`.|
+|identityName|String|The identity name of the uploaded app package. For example: "Contoso.DemoApp".|
+|identityPublisherHash|String|The identity publisher hash of the uploaded app package. This is the hash of the publisher from the manifest. For example: "AB82CD0XYZ".|
+|identityResourceIdentifier|String|The identity resource identifier of the uploaded app package. For example: "TestResourceId".|
+|isBundle|Boolean|When TRUE, indicates that the app is a bundle. When FALSE, indicates that the app is not a bundle. By default, property is set to FALSE.|
+|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system. Valid values for a WindowsAppX app include `v8_0`, `v8_1` and `v10_0`. If the app is a bundle, the minimum supported OS has to be at least `v8_1`.|
+|identityVersion|String|The identity version of the uploaded app package. For example: "1.0.0.0".|
v1.0 Intune Deviceconfig Androidforworkgeneraldeviceconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidforworkgeneraldeviceconfiguration-create.md
The following table shows the properties that are required when you create the a
|vpnEnableAlwaysOnLockdownMode|Boolean|Enable lockdown mode for always-on VPN.| |workProfileAllowWidgets|Boolean|Allow widgets from work profile apps.| |workProfileBlockPersonalAppInstallsFromUnknownSources|Boolean|Prevent app installations from unknown sources in the personal profile.|
+|workProfileAccountUse|[androidWorkProfileAccountUse](../resources/intune-deviceconfig-androidworkprofileaccountuse.md)|Control user's ability to add accounts in work profile including Google accounts. Possible values are: `allowAllExceptGoogleAccounts`, `blockAll`, `allowAll`, `unknownFutureValue`.|
+|allowedGoogleAccountDomains|String collection|Determine domains allow-list for accounts that can be added to work profile.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations Content-type: application/json
-Content-length: 3170
+Content-length: 3296
{ "@odata.type": "#microsoft.graph.androidForWorkGeneralDeviceConfiguration",
Content-length: 3170
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 3342
+Content-Length: 3468
{ "@odata.type": "#microsoft.graph.androidForWorkGeneralDeviceConfiguration",
Content-Length: 3342
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
v1.0 Intune Deviceconfig Androidforworkgeneraldeviceconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidforworkgeneraldeviceconfiguration-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 3513
+Content-Length: 3647
{ "value": {
Content-Length: 3513
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} } ```
v1.0 Intune Deviceconfig Androidforworkgeneraldeviceconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidforworkgeneraldeviceconfiguration-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 3679
+Content-Length: 3821
{ "value": [
Content-Length: 3679
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ] }
v1.0 Intune Deviceconfig Androidforworkgeneraldeviceconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidforworkgeneraldeviceconfiguration-update.md
The following table shows the properties that are required when you create the [
|vpnEnableAlwaysOnLockdownMode|Boolean|Enable lockdown mode for always-on VPN.| |workProfileAllowWidgets|Boolean|Allow widgets from work profile apps.| |workProfileBlockPersonalAppInstallsFromUnknownSources|Boolean|Prevent app installations from unknown sources in the personal profile.|
+|workProfileAccountUse|[androidWorkProfileAccountUse](../resources/intune-deviceconfig-androidworkprofileaccountuse.md)|Control user's ability to add accounts in work profile including Google accounts. Possible values are: `allowAllExceptGoogleAccounts`, `blockAll`, `allowAll`, `unknownFutureValue`.|
+|allowedGoogleAccountDomains|String collection|Determine domains allow-list for accounts that can be added to work profile.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId} Content-type: application/json
-Content-length: 3170
+Content-length: 3296
{ "@odata.type": "#microsoft.graph.androidForWorkGeneralDeviceConfiguration",
Content-length: 3170
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 3342
+Content-Length: 3468
{ "@odata.type": "#microsoft.graph.androidForWorkGeneralDeviceConfiguration",
Content-Length: 3342
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
v1.0 Intune Deviceconfig Androidworkprofilegeneraldeviceconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidworkprofilegeneraldeviceconfiguration-create.md
The following table shows the properties that are required when you create the a
|vpnEnableAlwaysOnLockdownMode|Boolean|Enable lockdown mode for always-on VPN.| |workProfileAllowWidgets|Boolean|Allow widgets from work profile apps.| |workProfileBlockPersonalAppInstallsFromUnknownSources|Boolean|Prevent app installations from unknown sources in the personal profile.|
+|workProfileAccountUse|[androidWorkProfileAccountUse](../resources/intune-deviceconfig-androidworkprofileaccountuse.md)|Control user's ability to add accounts in work profile including Google accounts. Possible values are: `allowAllExceptGoogleAccounts`, `blockAll`, `allowAll`, `unknownFutureValue`.|
+|allowedGoogleAccountDomains|String collection|Determine domains allow-list for accounts that can be added to work profile.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations Content-type: application/json
-Content-length: 3232
+Content-length: 3358
{ "@odata.type": "#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration",
Content-length: 3232
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 3404
+Content-Length: 3530
{ "@odata.type": "#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration",
Content-Length: 3404
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
v1.0 Intune Deviceconfig Androidworkprofilegeneraldeviceconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidworkprofilegeneraldeviceconfiguration-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 3577
+Content-Length: 3711
{ "value": {
Content-Length: 3577
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} } ```
v1.0 Intune Deviceconfig Androidworkprofilegeneraldeviceconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidworkprofilegeneraldeviceconfiguration-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 3745
+Content-Length: 3887
{ "value": [
Content-Length: 3745
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ] }
v1.0 Intune Deviceconfig Androidworkprofilegeneraldeviceconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidworkprofilegeneraldeviceconfiguration-update.md
The following table shows the properties that are required when you create the [
|vpnEnableAlwaysOnLockdownMode|Boolean|Enable lockdown mode for always-on VPN.| |workProfileAllowWidgets|Boolean|Allow widgets from work profile apps.| |workProfileBlockPersonalAppInstallsFromUnknownSources|Boolean|Prevent app installations from unknown sources in the personal profile.|
+|workProfileAccountUse|[androidWorkProfileAccountUse](../resources/intune-deviceconfig-androidworkprofileaccountuse.md)|Control user's ability to add accounts in work profile including Google accounts. Possible values are: `allowAllExceptGoogleAccounts`, `blockAll`, `allowAll`, `unknownFutureValue`.|
+|allowedGoogleAccountDomains|String collection|Determine domains allow-list for accounts that can be added to work profile.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId} Content-type: application/json
-Content-length: 3232
+Content-length: 3358
{ "@odata.type": "#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration",
Content-length: 3232
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 3404
+Content-Length: 3530
{ "@odata.type": "#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration",
Content-Length: 3404
"vpnAlwaysOnPackageIdentifier": "Vpn Always On Package Identifier value", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "blockAll",
+ "allowedGoogleAccountDomains": [
+ "Allowed Google Account Domains value"
+ ]
} ```
v1.0 Intune Deviceconfig Devicemanagement Enableendpointprivilegemanagement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-devicemanagement-enableendpointprivilegemanagement.md
- Title: "enableEndpointPrivilegeManagement action"
-description: "Triggers onboarding of tenant to Microsoft Managed Platform - Cloud (MMP-C)."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# enableEndpointPrivilegeManagement action
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Triggers onboarding of tenant to Microsoft Managed Platform - Cloud (MMP-C).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/enableEndpointPrivilegeManagement
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this action returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/enableEndpointPrivilegeManagement
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Deviceconfig Endpointprivilegemanagementprovisioningstatus Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus-get.md
- Title: "Get endpointPrivilegeManagementProvisioningStatus"
-description: "Read properties and relationships of the endpointPrivilegeManagementProvisioningStatus object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get endpointPrivilegeManagementProvisioningStatus
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/endpointPrivilegeManagementProvisioningStatus
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/endpointPrivilegeManagementProvisioningStatus
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 237
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.endpointPrivilegeManagementProvisioningStatus",
- "id": "49a26797-6797-49a2-9767-a2499767a249",
- "licenseType": "paid",
- "onboardedToMicrosoftManagedPlatform": true
- }
-}
-```
v1.0 Intune Deviceconfig Endpointprivilegemanagementprovisioningstatus Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus-update.md
- Title: "Update endpointPrivilegeManagementProvisioningStatus"
-description: "Update the properties of a endpointPrivilegeManagementProvisioningStatus object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update endpointPrivilegeManagementProvisioningStatus
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /deviceManagement/endpointPrivilegeManagementProvisioningStatus
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md) object.
-
-The following table shows the properties that are required when you create the [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|A unique identifier represents Intune Account identifier.|
-|licenseType|[licenseType](../resources/intune-deviceconfig-licensetype.md)|Indicates whether tenant has a valid Intune Endpoint Privilege Management license. Possible value are : 0 - notPaid, 1 - paid, 2 - trial. See LicenseType enum for more details. Default notPaid. Possible values are: `notPaid`, `paid`, `trial`, `unknownFutureValue`.|
-|onboardedToMicrosoftManagedPlatform|Boolean|Indicates whether tenant is onboarded to Microsoft Managed Platform - Cloud (MMPC). When set to true, implies tenant is onboarded and when set to false, implies tenant is not onboarded. Default set to false.|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/deviceManagement/endpointPrivilegeManagementProvisioningStatus
-Content-type: application/json
-Content-length: 161
-
-{
- "@odata.type": "#microsoft.graph.endpointPrivilegeManagementProvisioningStatus",
- "licenseType": "paid",
- "onboardedToMicrosoftManagedPlatform": true
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 210
-
-{
- "@odata.type": "#microsoft.graph.endpointPrivilegeManagementProvisioningStatus",
- "id": "49a26797-6797-49a2-9767-a2499767a249",
- "licenseType": "paid",
- "onboardedToMicrosoftManagedPlatform": true
-}
-```
v1.0 Intune Deviceconfig Macosgeneraldeviceconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosgeneraldeviceconfiguration-create.md
The following table shows the properties that are required when you create the m
|touchIdTimeoutInHours|Int32|Maximum hours after which the user must enter their password to unlock the device instead of using Touch ID. Available for devices running macOS 12 and later. Valid values 0 to 2147483647| |iCloudPrivateRelayBlocked|Boolean|iCloud private relay is an iCloud+ service that prevents networks and servers from monitoring a person's activity across the internet. By blocking iCloud private relay, Apple will not encrypt the traffic leaving the device. Available for devices running macOS 12 and later.| |iCloudDesktopAndDocumentsBlocked|Boolean|When TRUE the synchronization of cloud desktop and documents is blocked. When FALSE, synchronization of the cloud desktop and documents are allowed. Available for devices running macOS 10.12.4 and later.|
+|activationLockWhenSupervisedAllowed|Boolean|When TRUE, activation lock is allowed when the devices is in the supervised mode. When FALSE, activation lock is not allowed. Default is false.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations Content-type: application/json
-Content-length: 5014
+Content-length: 5062
{ "@odata.type": "#microsoft.graph.macOSGeneralDeviceConfiguration",
Content-length: 5014
"softwareUpdateNonOSDeferredInstallDelayInDays": 13, "touchIdTimeoutInHours": 5, "iCloudPrivateRelayBlocked": true,
- "iCloudDesktopAndDocumentsBlocked": true
+ "iCloudDesktopAndDocumentsBlocked": true,
+ "activationLockWhenSupervisedAllowed": true
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 5186
+Content-Length: 5234
{ "@odata.type": "#microsoft.graph.macOSGeneralDeviceConfiguration",
Content-Length: 5186
"softwareUpdateNonOSDeferredInstallDelayInDays": 13, "touchIdTimeoutInHours": 5, "iCloudPrivateRelayBlocked": true,
- "iCloudDesktopAndDocumentsBlocked": true
+ "iCloudDesktopAndDocumentsBlocked": true,
+ "activationLockWhenSupervisedAllowed": true
} ```
v1.0 Intune Deviceconfig Macosgeneraldeviceconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosgeneraldeviceconfiguration-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 5483
+Content-Length: 5533
{ "value": {
Content-Length: 5483
"softwareUpdateNonOSDeferredInstallDelayInDays": 13, "touchIdTimeoutInHours": 5, "iCloudPrivateRelayBlocked": true,
- "iCloudDesktopAndDocumentsBlocked": true
+ "iCloudDesktopAndDocumentsBlocked": true,
+ "activationLockWhenSupervisedAllowed": true
} } ```
v1.0 Intune Deviceconfig Macosgeneraldeviceconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosgeneraldeviceconfiguration-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 5775
+Content-Length: 5827
{ "value": [
Content-Length: 5775
"softwareUpdateNonOSDeferredInstallDelayInDays": 13, "touchIdTimeoutInHours": 5, "iCloudPrivateRelayBlocked": true,
- "iCloudDesktopAndDocumentsBlocked": true
+ "iCloudDesktopAndDocumentsBlocked": true,
+ "activationLockWhenSupervisedAllowed": true
} ] }
v1.0 Intune Deviceconfig Macosgeneraldeviceconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosgeneraldeviceconfiguration-update.md
The following table shows the properties that are required when you create the [
|touchIdTimeoutInHours|Int32|Maximum hours after which the user must enter their password to unlock the device instead of using Touch ID. Available for devices running macOS 12 and later. Valid values 0 to 2147483647| |iCloudPrivateRelayBlocked|Boolean|iCloud private relay is an iCloud+ service that prevents networks and servers from monitoring a person's activity across the internet. By blocking iCloud private relay, Apple will not encrypt the traffic leaving the device. Available for devices running macOS 12 and later.| |iCloudDesktopAndDocumentsBlocked|Boolean|When TRUE the synchronization of cloud desktop and documents is blocked. When FALSE, synchronization of the cloud desktop and documents are allowed. Available for devices running macOS 10.12.4 and later.|
+|activationLockWhenSupervisedAllowed|Boolean|When TRUE, activation lock is allowed when the devices is in the supervised mode. When FALSE, activation lock is not allowed. Default is false.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId} Content-type: application/json
-Content-length: 5014
+Content-length: 5062
{ "@odata.type": "#microsoft.graph.macOSGeneralDeviceConfiguration",
Content-length: 5014
"softwareUpdateNonOSDeferredInstallDelayInDays": 13, "touchIdTimeoutInHours": 5, "iCloudPrivateRelayBlocked": true,
- "iCloudDesktopAndDocumentsBlocked": true
+ "iCloudDesktopAndDocumentsBlocked": true,
+ "activationLockWhenSupervisedAllowed": true
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 5186
+Content-Length: 5234
{ "@odata.type": "#microsoft.graph.macOSGeneralDeviceConfiguration",
Content-Length: 5186
"softwareUpdateNonOSDeferredInstallDelayInDays": 13, "touchIdTimeoutInHours": 5, "iCloudPrivateRelayBlocked": true,
- "iCloudDesktopAndDocumentsBlocked": true
+ "iCloudDesktopAndDocumentsBlocked": true,
+ "activationLockWhenSupervisedAllowed": true
} ```
v1.0 Intune Deviceconfig Macossoftwareupdateconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macossoftwareupdateconfiguration-create.md
The following table shows the properties that are required when you create the m
|updateScheduleType|[macOSSoftwareUpdateScheduleType](../resources/intune-deviceconfig-macossoftwareupdatescheduletype.md)|Update schedule type. Possible values are: `alwaysUpdate`, `updateDuringTimeWindows`, `updateOutsideOfTimeWindows`.| |customUpdateTimeWindows|[customUpdateTimeWindow](../resources/intune-deviceconfig-customupdatetimewindow.md) collection|Custom Time windows when updates will be allowed or blocked. This collection can contain a maximum of 20 elements.| |updateTimeWindowUtcOffsetInMinutes|Int32|Minutes indicating UTC offset for each update time window|
+|maxUserDeferralsCount|Int32|The maximum number of times the system allows the user to postpone an update before itΓÇÖs installed. Supported values: 0 - 366. Valid values 0 to 365|
+|priority|[macOSPriority](../resources/intune-deviceconfig-macospriority.md)|The scheduling priority for downloading and preparing the requested update. Default: Low. Possible values: Null, Low, High. Possible values are: `low`, `high`, `unknownFutureValue`.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations Content-type: application/json
-Content-length: 1542
+Content-length: 1596
{ "@odata.type": "#microsoft.graph.macOSSoftwareUpdateConfiguration",
Content-length: 1542
"endTime": "12:03:02.3740000" } ],
- "updateTimeWindowUtcOffsetInMinutes": 2
+ "updateTimeWindowUtcOffsetInMinutes": 2,
+ "maxUserDeferralsCount": 5,
+ "priority": "high"
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 1714
+Content-Length: 1768
{ "@odata.type": "#microsoft.graph.macOSSoftwareUpdateConfiguration",
Content-Length: 1714
"endTime": "12:03:02.3740000" } ],
- "updateTimeWindowUtcOffsetInMinutes": 2
+ "updateTimeWindowUtcOffsetInMinutes": 2,
+ "maxUserDeferralsCount": 5,
+ "priority": "high"
} ```
v1.0 Intune Deviceconfig Macossoftwareupdateconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macossoftwareupdateconfiguration-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 1827
+Content-Length: 1885
{ "value": {
Content-Length: 1827
"endTime": "12:03:02.3740000" } ],
- "updateTimeWindowUtcOffsetInMinutes": 2
+ "updateTimeWindowUtcOffsetInMinutes": 2,
+ "maxUserDeferralsCount": 5,
+ "priority": "high"
} } ```
v1.0 Intune Deviceconfig Macossoftwareupdateconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macossoftwareupdateconfiguration-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 1935
+Content-Length: 1997
{ "value": [
Content-Length: 1935
"endTime": "12:03:02.3740000" } ],
- "updateTimeWindowUtcOffsetInMinutes": 2
+ "updateTimeWindowUtcOffsetInMinutes": 2,
+ "maxUserDeferralsCount": 5,
+ "priority": "high"
} ] }
v1.0 Intune Deviceconfig Macossoftwareupdateconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macossoftwareupdateconfiguration-update.md
The following table shows the properties that are required when you create the [
|updateScheduleType|[macOSSoftwareUpdateScheduleType](../resources/intune-deviceconfig-macossoftwareupdatescheduletype.md)|Update schedule type. Possible values are: `alwaysUpdate`, `updateDuringTimeWindows`, `updateOutsideOfTimeWindows`.| |customUpdateTimeWindows|[customUpdateTimeWindow](../resources/intune-deviceconfig-customupdatetimewindow.md) collection|Custom Time windows when updates will be allowed or blocked. This collection can contain a maximum of 20 elements.| |updateTimeWindowUtcOffsetInMinutes|Int32|Minutes indicating UTC offset for each update time window|
+|maxUserDeferralsCount|Int32|The maximum number of times the system allows the user to postpone an update before itΓÇÖs installed. Supported values: 0 - 366. Valid values 0 to 365|
+|priority|[macOSPriority](../resources/intune-deviceconfig-macospriority.md)|The scheduling priority for downloading and preparing the requested update. Default: Low. Possible values: Null, Low, High. Possible values are: `low`, `high`, `unknownFutureValue`.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId} Content-type: application/json
-Content-length: 1542
+Content-length: 1596
{ "@odata.type": "#microsoft.graph.macOSSoftwareUpdateConfiguration",
Content-length: 1542
"endTime": "12:03:02.3740000" } ],
- "updateTimeWindowUtcOffsetInMinutes": 2
+ "updateTimeWindowUtcOffsetInMinutes": 2,
+ "maxUserDeferralsCount": 5,
+ "priority": "high"
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 1714
+Content-Length: 1768
{ "@odata.type": "#microsoft.graph.macOSSoftwareUpdateConfiguration",
Content-Length: 1714
"endTime": "12:03:02.3740000" } ],
- "updateTimeWindowUtcOffsetInMinutes": 2
+ "updateTimeWindowUtcOffsetInMinutes": 2,
+ "maxUserDeferralsCount": 5,
+ "priority": "high"
} ```
v1.0 Intune Deviceconfig Windows10vpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-windows10vpnconfiguration-create.md
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations Content-type: application/json
-Content-length: 4525
+Content-length: 4566
{ "@odata.type": "#microsoft.graph.windows10VpnConfiguration",
Content-length: 4525
"appId": "App Id value", "appType": "desktop", "routingPolicyType": "splitTunnel",
- "claims": "Claims value"
+ "claims": "Claims value",
+ "vpnTrafficDirection": "inbound"
} ], "routes": [
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 4697
+Content-Length: 4738
{ "@odata.type": "#microsoft.graph.windows10VpnConfiguration",
Content-Length: 4697
"appId": "App Id value", "appType": "desktop", "routingPolicyType": "splitTunnel",
- "claims": "Claims value"
+ "claims": "Claims value",
+ "vpnTrafficDirection": "inbound"
} ], "routes": [
v1.0 Intune Deviceconfig Windows10vpnconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-windows10vpnconfiguration-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 5014
+Content-Length: 5057
{ "value": {
Content-Length: 5014
"appId": "App Id value", "appType": "desktop", "routingPolicyType": "splitTunnel",
- "claims": "Claims value"
+ "claims": "Claims value",
+ "vpnTrafficDirection": "inbound"
} ], "routes": [
v1.0 Intune Deviceconfig Windows10vpnconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-windows10vpnconfiguration-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 5326
+Content-Length: 5371
{ "value": [
Content-Length: 5326
"appId": "App Id value", "appType": "desktop", "routingPolicyType": "splitTunnel",
- "claims": "Claims value"
+ "claims": "Claims value",
+ "vpnTrafficDirection": "inbound"
} ], "routes": [
v1.0 Intune Deviceconfig Windows10vpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-windows10vpnconfiguration-update.md
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId} Content-type: application/json
-Content-length: 4525
+Content-length: 4566
{ "@odata.type": "#microsoft.graph.windows10VpnConfiguration",
Content-length: 4525
"appId": "App Id value", "appType": "desktop", "routingPolicyType": "splitTunnel",
- "claims": "Claims value"
+ "claims": "Claims value",
+ "vpnTrafficDirection": "inbound"
} ], "routes": [
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 4697
+Content-Length: 4738
{ "@odata.type": "#microsoft.graph.windows10VpnConfiguration",
Content-Length: 4697
"appId": "App Id value", "appType": "desktop", "routingPolicyType": "splitTunnel",
- "claims": "Claims value"
+ "claims": "Claims value",
+ "vpnTrafficDirection": "inbound"
} ], "routes": [
v1.0 Intune Deviceconfigv2 Devicemanagementcompliancepolicy Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementcompliancepolicy-create.md
The following table shows the properties that are required when you create the d
|id|String|Key of the policy document. Automatically generated.| |name|String|Policy name| |description|String|Policy description|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time. This property is read-only.| |settingCount|Int32|Number of settings. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementcompliancepolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementcompliancepolicy-update.md
The following table shows the properties that are required when you create the [
|id|String|Key of the policy document. Automatically generated.| |name|String|Policy name| |description|String|Policy description|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time. This property is read-only.| |settingCount|Int32|Number of settings. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationcategory Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationcategory-create.md
The following table shows the properties that are required when you create the d
|helpText|String|Help text of the item| |name|String|Name of the item| |displayName|String|Display name of the item|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
|parentCategoryId|String|Parent id of the category.| |rootCategoryId|String|Root id of the category.| |childCategoryIds|String collection|List of child ids of the category.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationcategory Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationcategory-update.md
The following table shows the properties that are required when you create the [
|helpText|String|Help text of the item| |name|String|Name of the item| |displayName|String|Display name of the item|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
|parentCategoryId|String|Parent id of the category.| |rootCategoryId|String|Root id of the category.| |childCategoryIds|String collection|List of child ids of the category.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingcollectiondefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingcollectiondefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-shared-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md)|
-|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
|maximumCount|Int32|Maximum number of choices in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of choices in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingcollectiondefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingcollectiondefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-shared-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md)|
-|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
|maximumCount|Int32|Maximum number of choices in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of choices in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition-create.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Create a new [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) object.
+Create a new [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-shared-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected|
|defaultOptionId|String|Default option for choice setting| ## Response
-If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) object in the response body.
+If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition-delete.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Deletes a [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md).
+Deletes a [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md).
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition-get.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Read properties and relationships of the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) object.
+Read properties and relationships of the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
This method supports the [OData Query Parameters](/graph/query-parameters) to he
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition-list.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-List properties and relationships of the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) objects.
+List properties and relationships of the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) objects.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
GET /deviceManagement/configurationPolicyTemplates/{deviceManagementConfiguratio
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) objects in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition-update.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Update the properties of a [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) object.
+Update the properties of a [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
PATCH /deviceManagement/configurationPolicyTemplates/{deviceManagementConfigurat
|Accept|application/json| ## Request body
-In the request body, supply a JSON representation for the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) object.
+In the request body, supply a JSON representation for the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) object.
-The following table shows the properties that are required when you create the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md).
+The following table shows the properties that are required when you create the [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md).
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-shared-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected|
|defaultOptionId|String|Default option for choice setting| ## Response
-If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicy Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicy-create.md
The following table shows the properties that are required when you create the d
|id|String|Key of the policy document. Automatically generated.| |name|String|Policy name| |description|String|Policy description|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time| |settingCount|Int32|Number of settings|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicy-update.md
The following table shows the properties that are required when you create the [
|id|String|Key of the policy document. Automatically generated.| |name|String|Policy name| |description|String|Policy description|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time| |settingCount|Int32|Number of settings|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicytemplate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicytemplate-create.md
The following table shows the properties that are required when you create the d
|description|String|Template description| |displayVersion|String|Description of template version| |lifecycleState|[deviceManagementTemplateLifecycleState](../resources/intune-deviceconfigv2-devicemanagementtemplatelifecyclestate.md)|Indicate current lifecycle state of template. Possible values are: `invalid`, `draft`, `active`, `superseded`, `deprecated`, `retired`.|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|templateFamily|[deviceManagementConfigurationTemplateFamily](../resources/intune-deviceconfigv2-devicemanagementconfigurationtemplatefamily.md)|TemplateFamily for this template. Possible values are: `none`, `endpointSecurityAntivirus`, `endpointSecurityDiskEncryption`, `endpointSecurityFirewall`, `endpointSecurityEndpointDetectionAndResponse`, `endpointSecurityAttackSurfaceReduction`, `endpointSecurityAccountProtection`, `endpointSecurityApplicationControl`, `endpointSecurityEndpointPrivilegeManagement`, `enrollmentConfiguration`, `appQuietTime`, `baseline`, `unknownFutureValue`, `deviceConfigurationScripts`.| |allowUnmanagedSettings|Boolean|Allow unmanaged setting templates| |settingTemplateCount|Int32|Number of setting templates. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicytemplate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicytemplate-update.md
The following table shows the properties that are required when you create the [
|description|String|Template description| |displayVersion|String|Description of template version| |lifecycleState|[deviceManagementTemplateLifecycleState](../resources/intune-deviceconfigv2-devicemanagementtemplatelifecyclestate.md)|Indicate current lifecycle state of template. Possible values are: `invalid`, `draft`, `active`, `superseded`, `deprecated`, `retired`.|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|templateFamily|[deviceManagementConfigurationTemplateFamily](../resources/intune-deviceconfigv2-devicemanagementconfigurationtemplatefamily.md)|TemplateFamily for this template. Possible values are: `none`, `endpointSecurityAntivirus`, `endpointSecurityDiskEncryption`, `endpointSecurityFirewall`, `endpointSecurityEndpointDetectionAndResponse`, `endpointSecurityAttackSurfaceReduction`, `endpointSecurityAccountProtection`, `endpointSecurityApplicationControl`, `endpointSecurityEndpointPrivilegeManagement`, `enrollmentConfiguration`, `appQuietTime`, `baseline`, `unknownFutureValue`, `deviceConfigurationScripts`.| |allowUnmanagedSettings|Boolean|Allow unmanaged setting templates| |settingTemplateCount|Int32|Number of setting templates. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition-create.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Create a new [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) object.
+Create a new [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|deepLink|String|A deep link that points to the specific location in the Intune console where feature support must be managed from.| |redirectMessage|String|A message that explains that clicking the link will redirect the user to a supported page to manage the settings.| |redirectReason|String|Indicates the reason for redirecting the user to an alternative location in the console. For example: WiFi profiles are not supported in the settings catalog and must be created with a template policy.|
The following table shows the properties that are required when you create the d
## Response
-If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) object in the response body.
+If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition-delete.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Deletes a [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md).
+Deletes a [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md).
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition-get.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Read properties and relationships of the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) object.
+Read properties and relationships of the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
This method supports the [OData Query Parameters](/graph/query-parameters) to he
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition-list.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-List properties and relationships of the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) objects.
+List properties and relationships of the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) objects.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
GET /deviceManagement/configurationPolicyTemplates/{deviceManagementConfiguratio
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) objects in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition-update.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Update the properties of a [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) object.
+Update the properties of a [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
PATCH /deviceManagement/configurationPolicyTemplates/{deviceManagementConfigurat
|Accept|application/json| ## Request body
-In the request body, supply a JSON representation for the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) object.
+In the request body, supply a JSON representation for the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) object.
-The following table shows the properties that are required when you create the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md).
+The following table shows the properties that are required when you create the [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md).
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|deepLink|String|A deep link that points to the specific location in the Intune console where feature support must be managed from.| |redirectMessage|String|A message that explains that clicking the link will redirect the user to a supported page to manage the settings.| |redirectReason|String|Indicates the reason for redirecting the user to an alternative location in the console. For example: WiFi profiles are not supported in the settings catalog and must be created with a template policy.|
The following table shows the properties that are required when you create the [
## Response
-If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-shared-devicemanagementconfigurationredirectsettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationRedirectSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsetting Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsetting-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:| |id|String|Key of this setting within the policy which contains it. Automatically generated.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
+|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsetting-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of this setting within the policy which contains it. Automatically generated.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
+|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition-create.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Create a new [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) object.
+Create a new [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting. Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting. Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
|keywords|String collection|Tokens which to search settings on| |infoUrls|String collection|List of links more info for the setting can be found at|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not|
|baseUri|String|Base CSP Path| |offsetUri|String|Offset CSP Path from Base| |rootDefinitionId|String|Root setting definition if the setting is a child setting.| |categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance. Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance. Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information.|
|id|String|Identifier for item| |description|String|Description of the item| |helpText|String|Help text of the item|
The following table shows the properties that are required when you create the d
## Response
-If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) object in the response body.
+If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition-delete.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Deletes a [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md).
+Deletes a [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md).
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition-get.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Read properties and relationships of the [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) object.
+Read properties and relationships of the [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
This method supports the [OData Query Parameters](/graph/query-parameters) to he
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition-list.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-List properties and relationships of the [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) objects.
+List properties and relationships of the [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) objects.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
GET /deviceManagement/configurationPolicyTemplates/{deviceManagementConfiguratio
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) objects in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition-update.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Update the properties of a [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) object.
+Update the properties of a [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
PATCH /deviceManagement/configurationPolicyTemplates/{deviceManagementConfigurat
|Accept|application/json| ## Request body
-In the request body, supply a JSON representation for the [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) object.
+In the request body, supply a JSON representation for the [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) object.
-The following table shows the properties that are required when you create the [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md).
+The following table shows the properties that are required when you create the [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md).
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting. Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting. Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
|keywords|String collection|Tokens which to search settings on| |infoUrls|String collection|List of links more info for the setting can be found at|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not|
|baseUri|String|Base CSP Path| |offsetUri|String|Offset CSP Path from Base| |rootDefinitionId|String|Root setting definition if the setting is a child setting.| |categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance. Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance. Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information.|
|id|String|Identifier for item| |description|String|Description of the item| |helpText|String|Help text of the item|
The following table shows the properties that are required when you create the [
## Response
-If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupcollectiondefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupcollectiondefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
|maximumCount|Int32|Maximum number of setting group count in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of setting group count in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupcollectiondefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupcollectiondefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
|maximumCount|Int32|Maximum number of setting group count in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of setting group count in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition-create.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Create a new [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) object.
+Create a new [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|childIds|String collection|Dependent child settings to this group of settings|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting|
## Response
-If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) object in the response body.
+If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition-delete.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Deletes a [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md).
+Deletes a [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md).
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition-get.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Read properties and relationships of the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) object.
+Read properties and relationships of the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
This method supports the [OData Query Parameters](/graph/query-parameters) to he
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition-list.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-List properties and relationships of the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) objects.
+List properties and relationships of the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) objects.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
GET /deviceManagement/configurationPolicyTemplates/{deviceManagementConfiguratio
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) objects in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition-update.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Update the properties of a [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) object.
+Update the properties of a [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
PATCH /deviceManagement/configurationPolicyTemplates/{deviceManagementConfigurat
|Accept|application/json| ## Request body
-In the request body, supply a JSON representation for the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) object.
+In the request body, supply a JSON representation for the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) object.
-The following table shows the properties that are required when you create the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md).
+The following table shows the properties that are required when you create the [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md).
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|childIds|String collection|Dependent child settings to this group of settings|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting|
## Response
-If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingcollectiondefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingcollectiondefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-shared-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-shared-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
|maximumCount|Int32|Maximum number of simple settings in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of simple settings in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingcollectiondefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingcollectiondefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-shared-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-shared-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
|maximumCount|Int32|Maximum number of simple settings in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of simple settings in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition-create.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Create a new [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) object.
+Create a new [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-shared-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-shared-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting|
## Response
-If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) object in the response body.
+If successful, this method returns a `201 Created` response code and a [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition-delete.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Deletes a [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md).
+Deletes a [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md).
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition-get.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Read properties and relationships of the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) object.
+Read properties and relationships of the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
This method supports the [OData Query Parameters](/graph/query-parameters) to he
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition-list.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-List properties and relationships of the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) objects.
+List properties and relationships of the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) objects.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
GET /deviceManagement/configurationPolicyTemplates/{deviceManagementConfiguratio
Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) objects in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition-update.md
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Update the properties of a [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) object.
+Update the properties of a [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
PATCH /deviceManagement/configurationPolicyTemplates/{deviceManagementConfigurat
|Accept|application/json| ## Request body
-In the request body, supply a JSON representation for the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) object.
+In the request body, supply a JSON representation for the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) object.
-The following table shows the properties that are required when you create the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md).
+The following table shows the properties that are required when you create the [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md).
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-shared-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-shared-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting|
## Response
-If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md) object in the response body.
+If successful, this method returns a `200 OK` response code and an updated [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md) object in the response body.
## Example
v1.0 Intune Deviceconfigv2 Devicemanagementreusablepolicysetting Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementreusablepolicysetting-create.md
The following table shows the properties that are required when you create the d
|displayName|String|reusable setting display name supplied by user.| |description|String|reusable setting description supplied by user.| |settingDefinitionId|String|setting definition id associated with this reusable setting.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|reusable setting configuration instance|
+|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinginstance.md)|reusable setting configuration instance|
|createdDateTime|DateTimeOffset|reusable setting creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|date and time when reusable setting was last modified. This property is read-only.| |version|Int32|version number for reusable setting. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementreusablepolicysetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementreusablepolicysetting-update.md
The following table shows the properties that are required when you create the [
|displayName|String|reusable setting display name supplied by user.| |description|String|reusable setting description supplied by user.| |settingDefinitionId|String|setting definition id associated with this reusable setting.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|reusable setting configuration instance|
+|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinginstance.md)|reusable setting configuration instance|
|createdDateTime|DateTimeOffset|reusable setting creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|date and time when reusable setting was last modified. This property is read-only.| |version|Int32|version number for reusable setting. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceintent Devicemanagementintent Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceintent-devicemanagementintent-create.md
The following table shows the properties that are required when you create the d
|displayName|String|The user given display name| |description|String|The user given description| |isAssigned|Boolean|Signifies whether or not the intent is assigned to users|
+|isMigratingToConfigurationPolicy|Boolean|Signifies whether or not the intent is being migrated to the configurationPolicies endpoint|
|lastModifiedDateTime|DateTimeOffset|When the intent was last modified| |templateId|String|The ID of the template this intent was created from (if any)| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/intents Content-type: application/json
-Content-length: 266
+Content-length: 311
{ "@odata.type": "#microsoft.graph.deviceManagementIntent", "displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"templateId": "Template Id value", "roleScopeTagIds": [ "Role Scope Tag Ids value"
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 379
+Content-Length: 424
{ "@odata.type": "#microsoft.graph.deviceManagementIntent",
Content-Length: 379
"displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "templateId": "Template Id value", "roleScopeTagIds": [
v1.0 Intune Deviceintent Devicemanagementintent Createcopy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceintent-devicemanagementintent-createcopy.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 418
+Content-Length: 465
{ "value": {
Content-Length: 418
"displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "templateId": "Template Id value", "roleScopeTagIds": [
v1.0 Intune Deviceintent Devicemanagementintent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceintent-devicemanagementintent-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 418
+Content-Length: 465
{ "value": {
Content-Length: 418
"displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "templateId": "Template Id value", "roleScopeTagIds": [
v1.0 Intune Deviceintent Devicemanagementintent List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceintent-devicemanagementintent-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 452
+Content-Length: 501
{ "value": [
Content-Length: 452
"displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "templateId": "Template Id value", "roleScopeTagIds": [
v1.0 Intune Deviceintent Devicemanagementintent Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceintent-devicemanagementintent-update.md
The following table shows the properties that are required when you create the [
|displayName|String|The user given display name| |description|String|The user given description| |isAssigned|Boolean|Signifies whether or not the intent is assigned to users|
+|isMigratingToConfigurationPolicy|Boolean|Signifies whether or not the intent is being migrated to the configurationPolicies endpoint|
|lastModifiedDateTime|DateTimeOffset|When the intent was last modified| |templateId|String|The ID of the template this intent was created from (if any)| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/intents/{deviceManagementIntentId} Content-type: application/json
-Content-length: 266
+Content-length: 311
{ "@odata.type": "#microsoft.graph.deviceManagementIntent", "displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"templateId": "Template Id value", "roleScopeTagIds": [ "Role Scope Tag Ids value"
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 379
+Content-Length: 424
{ "@odata.type": "#microsoft.graph.deviceManagementIntent",
Content-Length: 379
"displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "templateId": "Template Id value", "roleScopeTagIds": [
v1.0 Intune Deviceintent Devicemanagementtemplate Createinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceintent-devicemanagementtemplate-createinstance.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 418
+Content-Length: 465
{ "value": {
Content-Length: 418
"displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "templateId": "Template Id value", "roleScopeTagIds": [
v1.0 Intune Deviceintent Devicemanagementtemplate Importoffice365deviceconfigurationpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceintent-devicemanagementtemplate-importoffice365deviceconfigurationpolicies.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 452
+Content-Length: 501
{ "value": [
Content-Length: 452
"displayName": "Display Name value", "description": "Description value", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "templateId": "Template Id value", "roleScopeTagIds": [
v1.0 Intune Devices Manageddevice Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-manageddevice-get.md
GET /deviceManagement/deviceManagementScripts/{deviceManagementScriptId}/deviceR
GET /deviceManagement/deviceManagementScripts/{deviceManagementScriptId}/deviceRunStates/{deviceManagementScriptDeviceStateId}/managedDevice/detectedApps/{detectedAppId}/managedDevices/{managedDeviceId} ```
+## Optional query parameters
+This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+ ## Request headers |Header|Value| |:|:|
v1.0 Intune Enrollment Depenrollmentprofile Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depenrollmentprofile-create.md
The following table shows the properties that are required when you create the d
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. [See here](/mem/intune/enrollment/windows-enrollment-methods) for additional information.|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information.|
|supportDepartment|String|Support department information| |passCodeDisabled|Boolean|Indicates if Passcode setup pane is disabled| |isMandatory|Boolean|Indicates if the profile is mandatory|
v1.0 Intune Enrollment Depenrollmentprofile Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depenrollmentprofile-update.md
The following table shows the properties that are required when you create the [
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. [See here](/mem/intune/enrollment/windows-enrollment-methods) for additional information.|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information.|
|supportDepartment|String|Support department information| |passCodeDisabled|Boolean|Indicates if Passcode setup pane is disabled| |isMandatory|Boolean|Indicates if the profile is mandatory|
v1.0 Intune Enrollment Depiosenrollmentprofile Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depiosenrollmentprofile-create.md
The following table shows the properties that are required when you create the d
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. [See more](/mem/intune/enrollment/windows-enrollment-methods) for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
|supportDepartment|String|Support department information Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |isMandatory|Boolean|Indicates if the profile is mandatory Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |locationDisabled|Boolean|Indicates if Location service setup pane is disabled Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
The following table shows the properties that are required when you create the d
|userSessionTimeoutInSeconds|Int32|Indicates timeout of temporary session| |passcodeLockGracePeriodInSeconds|Int32|Indicates timeout before locked screen requires the user to enter the device passocde to unlock it| |carrierActivationUrl|String|Carrier URL for activating device eSIM.|
-|userlessSharedAadModeEnabled|Boolean|Indicates that this apple device is designated to support 'shared device mode' scenarios. This is distinct from the 'shared iPad' scenario. [See here](/mem/intune/enrollment/device-enrollment-shared-ios)|
+|userlessSharedAadModeEnabled|Boolean|Indicates that this apple device is designated to support 'shared device mode' scenarios. This is distinct from the 'shared iPad' scenario. See https://learn.microsoft.com/mem/intune/enrollment/device-enrollment-shared-ios|
v1.0 Intune Enrollment Depiosenrollmentprofile Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depiosenrollmentprofile-update.md
The following table shows the properties that are required when you create the [
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. [See here](/mem/intune/enrollment/windows-enrollment-methods) for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
|supportDepartment|String|Support department information Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |isMandatory|Boolean|Indicates if the profile is mandatory Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |locationDisabled|Boolean|Indicates if Location service setup pane is disabled Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
The following table shows the properties that are required when you create the [
|userSessionTimeoutInSeconds|Int32|Indicates timeout of temporary session| |passcodeLockGracePeriodInSeconds|Int32|Indicates timeout before locked screen requires the user to enter the device passocde to unlock it| |carrierActivationUrl|String|Carrier URL for activating device eSIM.|
-|userlessSharedAadModeEnabled|Boolean|Indicates that this apple device is designated to support 'shared device mode' scenarios. This is distinct from the 'shared iPad' scenario. [See here](/mem/intune/enrollment/device-enrollment-shared-ios)|
+|userlessSharedAadModeEnabled|Boolean|Indicates that this apple device is designated to support 'shared device mode' scenarios. This is distinct from the 'shared iPad' scenario. See https://learn.microsoft.com/mem/intune/enrollment/device-enrollment-shared-ios|
v1.0 Intune Enrollment Depmacosenrollmentprofile Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depmacosenrollmentprofile-create.md
The following table shows the properties that are required when you create the d
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. [See here](/mem/intune/enrollment/windows-enrollment-methods) for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
|supportDepartment|String|Support department information Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |isMandatory|Boolean|Indicates if the profile is mandatory Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |locationDisabled|Boolean|Indicates if Location service setup pane is disabled Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
v1.0 Intune Enrollment Depmacosenrollmentprofile Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depmacosenrollmentprofile-update.md
The following table shows the properties that are required when you create the [
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. [See here](/mem/intune/enrollment/windows-enrollment-methods) for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
|supportDepartment|String|Support department information Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |isMandatory|Boolean|Indicates if the profile is mandatory Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |locationDisabled|Boolean|Indicates if Location service setup pane is disabled Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
v1.0 Intune Enrollment Importedappledeviceidentity Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-importedappledeviceidentity-create.md
The following table shows the properties that are required when you create the i
|serialNumber|String|Device serial number| |requestedEnrollmentProfileId|String|Enrollment profile Id admin intends to apply to the device during next enrollment| |requestedEnrollmentProfileAssignmentDateTime|DateTimeOffset|The time enrollment profile was assigned to the device|
-|isSupervised|Boolean|Indicates if the Apple device is supervised. More information is at: https://support.apple.com/en-us/HT202837 |
+|isSupervised|Boolean|Indicates if the Apple device is supervised. More information is at: https://support.apple.com/en-us/HT202837|
|discoverySource|[discoverySource](../resources/intune-enrollment-discoverysource.md)|Apple device discovery source. Possible values are: `unknown`, `adminImport`, `deviceEnrollmentProgram`.| |isDeleted|Boolean|Indicates if the device is deleted from Apple Business Manager| |createdDateTime|DateTimeOffset|Created Date Time of the device|
v1.0 Intune Enrollment Importedappledeviceidentity Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-importedappledeviceidentity-update.md
The following table shows the properties that are required when you create the [
|serialNumber|String|Device serial number| |requestedEnrollmentProfileId|String|Enrollment profile Id admin intends to apply to the device during next enrollment| |requestedEnrollmentProfileAssignmentDateTime|DateTimeOffset|The time enrollment profile was assigned to the device|
-|isSupervised|Boolean|Indicates if the Apple device is supervised. More information is at: https://support.apple.com/en-us/HT202837 |
+|isSupervised|Boolean|Indicates if the Apple device is supervised. More information is at: https://support.apple.com/en-us/HT202837|
|discoverySource|[discoverySource](../resources/intune-enrollment-discoverysource.md)|Apple device discovery source. Possible values are: `unknown`, `adminImport`, `deviceEnrollmentProgram`.| |isDeleted|Boolean|Indicates if the device is deleted from Apple Business Manager| |createdDateTime|DateTimeOffset|Created Date Time of the device|
v1.0 Intune Mam Devicemanagementconfigurationsetting Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mam-devicemanagementconfigurationsetting-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|id|String|Key of this setting within the policy which contains it. Automatically generated.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceAppManagement/targetedManagedAppConfigurations/{targetedManagedAppConfigurationId}/settings Content-type: application/json
-Content-length: 16129
+Content-length: 78
{
- "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
- "settingInstance": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": null,
- "settingInstanceTemplateReference": null,
- "choiceSettingValue": null
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
+ "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting"
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 16178
+Content-Length: 78
{
- "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
- "id": "9acf977e-977e-9acf-7e97-cf9a7e97cf9a",
- "settingInstance": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": null,
- "settingInstanceTemplateReference": null,
- "choiceSettingValue": null
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
+ "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting"
} ```
v1.0 Intune Mam Devicemanagementconfigurationsetting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mam-devicemanagementconfigurationsetting-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 16631
+Content-Length: 99
{ "value": {
- "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
- "id": "9acf977e-977e-9acf-7e97-cf9a7e97cf9a",
- "settingInstance": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": null,
- "settingInstanceTemplateReference": null,
- "choiceSettingValue": null
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
+ "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting"
} } ```
v1.0 Intune Mam Devicemanagementconfigurationsetting List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mam-devicemanagementconfigurationsetting-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 17079
+Content-Length: 115
{ "value": [ {
- "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
- "id": "9acf977e-977e-9acf-7e97-cf9a7e97cf9a",
- "settingInstance": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": null,
- "settingInstanceTemplateReference": null,
- "choiceSettingValue": null
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
+ "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting"
} ] }
v1.0 Intune Mam Devicemanagementconfigurationsetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mam-devicemanagementconfigurationsetting-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|id|String|Key of this setting within the policy which contains it. Automatically generated.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceAppManagement/targetedManagedAppConfigurations/{targetedManagedAppConfigurationId}/settings/{deviceManagementConfigurationSettingId} Content-type: application/json
-Content-length: 16129
+Content-length: 78
{
- "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
- "settingInstance": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": null,
- "settingInstanceTemplateReference": null,
- "choiceSettingValue": null
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
+ "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting"
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 16178
+Content-Length: 78
{
- "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
- "id": "9acf977e-977e-9acf-7e97-cf9a7e97cf9a",
- "settingInstance": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "Setting Definition Id value",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "Setting Instance Template Id value"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "Setting Value Template Id value",
- "useTemplateDefault": true
- },
- "value": "Value value",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": null,
- "settingInstanceTemplateReference": null,
- "choiceSettingValue": null
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
+ "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting"
} ```
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-deviceandappmanagementassignmentfilter-create.md
The following table shows the properties that are required when you create the d
|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter.| |displayName|String|DisplayName of the Assignment Filter.| |description|String|Description of the Assignment Filter.|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|rule|String|Rule definition of the Assignment Filter.| |roleScopeTags|String collection|RoleScopeTags of the Assignment Filter.| |payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter|
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-deviceandappmanagementassignmentfilter-update.md
The following table shows the properties that are required when you create the [
|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter.| |displayName|String|DisplayName of the Assignment Filter.| |description|String|Description of the Assignment Filter.|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|rule|String|Rule definition of the Assignment Filter.| |roleScopeTags|String collection|RoleScopeTags of the Assignment Filter.| |payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter|
v1.0 Intune Policyset Payloadcompatibleassignmentfilter Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-payloadcompatibleassignmentfilter-create.md
The following table shows the properties that are required when you create the p
|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |displayName|String|DisplayName of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |description|String|Description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|rule|String|Rule definition of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |roleScopeTags|String collection|RoleScopeTags of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
v1.0 Intune Policyset Payloadcompatibleassignmentfilter Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-payloadcompatibleassignmentfilter-update.md
The following table shows the properties that are required when you create the [
|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |displayName|String|DisplayName of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |description|String|Description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|rule|String|Rule definition of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |roleScopeTags|String collection|RoleScopeTags of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
v1.0 Intune Remoteassistance Devicemanagement Reportremoteassistance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-remoteassistance-devicemanagement-reportremoteassistance.md
Here is an example of the request.
POST https://graph.microsoft.com/beta/deviceManagement/reportRemoteAssistance Content-type: application/json
-Content-length: 1114
+Content-length: 1195
{ "reportingPayload": {
Content-length: 1114
"remoteAssistanceSessionType": "fullControl", "helperEmail": "Helper Email value", "helperTenantId": "Helper Tenant Id value",
+ "helperUserId": "Helper User Id value",
"helperFirstName": "Helper First Name value", "helperLastName": "Helper Last Name value", "helperOs": "Helper Os value",
+ "deviceId": "Device Id value",
"helperDeviceAadId": "Helper Device Aad Id value", "helperDeviceName": "Helper Device Name value", "helperEnrollmentState": "enrolled",
v1.0 Intune Reporting Devicemanagementreports Getdevicesstatusbypolicyplatformcompliancereport https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-reporting-devicemanagementreports-getdevicesstatusbypolicyplatformcompliancereport.md
+
+ Title: "getDevicesStatusByPolicyPlatformComplianceReport action"
+description: "Not yet documented"
+
+localization_priority: Normal
++
+# getDevicesStatusByPolicyPlatformComplianceReport action
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Not yet documented
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/reports/getDevicesStatusByPolicyPlatformComplianceReport
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Property|Type|Description|
+|:|:|:|
+|select|String collection|Not yet documented|
+|search|String|Not yet documented|
+|groupBy|String collection|Not yet documented|
+|orderBy|String collection|Not yet documented|
+|skip|Int32|Not yet documented|
+|top|Int32|Not yet documented|
+|sessionId|String|Not yet documented|
+|filter|String|Not yet documented|
+++
+## Response
+If successful, this action returns a `200 OK` response code and a Stream in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/reports/getDevicesStatusByPolicyPlatformComplianceReport
+
+Content-type: application/json
+Content-length: 253
+
+{
+ "select": [
+ "Select value"
+ ],
+ "search": "Search value",
+ "groupBy": [
+ "Group By value"
+ ],
+ "orderBy": [
+ "Order By value"
+ ],
+ "skip": 4,
+ "top": 3,
+ "sessionId": "Session Id value",
+ "filter": "Filter value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 123
+
+{
+ "value": "Z2V0RGV2aWNlc1N0YXR1c0J5UG9saWN5UGxhdGZvcm1Db21wbGlhbmNlUmVwb3J0IEludHVuZSBEb2MgU2FtcGxlIDY3ODU3NDc0Mg=="
+}
+```
v1.0 Intune Reporting Devicemanagementreports Getdevicestatusbycompliacepolicyreport https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-reporting-devicemanagementreports-getdevicestatusbycompliacepolicyreport.md
+
+ Title: "getDeviceStatusByCompliacePolicyReport action"
+description: "Not yet documented"
+
+localization_priority: Normal
++
+# getDeviceStatusByCompliacePolicyReport action
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Not yet documented
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/reports/getDeviceStatusByCompliacePolicyReport
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Property|Type|Description|
+|:|:|:|
+|select|String collection|Not yet documented|
+|search|String|Not yet documented|
+|groupBy|String collection|Not yet documented|
+|orderBy|String collection|Not yet documented|
+|skip|Int32|Not yet documented|
+|top|Int32|Not yet documented|
+|sessionId|String|Not yet documented|
+|filter|String|Not yet documented|
+++
+## Response
+If successful, this action returns a `200 OK` response code and a Stream in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/reports/getDeviceStatusByCompliacePolicyReport
+
+Content-type: application/json
+Content-length: 253
+
+{
+ "select": [
+ "Select value"
+ ],
+ "search": "Search value",
+ "groupBy": [
+ "Group By value"
+ ],
+ "orderBy": [
+ "Order By value"
+ ],
+ "skip": 4,
+ "top": 3,
+ "sessionId": "Session Id value",
+ "filter": "Filter value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 111
+
+{
+ "value": "Z2V0RGV2aWNlU3RhdHVzQnlDb21wbGlhY2VQb2xpY3lSZXBvcnQgSW50dW5lIERvYyBTYW1wbGUgLTEzOTc1ODI1MTQ="
+}
+```
v1.0 Intune Reporting Devicemanagementreports Getdevicestatusbycompliancepolicysettingreport https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-reporting-devicemanagementreports-getdevicestatusbycompliancepolicysettingreport.md
+
+ Title: "getDeviceStatusByCompliancePolicySettingReport action"
+description: "Not yet documented"
+
+localization_priority: Normal
++
+# getDeviceStatusByCompliancePolicySettingReport action
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Not yet documented
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/reports/getDeviceStatusByCompliancePolicySettingReport
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Property|Type|Description|
+|:|:|:|
+|select|String collection|Not yet documented|
+|search|String|Not yet documented|
+|groupBy|String collection|Not yet documented|
+|orderBy|String collection|Not yet documented|
+|skip|Int32|Not yet documented|
+|top|Int32|Not yet documented|
+|sessionId|String|Not yet documented|
+|filter|String|Not yet documented|
+++
+## Response
+If successful, this action returns a `200 OK` response code and a Stream in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/reports/getDeviceStatusByCompliancePolicySettingReport
+
+Content-type: application/json
+Content-length: 253
+
+{
+ "select": [
+ "Select value"
+ ],
+ "search": "Search value",
+ "groupBy": [
+ "Group By value"
+ ],
+ "orderBy": [
+ "Order By value"
+ ],
+ "skip": 4,
+ "top": 3,
+ "sessionId": "Session Id value",
+ "filter": "Filter value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 119
+
+{
+ "value": "Z2V0RGV2aWNlU3RhdHVzQnlDb21wbGlhbmNlUG9saWN5U2V0dGluZ1JlcG9ydCBJbnR1bmUgRG9jIFNhbXBsZSAtMzg4MjY1OTgw"
+}
+```
v1.0 Intune Reporting Devicemanagementreports Getdevicestatussummarybycompliacepolicyreport https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-reporting-devicemanagementreports-getdevicestatussummarybycompliacepolicyreport.md
+
+ Title: "getDeviceStatusSummaryByCompliacePolicyReport action"
+description: "Not yet documented"
+
+localization_priority: Normal
++
+# getDeviceStatusSummaryByCompliacePolicyReport action
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Not yet documented
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/reports/getDeviceStatusSummaryByCompliacePolicyReport
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Property|Type|Description|
+|:|:|:|
+|select|String collection|Not yet documented|
+|search|String|Not yet documented|
+|groupBy|String collection|Not yet documented|
+|orderBy|String collection|Not yet documented|
+|skip|Int32|Not yet documented|
+|top|Int32|Not yet documented|
+|sessionId|String|Not yet documented|
+|filter|String|Not yet documented|
+++
+## Response
+If successful, this action returns a `200 OK` response code and a Stream in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/reports/getDeviceStatusSummaryByCompliacePolicyReport
+
+Content-type: application/json
+Content-length: 253
+
+{
+ "select": [
+ "Select value"
+ ],
+ "search": "Search value",
+ "groupBy": [
+ "Group By value"
+ ],
+ "orderBy": [
+ "Order By value"
+ ],
+ "skip": 4,
+ "top": 3,
+ "sessionId": "Session Id value",
+ "filter": "Filter value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 119
+
+{
+ "value": "Z2V0RGV2aWNlU3RhdHVzU3VtbWFyeUJ5Q29tcGxpYWNlUG9saWN5UmVwb3J0IEludHVuZSBEb2MgU2FtcGxlIDk0NDU3OTM2Mg=="
+}
+```
v1.0 Intune Reporting Devicemanagementreports Getdevicestatussummarybycompliancepolicysettingsreport https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-reporting-devicemanagementreports-getdevicestatussummarybycompliancepolicysettingsreport.md
+
+ Title: "getDeviceStatusSummaryByCompliancePolicySettingsReport action"
+description: "Not yet documented"
+
+localization_priority: Normal
++
+# getDeviceStatusSummaryByCompliancePolicySettingsReport action
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Not yet documented
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/reports/getDeviceStatusSummaryByCompliancePolicySettingsReport
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Property|Type|Description|
+|:|:|:|
+|select|String collection|Not yet documented|
+|search|String|Not yet documented|
+|groupBy|String collection|Not yet documented|
+|orderBy|String collection|Not yet documented|
+|skip|Int32|Not yet documented|
+|top|Int32|Not yet documented|
+|sessionId|String|Not yet documented|
+|filter|String|Not yet documented|
+++
+## Response
+If successful, this action returns a `200 OK` response code and a Stream in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/reports/getDeviceStatusSummaryByCompliancePolicySettingsReport
+
+Content-type: application/json
+Content-length: 253
+
+{
+ "select": [
+ "Select value"
+ ],
+ "search": "Search value",
+ "groupBy": [
+ "Group By value"
+ ],
+ "orderBy": [
+ "Order By value"
+ ],
+ "skip": 4,
+ "top": 3,
+ "sessionId": "Session Id value",
+ "filter": "Filter value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 131
+
+{
+ "value": "Z2V0RGV2aWNlU3RhdHVzU3VtbWFyeUJ5Q29tcGxpYW5jZVBvbGljeVNldHRpbmdzUmVwb3J0IEludHVuZSBEb2MgU2FtcGxlIC05MDU4ODg4NjU="
+}
+```
v1.0 Intune Shared Deviceappmanagement Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-deviceappmanagement-get.md
GET /deviceAppManagement
## Optional query parameters
-This method supports the [OData Query Parameters](../../v1.0/api/user-delta.md#odata-query-parameters) to help customize the response.
+This method supports the [OData Query Parameters](https://developer.microsoft.com/graph/docs/concepts/query_parameters) to help customize the response.
## Request headers
v1.0 Intune Shared Deviceappmanagement Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-deviceappmanagement-update.md
The following table shows the properties that are required when you create the [
|id|String|Key of the entity.| |**On-boarding**| |isEnabledForMicrosoftStoreForBusiness|Boolean|Whether the account is enabled for syncing applications from the Microsoft Store for Business.|
-|microsoftStoreForBusinessLanguage|String|The locale information used to sync applications from the Microsoft Store for Business. Cultures that are specific to a country/region. The names of these cultures follow RFC 4646 (Windows Vista and later). The format is &lt;languagecode2&gt;-<country/regioncode2>, where &lt;languagecode2&gt; is a lowercase two-letter code derived from ISO 639-1 and <country/regioncode2> is an uppercase two-letter code derived from ISO 3166. For example, en-US for English (United States) is a specific culture.|
+|microsoftStoreForBusinessLanguage|String|The locale information used to sync applications from the Microsoft Store for Business. Cultures that are specific to a country/region. The names of these cultures follow RFC 4646 (Windows Vista and later). The format is <languagecode2>-<country/regioncode2>, where <languagecode2> is a lowercase two-letter code derived from ISO 639-1 and <country/regioncode2> is an uppercase two-letter code derived from ISO 3166. For example, en-US for English (United States) is a specific culture.|
|microsoftStoreForBusinessLastCompletedApplicationSyncTime|DateTimeOffset|The last time an application sync from the Microsoft Store for Business was completed.| |microsoftStoreForBusinessLastSuccessfulSyncDateTime|DateTimeOffset|The last time the apps from the Microsoft Store for Business were synced successfully for the account.| |microsoftStoreForBusinessPortalSelection|[microsoftStoreForBusinessPortalSelectionOptions](../resources/intune-onboarding-microsoftstoreforbusinessportalselectionoptions.md)|The end user portal information is used to sync applications from the Microsoft Store for Business to Intune Company Portal. There are three options to pick from \['Company portal only', 'Company portal and private store', 'Private store only'\]. Possible values are: `none`, `companyPortal`, `privateStore`.|
-This method supports the [OData Query Parameters](../../v1.0/api/user-delta.md#odata-query-parameters) to help customize the response.
+This method supports the [OData Query Parameters](https://developer.microsoft.com/graph/docs/concepts/query_parameters) to help customize the response.
## Response If successful, this method returns a `200 OK` response code and an updated [deviceAppManagement](../resources/intune-shared-deviceappmanagement.md) object in the response body.
v1.0 Intune Shared Devicecategory Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicecategory-get.md
GET /deviceManagement/deviceManagementScripts/{deviceManagementScriptId}/deviceR
## Optional query parameters
-This method supports the [OData Query Parameters](../../v1.0/api/user-delta.md#odata-query-parameters) to help customize the response.
+This method supports the [OData Query Parameters](https://developer.microsoft.com/graph/docs/concepts/query_parameters) to help customize the response.
## Request headers
v1.0 Intune Shared Devicemanagement Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicemanagement-get.md
GET /deviceManagement
## Optional query parameters
-This method supports the [OData Query Parameters](../../v1.0/api/user-delta.md#odata-query-parameters) to help customize the response.
+This method supports the [OData Query Parameters](https://developer.microsoft.com/graph/docs/concepts/query_parameters) to help customize the response.
## Request headers |Header|Value|
v1.0 Intune Shared Devicemanagementderivedcredentialsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicemanagementderivedcredentialsettings-update.md
The following table shows the properties that are required when you create the [
|**RA Policy**| |helpUrl|String|The URL that will be accessible to end users as they retrieve a derived credential using the Company Portal.| |displayName|String|The display name for the profile.|
-|issuer|[deviceManagementDerivedCredentialIssuer](/graph/api/resources/intune-rapolicy-devicemanagementderivedcredentialissuer)|The derived credential provider to use. Possible values are: `intercede`, `entrustDatacard`, `purebred`.|
-|notificationType|[deviceManagementDerivedCredentialNotificationType](/graph/api/resources/intune-rapolicy-devicemanagementderivedcredentialnotificationtype)|The methods used to inform the end user to open Company Portal to deliver Wi-Fi, VPN, or email profiles that use certificates to the device. Possible values are: `none`, `companyPortal`, `email`.|
+|issuer|[deviceManagementDerivedCredentialIssuer](../resources/intune-shared-devicemanagementderivedcredentialissuer.md)|The derived credential provider to use. Possible values are: `intercede`, `entrustDatacard`, `purebred`.|
+|notificationType|[deviceManagementDerivedCredentialNotificationType](../resources/intune-shared-devicemanagementderivedcredentialnotificationtype.md)|The methods used to inform the end user to open Company Portal to deliver Wi-Fi, VPN, or email profiles that use certificates to the device. Possible values are: `none`, `companyPortal`, `email`.|
## Response
v1.0 Intune Shared Reportroot Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-reportroot-get.md
GET /reports
``` ## Optional query parameters
-This method supports the [OData Query Parameters](../../v1.0/api/user-delta.md#odata-query-parameters) to help customize the response.
+This method supports the [OData Query Parameters](https://developer.microsoft.com/graph/docs/concepts/query_parameters) to help customize the response.
## Request headers |Header|Value| |:|:|
v1.0 Intune Shared User Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-user-get.md
GET /users/{usersId}
## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+This method supports the [OData Query Parameters](https://developer.microsoft.com/graph/docs/concepts/query_parameters) to help customize the response.
## Request headers
v1.0 Intune Shared Windowsdomainjoinconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-windowsdomainjoinconfiguration-get.md
GET /deviceManagement/windowsAutopilotDeviceIdentities/{windowsAutopilotDeviceId
## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+This method supports the [OData Query Parameters](https://developer.microsoft.com/graph/docs/concepts/query_parameters) to help customize the response.
## Request headers
v1.0 Intune Shared Windowsupdatestate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-windowsupdatestate-create.md
The following table shows the properties that are required when you create the w
|userId|String|The id of the user.| |deviceDisplayName|String|Device display name.| |userPrincipalName|String|User principal name.|
-|status|[windowsUpdateStatus](/graph/api/intune-shared-windowsupdatestate-update)|Windows udpate status. Possible values are: `upToDate`, `pendingInstallation`, `pendingReboot`, `failed`.|
+|status|[windowsUpdateStatus](../resources/intune-shared-windowsupdatestatus.md)|Windows udpate status. Possible values are: `upToDate`, `pendingInstallation`, `pendingReboot`, `failed`.|
|qualityUpdateVersion|String|The Quality Update Version of the device.| |featureUpdateVersion|String|The current feature update version of the device.| |lastScanDateTime|DateTimeOffset|The date time that the Windows Update Agent did a successful scan.|
v1.0 Intune Shared Windowsupdatestate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-windowsupdatestate-update.md
The following table shows the properties that are required when you create the [
|userId|String|The id of the user.| |deviceDisplayName|String|Device display name.| |userPrincipalName|String|User principal name.|
-|status|[windowsUpdateStatus](/graph/api/intune-shared-windowsupdatestate-update)|Windows udpate status. Possible values are: `upToDate`, `pendingInstallation`, `pendingReboot`, `failed`.|
+|status|[windowsUpdateStatus](../resources/intune-shared-windowsupdatestatus.md)|Windows udpate status. Possible values are: `upToDate`, `pendingInstallation`, `pendingReboot`, `failed`.|
|qualityUpdateVersion|String|The Quality Update Version of the device.| |featureUpdateVersion|String|The current feature update version of the device.| |lastScanDateTime|DateTimeOffset|The date time that the Windows Update Agent did a successful scan.|
v1.0 List Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/list-create.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST https://graph.microsoft.com/beta/sites/{site-id}/lists
+POST /sites/{site-id}/lists
``` ## Request headers
v1.0 List Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/list-get.md
One of the following permissions is required to call this API. To learn more, in
## HTTP request ```http
-GET https://graph.microsoft.com/beta/sites/{site-id}/lists/{list-id}
-GET https://graph.microsoft.com/beta/sites/{site-id}/lists/{list-title}
-GET https://graph.microsoft.com/beta/sites/{site-id}/lists/{list-id}?expand=columns,items(expand=fields)
+GET /sites/{site-id}/lists/{list-id}
+GET /sites/{site-id}/lists/{list-title}
+GET /sites/{site-id}/lists/{list-id}?expand=columns,items(expand=fields)
``` ## Request body
v1.0 Microsoftauthenticatorauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete your own Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
``` http DELETE /me/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId}
+```
+
+Delete your own or another user's Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
DELETE /users/{id | userPrincipalName}/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId} ```
v1.0 Microsoftauthenticatorauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId}
+```
+
+Get details of your own or another user's Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId} ```
v1.0 Microsoftauthenticatorauthenticationmethod List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethod-list.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own Microsoft Authenticator authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/microsoftAuthenticatorMethods
+```
+
+Get details of your own or another user's Microsoft Authenticator authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/microsoftAuthenticatorMethods ```
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Onlinemeeting Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onlinemeeting-delete.md
To use application permission for this API, tenant administrators must create an
To delete an **onlineMeeting** using the meeting ID with delegated (`/me`) and app (`/users/{userId}`) permission: <!-- { "blockType": "ignored" } --> ```http
-DELETE https://graph.microsoft.com/beta/me/onlineMeetings/{meetingId}
-DELETE https://graph.microsoft.com/beta/users/{userId}/onlineMeetings/{meetingId}
+DELETE /me/onlineMeetings/{meetingId}
+DELETE /users/{userId}/onlineMeetings/{meetingId}
``` > [!NOTE]
v1.0 Onpremisesagentgroup Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisesagentgroup-delete.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE ~/onPremisesPublishingProfiles/{publishingType}/agentGroups/{id1}
+DELETE /onPremisesPublishingProfiles/{publishingType}/agentGroups/{id1}
``` ## Request headers
v1.0 Onpremisesagentgroup List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisesagentgroup-list.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET ~/onPremisesPublishingProfiles/{publishingType}/agentGroups
+GET /onPremisesPublishingProfiles/{publishingType}/agentGroups
``` ## Optional query parameters
v1.0 Onpremisesagentgroup Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisesagentgroup-post.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST ~/onPremisesPublishingProfiles/{publishingType}/agentGroups/{id}/agents
+POST /onPremisesPublishingProfiles/{publishingType}/agentGroups/{id}/agents
``` ## Request headers
v1.0 Onpremisesagentgroup Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisesagentgroup-update.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-PATCH ~/onPremisesPublishingProfiles/{publishingType}/agentGroups
+PATCH /onPremisesPublishingProfiles/{publishingType}/agentGroups
``` ## Request headers
v1.0 Onpremisesdirectorysynchronization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisesdirectorysynchronization-get.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_onpremisesdirectorysynchronization"
+ "name": "get_onpremisesdirectorysynchronization_e1"
} --> ``` http
v1.0 Onpremisesdirectorysynchronization Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisesdirectorysynchronization-update.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_onpremisesdirectorysynchronization"
+ "name": "update_onpremisesdirectorysynchronization_e1"
} --> ``` http
v1.0 Onpremisespublishingprofile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisespublishingprofile-get.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET ~/onPremisesPublishingProfiles/{publishingType}/
+GET /onPremisesPublishingProfiles/{publishingType}/
``` ## Optional query parameters
v1.0 Onpremisespublishingprofile Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisespublishingprofile-update.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-PATCH ~/onPremisesPublishingProfiles/{publishingType}/hybridAgentUpdaterConfiguration
+PATCH /onPremisesPublishingProfiles/{publishingType}/hybridAgentUpdaterConfiguration
``` ## Request headers
v1.0 Organization Activateservice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organization-activateservice.md
- Title: "organization: activateService"
-description: "Activates a service for an organization."
-
-doc_type: apiPageType
--
-# organization: activateService (deprecated)
-
-Namespace: microsoft.graph
--
-> [!CAUTION]
-> The **activateService** API is deprecated and will stop returning data on June 30, 2022.
-
-Activate a service for an organization.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-In order to activate a service for an organization the requestor needs to have the _Company Administrator_ role with the following permissions.
-
-|Permission type|Permissions (from least to most privileged)|
-| : | : |
-| Delegated (work or school account) | Directory.ReadWrite.All|
-| Delegated (personal Microsoft account) | Not Supported. |
-| Application | Directory.ReadWrite.All|
--
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /organization/{organizationId}/activateService
-```
-
-## Request headers
-|Name|Description|
-|:|:|
-|Authorization|Bearer {token}. Required.|
-|Content-Type|application/json. Required.|
-
-## Request body
-In the request body, supply a JSON representation of the [activateService](../resources/activateService.md) object.
-You must define **service** or (**servicePlanId** _and_ **skuId**) for this action to be valid.
-
-| Property | Type | Description |
-| -- | | - |
-| service| String | The name of the service to activate. |
-| servicePlanId | Guid | The plan identifier of the service plan to activate. |
-| skuId | Guid | The SKU identifier of the service plan. |
-
-## Response
-
-If successful, this action returns a `204 No Content` response code.
-
-## Examples
-
-### Request
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "organization_activateservice"
-}
>
-``` http
-POST https://graph.microsoft.com/beta/organization/{:organizationId}/activateService
-Content-Type: application/json
-
-{
- "skuId": "6fd2c87f-b296-42f0-b197-1e91e994b900",
- "servicePlanId": "a23b959c-7ce8-4e57-9140-b90eb88a9e97"
-}
-```
-
-# [JavaScript](#tab/javascript)
---
-### Response
-<!-- {
- "blockType": "response",
- "truncated": true
-}
>
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Organizationalbranding Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Organizationalbranding List Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-list-localizations.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Organizationalbrandinglocalization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbrandinglocalization-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Organizationsettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationsettings-get.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET https://graph.microsoft.com/beta/organization/{organizationId}/settings
+GET /organization/{organizationId}/settings
``` ## Optional query parameters
v1.0 Organizationsettings List Profilecardproperties https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationsettings-list-profilecardproperties.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET https://graph.microsoft.com/beta/organization/{organizationId}/settings/profileCardProperties
+GET /organization/{organizationId}/settings/profileCardProperties
``` ## Optional query parameters
v1.0 Organizationsettings List Pronounssettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationsettings-list-pronounssettings.md
GET https://graph.microsoft.com/beta/organization/{organizationId}/settings/pron
[!INCLUDE [sample-code](../includes/snippets/go/get-pronounssettings-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-pronounssettings-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Organizationsettings Post Profilecardproperties https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationsettings-post-profilecardproperties.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST https://graph.microsoft.com/beta/organization/{organizationId}/settings/profileCardProperties
+POST /organization/{organizationId}/settings/profileCardProperties
``` ## Request headers
v1.0 Outboundshareduserprofile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/outboundshareduserprofile-get.md
+
+ Title: "Get outboundSharedUserProfile"
+description: "Get the details of an outboundSharedUserProfile."
+
+ms.localizationpriority: medium
++
+# Get outboundSharedUserProfile
+
+Namespace: microsoft.graph
++
+Get the details of an [outboundSharedUserProfile](../resources/outboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CrossTenantUserProfileSharing.Read, CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
+
+A user can retrieve their own [outboundSharedUserProfile](../resources/outboundshareduserprofile.md) data when the app is granted the `CrossTenantUserProfileSharing.Read` delegated permission on their behalf.
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /directory/outboundSharedUserProfiles/{userId}
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [outboundSharedUserProfile](../resources/outboundshareduserprofile.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_outboundshareduserprofile"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/beta/directory/outboundSharedUserProfiles/c228b2ae-c4fb-4eda-9620-7e73dddd1cac
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.outboundSharedUserProfile"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directory/outboundSharedUserProfiles/$entity",
+ "userId": "c228b2ae-c4fb-4eda-9620-7e73dddd1cac"
+}
+```
v1.0 Outboundshareduserprofile List Tenants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/outboundshareduserprofile-list-tenants.md
+
+ Title: "Get tenantReferences"
+description: "List the tenant references of an outboundSharedUserProfile."
+
+ms.localizationpriority: medium
++
+# Get tenantReferences
+
+Namespace: microsoft.graph
++
+List the tenant references of an [outboundSharedUserProfile](../resources/outboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CrossTenantUserProfileSharing.Read, CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.Read.All, CrossTenantUserProfileSharing.ReadWrite.All|
+
+A user can retrieve their own [outboundSharedUserProfile](../resources/outboundshareduserprofile.md) data when the app is granted the `CrossTenantUserProfileSharing.Read` delegated permission on their behalf.
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /directory/outboundSharedUserProfiles/{userId}/tenants
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [tenantReferences](../resources/tenantreference.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_outboundshareduserprofile_tenants"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/beta/directory/outboundSharedUserProfiles/c228b2ae-c4fb-4eda-9620-7e73dddd1cac/tenants
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.tenantReference"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directory/outboundSharedUserProfiles('c228b2ae-c4fb-4eda-9620-7e73dddd1cac')/tenants",
+ "value": [
+ {
+ "tenantId":"62bfb458-9474-4c44-896b-b30942d055f0"
+ },
+ {
+ "tenantId":"5269b458-9474-4a44-996b-a30942d05000"
+ }
+ ]
+}
+```
v1.0 Passwordauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
+Get details of your own password authentication method.
<!-- { "blockType": "ignored" } -->- ```http GET /me/authentication/passwordMethods/{id}
+```
+
+Get details of your own or another user's password authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/passwordMethods/{id} ```
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
### Permissions acting on other users |Permission type | Permissions (from least to most privileged) |
-|:|:-|
+|:|:-|:--|
| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All | | Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
+Remove a Microsoft Authenticator Passwordless Phone Sign-in authentication method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+```http
+DELETE /me/authentication/passwordlessMicrosoftAuthenticatorMethods/{id}
+```
+
+Remove a Microsoft Authenticator Passwordless Phone Sign-in authentication method from another user's account.
+<!-- { "blockType": "ignored" } -->
+```http
DELETE /users/{id | userPrincipalName}/authentication/passwordlessMicrosoftAuthenticatorMethods/{id} ```
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own Microsoft Authenticator Passwordless Phone Sign-in authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/passwordlessMicrosoftAuthenticatorMethods/{id}
+```
+
+Get details of your own or another user's Microsoft Authenticator Passwordless Phone Sign-in authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/passwordlessMicrosoftAuthenticatorMethods/{id} ```
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethod List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethod-list.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own Microsoft Authenticator Passwordless Phone Sign-in authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/passwordlessMicrosoftAuthenticatorMethods
+```
+
+Get details of your own or another user's Microsoft Authenticator Passwordless Phone Sign-in authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/passwordlessMicrosoftAuthenticatorMethods ```
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Phoneauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/phoneauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
+Delete your own phone authentication method.
<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /me/authentication/phoneMethods/{phoneMethodId}
+```
-```http
-DELETE /me/authentication/phoneMethods/{id}
-DELETE /users/{id | userPrincipalName}/authentication/phoneMethods/{id}
+Delete your own or another user's phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /users/{id | userPrincipalName}/authentication/phoneMethods/{phoneMethodId}
```
-The value of `id` corresponding to the phoneType to delete is one of the following:
+
+The value of `phoneMethodId` corresponding to the phoneType to delete is one of the following:
+ `b6332ec1-7057-4abe-9331-3d72feddfe41` to delete the `alternateMobile` **phoneType**. + `e37fc753-ff3b-4958-9484-eaa9425c82bc` to delete the `office` **phoneType**. + `3179e48a-750b-4051-897c-87b9720928f7` to delete the `mobile` **phoneType**.
v1.0 Phoneauthenticationmethod Disablesmssignin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/phoneauthenticationmethod-disablesmssignin.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
v1.0 Phoneauthenticationmethod Enablesmssignin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/phoneauthenticationmethod-enablesmssignin.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
v1.0 Phoneauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/phoneauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
+Retrieve details of your own phone authentication method.
<!-- { "blockType": "ignored" } -->-
-```http
+``` http
GET /me/authentication/phoneMethods/{phoneMethodId}
+```
+
+Retrieve details of your own or another user's phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{userId | userPrincipalName}/authentication/phoneMethods/{phoneMethodId} ```+ The value of `phoneMethodId` corresponding to the phoneType is one of the following: + `b6332ec1-7057-4abe-9331-3d72feddfe41` to retrieve the `alternateMobile` **phoneType**. + `e37fc753-ff3b-4958-9484-eaa9425c82bc` to retrieve the `office` **phoneType**.
v1.0 Phoneauthenticationmethod Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/phoneauthenticationmethod-update.md
If a user is enabled by policy to use SMS to sign in and the `mobile` number is
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### Permissions acting on self
-
-|Permission type | Permissions (from least to most privileged) |
-|:|:-|
-| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Permissions acting on other users
- |Permission type | Permissions (from least to most privileged) | |:|:-| | Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All | | Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
+
+Users without one of the supported Azure AD roles cannot update their own phone authentication method.
## HTTP request
+Update your own phone authentication method.
<!-- { "blockType": "ignored" } -->
+``` http
+PATCH /me/authentication/phoneMethods/{phoneMethodId}
+```
-```http
-PATCH /me/authentication/phoneMethods/{id}
-PATCH /users/{id | userPrincipalName}/authentication/phoneMethods/{id}
+Update your own or another user's phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+PATCH /users/{id | userPrincipalName}/authentication/phoneMethods/{phoneMethodId}
```
-The value of `id` corresponding to the phoneType to update is one of the following:
+
+The value of `phoneMethodId` corresponding to the phoneType to update is one of the following:
+ `b6332ec1-7057-4abe-9331-3d72feddfe41` to update the `alternateMobile` **phoneType**. + `e37fc753-ff3b-4958-9484-eaa9425c82bc` to update the `office` **phoneType**. + `3179e48a-750b-4051-897c-87b9720928f7` to update the `mobile` **phoneType**.
v1.0 Planner Post Plans https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/planner-post-plans.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_plannerplan_from_planner"
+ "name": "create_plannerplan_from_planner_e1"
}--> ``` http POST https://graph.microsoft.com/beta/planner/plans
v1.0 Plannerbucket Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerbucket-delta.md
+
+ Title: "plannerBucket: delta"
+description: "Get newly created, updated, or deleted buckets in a Planner plan without having to perform a full read of the entire resource collection."
+
+ms.localizationpriority: medium
++
+# plannerBucket: delta
+
+Namespace: microsoft.graph
++
+Get newly created, updated, or deleted [buckets](../resources/plannerbucket.md) in a Planner [plan](../resources/plannerplan.md) without having to perform a full read of the entire resource collection. For details, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Tasks.Read |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Tasks.Read.All |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /planner/plans/{plan-id}/buckets/delta
+```
+
+## Query parameters
+
+Tracking changes incurs a round of one or more **delta** function calls. If you use any query parameter (other than `$deltaToken` and `$skipToken`), you must specify it in the initial **delta** request. Microsoft Graph automatically encodes any specified parameters into the token portion of the `@odata.nextLink` or `@odata.deltaLink` URL provided in the response. You only need to specify any query parameters once upfront. In subsequent requests, copy and apply the `@odata.nextLink` or `@odata.deltaLink` URL from the previous response. That URL already includes the encoded parameters.
+
+| Query parameter | Type | Description |
+| :-- | :-- | :-- |
+| $deltaToken | string | A [state token](/graph/delta-query-overview) returned in the `@odata.deltaLink` URL of the previous **delta** function call for the same resource collection, indicating the completion of that round of change tracking. Save and apply the entire `@odata.deltaLink` URL, including this token in the first request of the next round of change tracking for that collection. |
+| $skipToken | string | A [state token](/graph/delta-query-overview) returned in the `@odata.nextLink` URL of the previous **delta** function call, indicating there are further changes to be tracked in the same resource collection. |
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [plannerBucket](../resources/plannerbucket.md) collection in the response body. The response also includes a `@odata.nextLink` or a `@odata.deltaLink` URL.
+
+- A `@odata.nextLink` URL in the response object indicates additional pages of data to be retrieved in the session. The application continues making requests using the `@odata.nextLink` URL until a `@odata.deltaLink` URL is included in the response.
+
+- A `@odata.deltaLink` URL in the response object indicates that no more data about the existing state of the resource is returned. Persist and use the `@odata.deltaLink` URL to learn about changes to the resource in the future.
+
+For more details, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview). For an example that shows how to track changes to users, see [Get incremental changes for users](/graph/delta-query-users).
+
+## Examples
+
+The following example shows a request for delta on **plannerBucket** objects contained by a **plannerPlan**.
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "plannerbucketthis.delta",
+ "sampleKeys": ["-W4K7hIak0WlAwgJCn1sEWQABgjH"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/planner/plans/-W4K7hIak0WlAwgJCn1sEWQABgjH/buckets/delta
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.plannerBucket)"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/$metadata#plannerBucket",
+ "@odata.deltaLink": "https://graph.microsoft.com/beta/planner/plans('-W4K7hIak0WlAwgJCn1sEWQABgjH')/buckets?deltatoken=0%257eaa6c4c81-656f-40e8-a2c5-60f4116fa9a4",
+ "value": [
+ {
+ "@odata.etag": "W/\"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBASCc=\"",
+ "id": "iz1mmIxX7EK0Yj7DmRsMs2QAEDXH",
+ "name": "This is a bucket",
+ "planId": "-W4K7hIak0WlAwgJCn1sEWQABgjH",
+ "orderHint": "8585371316800245114P\\"
+ }
+ ]
+}
+```
v1.0 Plannerbucket Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerbucket-get.md
Title: "Get plannerBucket"
-description: "Retrieve the properties and relationships of **plannerBucket** object."
+description: "Retrieve the properties and relationships of a plannerBucket object."
ms.localizationpriority: medium ms.prod: "planner"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve the properties and relationships of **plannerBucket** object.
+Retrieve the properties and relationships of a [plannerBucket](../resources/plannerbucket.md) object.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and [plannerBucket](../resources/plannerbucket.md) object in the response body.
+If successful, this method returns a `200 OK` response code and a [plannerBucket](../resources/plannerbucket.md) object in the response body.
This method can return any of the [HTTP status codes](/graph/errors). The most common errors that apps should handle for this method are the 403 and 404 responses. For more information about these errors, see [Common Planner error conditions](../resources/planner-overview.md#common-planner-error-conditions). ## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/beta/planner/buckets/hsOf2dhOJkqyYYZEtdzDe2QAIUC
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
] } -->--
v1.0 Plannerplan Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerplan-delta.md
+
+ Title: "plannerPlan: delta"
+description: "Get newly created, updated, or deleted Planner plans in either a group or a Planner roster without having to perform a full read of the entire resource collection."
+
+ms.localizationpriority: medium
++
+# plannerPlan: delta
+
+Namespace: microsoft.graph
++
+Get newly created, updated, or deleted Planner [plans](../resources/plannerplan.md) in either a [group](../resources/group.md) or a Planner [roster](../resources/plannerroster.md) without having to perform a full read of the entire resource collection. For details, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Tasks.Read |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Tasks.Read.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+```http
+GET /planner/rosters/{plannerRosterId}/plans/delta
+GET /groups/{group-id}/planner/plans/delta
+```
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [plannerPlan](../resources/plannerplan.md) collection in the response body.
+
+## Examples
+
+### Example 1: Get delta on plans in a plannerRoster
+
+The following example shows a request for delta on **plannerPlan** objects contained by a **plannerRoster**.
+
+#### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "plannerplanthis.delta_e1",
+ "sampleKeys": ["-W4K7hIak0WlAwgJCn1sEWQABgjH"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/planner/rosters/-W4K7hIak0WlAwgJCn1sEWQABgjH/plans/delta
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.plannerPlan)"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/$metadata#plannerBucket",
+ "@odata.deltaLink": "https://graph.microsoft.com/beta/planner/rosters/('-W4K7hIak0WlAwgJCn1sEWQABgjH')/plans?deltatoken=0%257eaa6c4c81-656f-40e8-a2c5-60f4116fa9a4",
+ "value": [
+ {
+ "@odata.etag": "W/\"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBASCc=\"",
+ "id": "xqQg5FS2LkCp935s-FIFm2QAFkHM",
+ "title": "Test plan",
+ "container": {
+ "@odata.type": "microsoft.graph.plannerPlanContainer",
+ "url": "https://graph.microsoft.com/beta/planner/rosters/-W4K7hIak0WlAwgJCn1sEWQABgjH",
+ "containerId": "-W4K7hIak0WlAwgJCn1sEWQABgjH",
+ "type": "roster"
+ }
+ }
+ ]
+}
+```
+
+### Example 2: Get delta on plans in a group
+
+The following example shows a request for delta on **plannerPlan** objects contained by a group.
+
+#### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "plannerplanthis.delta_e2",
+ "sampleKeys": ["ebf3b108-5234-4e22-b93d-656d7dae5874"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/groups/ebf3b108-5234-4e22-b93d-656d7dae5874/planner/plans/delta
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.plannerPlan)"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/$metadata#plannerBucket",
+ "@odata.deltaLink": "https://graph.microsoft.com/beta/groups/('ebf3b108-5234-4e22-b93d-656d7dae5874')/planner/plans?deltatoken=0%257eaa6c4c81-656f-40e8-a2c5-60f4116fa9a4",
+ "value": [
+ {
+ "@odata.etag": "W/\"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBASCc=\"",
+ "id": "xqQg5FS2LkCp935s-FIFm2QAFkHM",
+ "title": "Test plan",
+ "container": {
+ "@odata.type": "microsoft.graph.plannerPlanContainer",
+ "url": "https://graph.microsoft.com/beta/groups/ebf3b108-5234-4e22-b93d-656d7dae5874",
+ "containerId": "ebf3b108-5234-4e22-b93d-656d7dae5874",
+ "type": "group"
+ }
+ }
+ ]
+}
+```
v1.0 Plannerplanconfiguration List Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerplanconfiguration-list-localizations.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_plannerplanconfigurationlocalization",
+ "name": "list_plannerplanconfigurationlocalization_e1",
"sampleKeys": ["c5d514e6c6864911ac46c720affb6e4d"] } -->
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_plannerplanconfigurationlocalization",
+ "name": "list_plannerplanconfigurationlocalization_e2",
"sampleKeys": ["c5d514e6c6864911ac46c720affb6e4d"] } -->
v1.0 Plannertask Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannertask-delta.md
+
+ Title: "plannerTask: delta"
+description: "Get newly created, updated, or deleted tasks in either a Planner plan or assigned to the signed-in user without having to perform a full read of the entire resource collection."
+
+ms.localizationpriority: medium
++
+# plannerTask: delta
+
+Namespace: microsoft.graph
++
+Get newly created, updated, or deleted [tasks](../resources/plannertask.md) in either a Planner [plan](../resources/plannerplan.md) or assigned to the signed-in user without having to perform a full read of the entire resource collection. For details, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Tasks.Read |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Tasks.Read.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+```http
+GET /planner/tasks/delta
+GET /me/planner/tasks/delta
+```
+
+## Query parameters
+
+Tracking changes incurs a round of one or more **delta** function calls. If you use any query parameter (other than `$deltaToken` and `$skipToken`), you must specify it in the initial **delta** request. Microsoft Graph automatically encodes any specified parameters into the token portion of the `@odata.nextLink` or `@odata.deltaLink` URL provided in the response. You only need to specify any query parameters once upfront. In subsequent requests, copy and apply the `@odata.nextLink` or `@odata.deltaLink` URL from the previous response. That URL already includes the encoded parameters.
+
+| Query parameter | Type | Description |
+| :-- | :-- | :-- |
+| $deltaToken | string | A [state token](/graph/delta-query-overview) returned in the `@odata.deltaLink` URL of the previous **delta** function call for the same resource collection, indicating the completion of that round of change tracking. Save and apply the entire `@odata.deltaLink` URL, including this token in the first request of the next round of change tracking for that collection. |
+| $skipToken | string | A [state token](/graph/delta-query-overview) returned in the `@odata.nextLink` URL of the previous **delta** function call, indicating there are further changes to be tracked in the same resource collection. |
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [plannerTask](../resources/plannertask.md) collection in the response body.
+
+## Examples
+
+### Example 1: Get delta on tasks in a plannerPlan
+
+The following example shows a request for the delta on **plannerTask** objects in a **plannerPlan**.
+
+#### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "plannertaskthis_delta_e1"
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/planner/tasks/delta
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.plannerTask)"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/$metadata#plannerTask",
+ "@odata.deltaLink": "https://graph.microsoft.com/beta/planner/plans('-W4K7hIak0WlAwgJCn1sEWQABgjH')/tasks?%24expand=details&%24deltatoken=0%257eaa6c4c81-656f-40e8-a2c5-60f4116fa9a4",
+ "value": [
+ {
+ "@odata.etag": "W/\"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBASCc=\"",
+ "createdBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "createdByApp": "09abbdfd-ed23-44ee-a2d9-a627aa1c90f3",
+ "createdByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ },
+ "application": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "09abbdfd-ed23-44ee-a2d9-a627aa1c90f3"
+ }
+ },
+ "userContentLastModifiedBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "userContentLastModifiedByApp": null,
+ "userContentLastModifiedByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ }
+ },
+ "planId": "-W4K7hIak0WlAwgJCn1sEWQABgjH",
+ "bucketId": "iz1mmIxX7EK0Yj7DmRsMs2QAEDXH",
+ "title": "Testing",
+ "orderHint": "8585371316800245114P\\",
+ "assigneePriority": "8585371316123370883",
+ "focusDateTime": null,
+ "percentComplete": 0,
+ "startDateTime": null,
+ "createdDateTime": "2022-09-29T18:14:25.6091874Z",
+ "userContentLastModifiedDate": "2022-09-29T18:14:33.1404924Z",
+ "dueDateTime": null,
+ "recurrence": null,
+ "hasDescription": false,
+ "previewType": "automatic",
+ "completedDateTime": null,
+ "completedBy": null,
+ "completedByApp": null,
+ "completedByAsIdentitySet": null,
+ "referenceCount": 0,
+ "checklistItemCount": 0,
+ "activeChecklistItemCount": 0,
+ "appliedCategories": {},
+ "assignments": {
+ "b40c85a0-1a66-4fa3-932f-cc9249ce8c29": {
+ "@odata.type": "#microsoft.taskServices.assignment",
+ "assignedBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "assignedByAppId": null,
+ "assignedByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ }
+ },
+ "assignedDateTime": "2022-09-29T18:14:33.1404924Z",
+ "orderHint": "8585371316723527019PX",
+ "createdBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "createdByAppId": null,
+ "createdByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ }
+ }
+ }
+ },
+ "conversationThreadId": null,
+ "priority": 5,
+ "creationSource": {
+ "publication": null,
+ "externalSource": null
+ },
+ "creationSourceInfo": null,
+ "id": "aSOQ0mveu06bTSkfnJQay2QAIn_l",
+ "version": "1-Task @@@@@@@@@@@@@@@H",
+ "details@odata.context": "https://tasks.officeppe.com/taskApi/V3.0/$metadata#plans('-W4K7hIak0WlAwgJCn1sEWQABgjH')/tasks('aSOQ0mveu06bTSkfnJQay2QAIn_l')/details/$entity",
+ "details": {
+ "@odata.etag": "W/\"JzEtVGFza0RldGFpbHMgQEBAQEBAQEBAQEBAQEBARCc=\"",
+ "description": "",
+ "notes": null,
+ "previewType": "automatic",
+ "references": {},
+ "checklist": {},
+ "id": "aSOQ0mveu06bTSkfnJQay2QAIn_l",
+ "version": "1-TaskDetails @@@@@@@@@@@@@@@D"
+ }
+ }
+ ]
+}
+```
+
+### Example 2: Get delta on tasks assigned to a user
+
+The following example shows a request for the delta on **plannerTask** objects assigned to a user.
+
+#### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "plannertaskthis_delta_e2"
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/me/planner/tasks/delta
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.plannerTask)"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/$metadata#plannerTask",
+ "@odata.deltaLink": "https://graph.microsoft.com/beta/me/planner/tasks/delta?%24expand=details&%24deltatoken=0%257eaa6c4c81-656f-40e8-a2c5-60f4116fa9a4",
+ "value": [
+ {
+ "@odata.etag": "W/\"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBASCc=\"",
+ "createdBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "createdByApp": "09abbdfd-ed23-44ee-a2d9-a627aa1c90f3",
+ "createdByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ },
+ "application": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "09abbdfd-ed23-44ee-a2d9-a627aa1c90f3"
+ }
+ },
+ "userContentLastModifiedBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "userContentLastModifiedByApp": null,
+ "userContentLastModifiedByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ }
+ },
+ "planId": "-W4K7hIak0WlAwgJCn1sEWQABgjH",
+ "bucketId": "iz1mmIxX7EK0Yj7DmRsMs2QAEDXH",
+ "title": "Testing",
+ "orderHint": "8585371316800245114P\\",
+ "assigneePriority": "8585371316123370883",
+ "focusDateTime": null,
+ "percentComplete": 0,
+ "startDateTime": null,
+ "createdDateTime": "2022-09-29T18:14:25.6091874Z",
+ "userContentLastModifiedDate": "2022-09-29T18:14:33.1404924Z",
+ "dueDateTime": null,
+ "recurrence": null,
+ "hasDescription": false,
+ "previewType": "automatic",
+ "completedDateTime": null,
+ "completedBy": null,
+ "completedByApp": null,
+ "completedByAsIdentitySet": null,
+ "referenceCount": 0,
+ "checklistItemCount": 0,
+ "activeChecklistItemCount": 0,
+ "appliedCategories": {},
+ "assignments": {
+ "b40c85a0-1a66-4fa3-932f-cc9249ce8c29": {
+ "@odata.type": "#microsoft.taskServices.assignment",
+ "assignedBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "assignedByAppId": null,
+ "assignedByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ }
+ },
+ "assignedDateTime": "2022-09-29T18:14:33.1404924Z",
+ "orderHint": "8585371316723527019PX",
+ "createdBy": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29",
+ "createdByAppId": null,
+ "createdByAsIdentitySet": {
+ "user": {
+ "@odata.type": "#microsoft.taskServices.identity",
+ "displayName": null,
+ "id": "b40c85a0-1a66-4fa3-932f-cc9249ce8c29"
+ }
+ }
+ }
+ },
+ "conversationThreadId": null,
+ "priority": 5,
+ "creationSource": {
+ "publication": null,
+ "externalSource": null
+ },
+ "creationSourceInfo": null,
+ "id": "aSOQ0mveu06bTSkfnJQay2QAIn_l",
+ "version": "1-Task @@@@@@@@@@@@@@@H",
+ "details@odata.context": "https://tasks.officeppe.com/taskApi/V3.0/$metadata#plans('-W4K7hIak0WlAwgJCn1sEWQABgjH')/tasks('aSOQ0mveu06bTSkfnJQay2QAIn_l')/details/$entity",
+ "details": {
+ "@odata.etag": "W/\"JzEtVGFza0RldGFpbHMgQEBAQEBAQEBAQEBAQEBARCc=\"",
+ "description": "",
+ "notes": null,
+ "previewType": "automatic",
+ "references": {},
+ "checklist": {},
+ "id": "aSOQ0mveu06bTSkfnJQay2QAIn_l",
+ "version": "1-TaskDetails @@@@@@@@@@@@@@@D"
+ }
+ },
+ ]
+}
+```
v1.0 Plannertask Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannertask-get.md
Content-type: application/json
} }, "id":"01gzSlKkIUSUl6DF_EilrmQAKDhh",
- "priority": 5
+ "priority": 5,
+ "recurrence": null
} ```
v1.0 Plannertask Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannertask-update.md
PATCH /planner/tasks/{id}
|percentComplete|Int32|Percentage of task completion. When set to `100`, the task is considered completed. | |planId|String|Plan id to which the task belongs.| |priority|Int32|Priority of the task. Valid range of values is between `0` and `10` (inclusive), with increasing value being lower priority (`0` has the highest priority and `10` has the lowest priority). Currently, Planner interprets values `0` and `1` as "urgent", `2` and `3` and `4` as "important", `5`, `6`, and `7` as "medium", and `8`, `9`, and `10` as "low". Currently, Planner sets the value `1` for "urgent", `3` for "important", `5` for "medium", and `9` for "low".|
+|recurrence|[plannerTaskRecurrence](../resources/plannertaskrecurrence.md)|The recurrence for the task, if defined. Optional.|
|startDateTime|DateTimeOffset|Date and time at which the task starts. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.| |title|String|Title of the task.|
If-Match: W/"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBAWCc="
"appliedCategories": { "category3": true, "category4": false
+ },
+ "recurrence": {
+ "schedule": {
+ "pattern": {
+ "type": "daily",
+ "interval": 3
+ },
+ "patternStartDateTime": "2022-02-22T02:10:33Z"
+ }
} } ```
Content-type: application/json
"appliedCategories": { "category3": true, "category5": true,
- "category6": true,
+ "category6": true
},
- "id":"01gzSlKkIUSUl6DF_EilrmQAKDhh"
+ "id": "01gzSlKkIUSUl6DF_EilrmQAKDhh",
+ "recurrence": {
+ "@odata.type": "#microsoft.graph.plannerTaskRecurrence",
+ "seriesId": "qOqWwPLt4U-LIsWV5ByUuA",
+ "occurrenceId": 1,
+ "previousInSeriesTaskId": null,
+ "nextInSeriesTaskId": null,
+ "schedule": {
+ "@odata.type": "#microsoft.graph.plannerRecurrenceSchedule",
+ "pattern": {
+ "odata.type": "#microsoft.graph.recurrencePattern",
+ "type": "daily",
+ "interval": 3,
+ "firstDayOfWeek": "sunday",
+ "dayOfMonth": 0,
+ "daysOfWeek": [],
+ "index": "first",
+ "month": 0
+ },
+ "patternStartDateTime": "2022-02-22T02:10:33Z",
+ "nextOccurrenceDateTime": "2022-02-25T02:10:33Z"
+ },
+ "recurrenceStartDateTime": "2022-02-22T02:10:33Z"
+ }
} ```
Content-type: application/json
] } -->--
v1.0 Profile List Anniversaries https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/profile-list-anniversaries.md
GET https://graph.microsoft.com/beta/me/profile/anniversaries
[!INCLUDE [sample-code](../includes/snippets/go/get-anniversaries-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-anniversaries-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Profilecardproperty Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/profilecardproperty-delete.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE https://graph.microsoft.com/beta/organization/{organizationId}/settings/profileCardProperties/{directoryPropertyName-Value}
+DELETE /organization/{organizationId}/settings/profileCardProperties/{directoryPropertyName-Value}
``` ## Request headers
v1.0 Profilecardproperty Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/profilecardproperty-get.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET https://graph.microsoft.com/beta/organization/{organizationId}/settings/profileCardProperties/{id}
+GET /organization/{organizationId}/settings/profileCardProperties/{id}
``` ## Optional query parameters
v1.0 Profilecardproperty Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/profilecardproperty-update.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-PATCH https://graph.microsoft.com/beta/organization/{organizationId}/settings/profileCardProperties/{id}
+PATCH /organization/{organizationId}/settings/profileCardProperties/{id}
``` ## Request headers
v1.0 Pronounssettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/pronounssettings-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/update-pronounssettings-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/update-pronounssettings-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Publishedresource Delete Agentgroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/publishedresource-delete-agentgroups.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE ~/onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}/agentGroups/{id2}/$ref
+DELETE /onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}/agentGroups/{id2}/$ref
``` ## Request headers
v1.0 Publishedresource Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/publishedresource-delete.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE ~/onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}/agentGroups/{id2}/$ref
+DELETE /onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}/agentGroups/{id2}/$ref
``` ## Request headers
v1.0 Publishedresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/publishedresource-get.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET ~/onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}
+GET /onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}
``` ## Optional query parameters
v1.0 Publishedresource List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/publishedresource-list.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET ~/onPremisesPublishingProfiles/{publishingType}/publishedResources
+GET /onPremisesPublishingProfiles/{publishingType}/publishedResources
``` ## Optional query parameters
v1.0 Publishedresource Post Agentgroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/publishedresource-post-agentgroups.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST ~/onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}/agentGroups/$ref
+POST /onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}/agentGroups/$ref
``` ## Request headers
v1.0 Publishedresource Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/publishedresource-post.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST ~/onPremisesPublishingProfiles/{publishingType}/publishedResources
+POST /onPremisesPublishingProfiles/{publishingType}/publishedResources
``` ## Request headers
v1.0 Publishedresource Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/publishedresource-update.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-PATCH ~/onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}
+PATCH /onPremisesPublishingProfiles/{publishingType}/publishedResources/{id1}
``` ## Request headers
v1.0 Rbacapplication Post Roleeligibilityschedulerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/rbacapplication-post-roleeligibilityschedulerequests.md
In the following request, the admin creates a request to assign eligibility of a
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_unifiedroleeligibilityschedulerequest_from_unifiedroleeligibilityschedulerequests"
+ "name": "create_unifiedroleeligibilityschedulerequest_from_unifiedroleeligibilityschedulerequests_e1"
} --> ``` http
In the following request, the admin creates a request to revoke the eligibility
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_unifiedroleeligibilityschedulerequest_from_unifiedroleeligibilityschedulerequests_AdminRemove"
+ "name": "create_unifiedroleeligibilityschedulerequest_from_unifiedroleeligibilityschedulerequests_AdminRemove_e2"
} --> ``` http
v1.0 Reportroot Getteamsteamcounts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-getteamsteamcounts.md
+
+ Title: "reportRoot: getTeamsTeamCounts"
+description: "Get the number of teams of a particular type in an instance of Microsoft Teams."
+ms.localizationpriority: medium
+++
+# reportRoot: getTeamsTeamCounts
+
+Namespace: microsoft.graph
++
+Get the number of teams of a particular type in an instance of Microsoft Teams.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Reports.Read.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Reports.Read.All |
+
+> **Note:** For delegated permissions to allow apps to read service usage reports on behalf of a user, the tenant administrator must have assigned the user the appropriate Azure Active Directory limited administrator role. For more details, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /reports/getTeamsTeamCounts(period='{period_value}')
+```
+
+## Function parameters
+
+In the request URL, provide the following parameters with a valid value.
+
+| Parameter | Type | Description |
+| :-- | :-- | : |
+| period | string | Specifies the length of time over which the report is aggregated. The supported values for {period_value} are: `D7`, `D30`, `D90`, and `D180`. These values follow the format D*n*, where *n* represents the number of days over which the report is aggregated. Required. |
+
+> **Note:** You need to set either **period** or **date** in the request URL.
+## Optional query parameters
+
+This method supports the `$format` [OData query parameter](/graph/query-parameters) to customize the response. The default output type is `text/csv`. However, if you want to specify the output type, you can use the OData `$format` query parameter to set the default output to `text/csv` or `application/json`.
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+### CSV
+
+If successful, this method returns a `302 Found` response that redirects to a pre-authenticated download URL for the report. That URL can be found in the `Location` header in the response.
+
+Pre-authenticated download URLs are only valid for a short period (a few minutes) and do not require an `Authorization` header.
+
+The CSV file has the following headers for columns:
+
+- Report Refresh Date
+- Report Date
+- Public Teams
+- Active Public Teams
+- Private Teams
+- Active Private Teams
+
+### JSON
+
+If successful, this method returns a `200 OK` response code and a JSON object in the response body.
+
+## Examples
+
+### Example 1: CSV output
+
+The following is an example that outputs CSV.
+
+#### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsteamcounts_csv"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/reports/getTeamsTeamCounts(period='D7')?$format=text/csv
+```
++
+#### Response
+
+The following is an example of the response.
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+HTTP/1.1 302 Found
+Content-Type: text/plain
+Location: https://reports.office.com/data/download/JDFKdf2_eJXKS034dbc7e0t__XDe
+```
+
+Follow the 302 redirection and the CSV file that downloads will have the following schema.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/octet-stream
+Report Refresh Date,Report Date,Public Teams,Active Public Teams,Private Teams,Active Private Teams,
+```
+
+### Example 2: JSON output
+
+The following is an example that returns JSON.
+
+#### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsteamcounts_json"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/reports/getTeamsTeamCounts(period='D7')?$format=application/json
+```
++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 641
+{
+ "@odata.context": "https://graph.microsoft.com/beta/reports/getTeamsTeamCounts(period='D7')?$format=application/json&$skiptoken=D07uj",
+ "value": [
+ {
+ "reportRefreshDate": "2021-09-01",
+ "reportPeriod":7,
+ "teamsTeamUsageByDate": [
+ {
+ "reportDate": "2022-08-01",
+ "publicTeams": 26,
+ "privateTeams": 17,
+ "activePublicTeams": 20,
+ "activePrivateTeams": 12
+ }
+ ]
+ }
+ ]
+}
+```
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Example",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
v1.0 Samlorwsfedexternaldomainfederation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/samlorwsfedexternaldomainfederation-delete.md
If successful, this method returns a `204 No Content` response code.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "delete_samlorwsfedexternaldomainfederation"
+ "name": "delete_samlorwsfedexternaldomainfederation_e1"
} -->
v1.0 Samlorwsfedexternaldomainfederation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/samlorwsfedexternaldomainfederation-get.md
If successful, this method returns a `200 OK` response code and a [samlOrWsFedEx
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_samlorwsfedexternaldomainfederation"
+ "name": "get_samlorwsfedexternaldomainfederation_e1"
} -->
v1.0 Samlorwsfedexternaldomainfederation List Domains https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/samlorwsfedexternaldomainfederation-list-domains.md
If successful, this method returns a `200 OK` response code and a collection of
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_externaldomainname"
+ "name": "list_externaldomainname_e1"
} -->
v1.0 Samlorwsfedexternaldomainfederation Post Domains https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/samlorwsfedexternaldomainfederation-post-domains.md
If successful, this method returns a `201 Created` response code and an [externa
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_externaldomainname_from_"
+ "name": "create_externaldomainname_from_e1"
} -->
v1.0 Samlorwsfedexternaldomainfederation Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/samlorwsfedexternaldomainfederation-post.md
If successful, this method returns a `201 Created` response code and a [samlOrWs
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_samlorwsfedexternaldomainfederation_from_"
+ "name": "create_samlorwsfedexternaldomainfederation_from_e1"
} -->
v1.0 Samlorwsfedexternaldomainfederation Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/samlorwsfedexternaldomainfederation-update.md
If successful, this method returns a `200 OK` response code and an updated [saml
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_samlorwsfedexternaldomainfederation"
+ "name": "update_samlorwsfedexternaldomainfederation_e1"
} -->
v1.0 Search Query https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-query.md
If successful, this method returns an `HTTP 200 OK` response code and a collecti
## Examples
-### Request
+### Example 1: Basic call to perform a search request
+
+The following example shows how to perform a search to get expected connector items.
+
+#### Request
-The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "search_query"
+ "name": "query"
}--> ```HTTP
Content-type: application/json
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] ### Response
-The following is an example of the response.
+The following example shows the response.
> **Note:** The response object shown here might be shortened for readability.
Content-type: application/json
} ```
+### Example 2: Basic call to use queryTemplate
+
+The following example shows how to use the queryable property **createdBy** to retrieve all files created by a user.
+
+#### Request
+
+```HTTP
+POST https://graph.microsoft.com/beta/search/query
+Content-type: application/json
+
+{
+ "requests": [
+ {
+ "entityTypes": [
+ "listItem"
+ ],
+ "query": {
+ "queryString": "contoso",
+ "queryTemplate":"{searchTerms} CreatedBy:Bob"
+ },
+ "from": 0,
+ "size": 25
+ }
+ ]
+}
+```
+
+### Response
+
+The following example shows the response.
+
+```HTTP
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "value": [
+ {
+ "searchTerms": [
+ "contoso"
+ ],
+ "hitsContainers": [
+ {
+ "hits": [
+ {
+ "hitId": "1",
+ "rank": 1,
+ "summary": "_summary-value",
+ "resource": {
+ "@odata.type": "#microsoft.graph.listItem",
+ "id": "c23c7035-73d6-4bad-8901-9e2930d4be8e",
+ "createdBy": {
+ "user": {
+ "displayName": "Bob",
+ "email": "Bob@contoso.com"
+ }
+ },
+ "createdDateTime": "2021-11-19T17:04:18Z",
+ "lastModifiedDateTime": "2023-03-09T18:52:26Z"
+ }
+ }
+ ],
+ "total": 1,
+ "moreResultsAvailable": false
+ }
+ ]
+ }
+ ]
+}
+```
+ ## See also - Search [mail messages](/graph/search-concept-messages)
Content-type: application/json
- Search [person](/graph/search-concept-person) - Search content in SharePoint and OneDrive ([files, lists and sites](/graph/search-concept-files)) - Search [custom types (Graph Connectors)](/graph/search-concept-custom-types) data
+- Search with [queryTemplate](/graph/search-concept-query-template)
- [Sort](/graph/search-concept-sort) search results - Use [aggregations](/graph/search-concept-aggregation) to refine search results - Enable [spell corrections](/graph/search-concept-speller) in search results
v1.0 Search Searchentity List Qnas https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-list-qnas.md
GET https://graph.microsoft.com/beta/search/qnas
[!INCLUDE [sample-code](../includes/snippets/go/list-qna-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/list-qna-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Search Searchentity Post Acronyms https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-post-acronyms.md
If successful, this method returns a `200 Ok` response code.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_acronym_from_acronyms"
+ "name": "create_acronym_from_acronyms_e1"
}--> ```http POST https://graph.microsoft.com/beta/search/acronyms
v1.0 Search Searchentity Post Bookmarks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-post-bookmarks.md
If successful, this method returns a `201 Created` response code with the ID of
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_bookmark_from_bookmarks"
+ "name": "create_bookmark_from_bookmarks_e1"
}--> ```http POST https://graph.microsoft.com/beta/search/bookmarks
v1.0 Security Alert Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-alert-get.md
GET https://graph.microsoft.com/beta/security/alerts_v2/da637578995287051192_756
[!INCLUDE [sample-code](../includes/snippets/go/get-security-alert-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-security-alert-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Security Alert Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-alert-update.md
Content-length: 2450
[!INCLUDE [sample-code](../includes/snippets/go/update-alert-v2-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/update-alert-v2-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Security Article Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-article-get.md
+
+ Title: "Get article"
+description: "Read the properties and relationships of an article object."
+
+ms.localizationpriority: medium
++
+# Get article
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of an [article](../resources/security-article.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/articles/{articleId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.article](../resources/security-article.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_article_e1",
+ "sampleKeys": ["a272d5ab"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/articles/a272d5ab
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.article"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.context": "$metadata#articles/$entity",
+ "id": "a272d5ab",
+ "createdDateTime": "2023-03-03T18:20:22.677Z",
+ "lastUpdatedDateTime": "2023-03-03T18:20:22.677Z",
+ "title": "Batloader Malware Abuses Legitimate Tools Uses Obfuscated JavaScript Files in Q4 2022 Attacks",
+ "summary": {
+ "content": "Trend Micro discusses Batloader campaigns that were observed in the last quarter of 2022.",
+ "format": "markdown"
+ },
+ "isFeatured": false,
+ "body": {
+ "content": "#### Description\r\nTrend Micro discusses Batloader...",
+ "format": "markdown"
+ },
+ "tags": [
+ "OSINT",
+ "Batloader",
+ "RoyalRansomware",
+ "Python",
+ "JavaScript",
+ "MSI",
+ "PowerShell"
+ ],
+ "imageUrl": null
+ }
+}
+```
v1.0 Security Article List Indicators https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-article-list-indicators.md
+
+ Title: "List indicators"
+description: "Get a list of articleIndicator objects that represent indicators of threat or compromise related to the contents of an article."
+
+ms.localizationpriority: medium
++
+# List indicators
+
+Namespace: microsoft.graph.security
++
+Get a list of [articleIndicator](../resources/security-articleindicator.md) objects that represent indicators of threat or compromise related to the contents of an [article](../resources/security-article.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/articles/{articleId}/indicators
+```
+
+## Optional query parameters
+
+This method supports the `$count`, `$select`, `$top`, and `$skip` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.articleIndicator](../resources/security-articleindicator.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_articleindicator",
+ "sampleKeys": ["a272d5ab"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/articles/a272d5ab/indicators
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.articleIndicator)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.articleIndicator",
+ "id": "ZmFrZS1tYWxpY2lvdXMuc2l0ZQ==",
+ "source": "microsoftDefenderThreatIntelligence",
+ "artifact": {
+ "@odata.type": "#microsoft.graph.security.hostname",
+ "id": "fake-malicious.site"
+ }
+ }
+ ]
+}
+```
v1.0 Security Article List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-article-list.md
+
+ Title: "List articles"
+description: "Get a list of article objects, including their properties and relationships."
+
+ms.localizationpriority: medium
++
+# List articles
+
+Namespace: microsoft.graph.security
++
+Get a list of [article](../resources/security-article.md) objects, including their properties and relationships.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/articles
+```
+
+## Optional query parameters
+
+This method supports the `$count`, `$select`, `$search`, `$top`, `$skip`, and `$orderBy` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+> **Note:** Currently, the `$search` OData query parameter only supports single-term searches.
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.article](../resources/security-article.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_article"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/articles
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.article"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.context": "$metadata#articles/$entity",
+ "id": "a272d5ab",
+ "createdDateTime": "2023-03-03T18:20:22.677Z",
+ "lastUpdatedDateTime": "2023-03-03T18:20:22.677Z",
+ "title": "Batloader Malware Abuses Legitimate Tools Uses Obfuscated JavaScript Files in Q4 2022 Attacks",
+ "summary": {
+ "content": "Trend Micro discusses Batloader campaigns that were observed in the last quarter of 2022.",
+ "format": "markdown"
+ },
+ "isFeatured": false,
+ "body": {
+ "content": "#### Description\r\nTrend Micro discusses Batloader...",
+ "format": "markdown"
+ },
+ "tags": [
+ "OSINT",
+ "Batloader",
+ "RoyalRansomware",
+ "Python",
+ "JavaScript",
+ "MSI",
+ "PowerShell"
+ ],
+ "imageUrl": null
+ }
+ ]
+}
+```
v1.0 Security Articleindicator Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-articleindicator-get.md
+
+ Title: "Get articleIndicator"
+description: "Read the properties and relationships of an articleIndicator object."
+
+ms.localizationpriority: medium
++
+# Get articleIndicator
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of an [articleIndicator](../resources/security-articleindicator.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/articleIndicators/{articleIndicatorId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.articleIndicator](../resources/security-articleindicator.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_articleindicator",
+ "sampleKeys": ["ZmFrZS1tYWxpY2lvdXMuc2l0ZQ=="]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/articleIndicators/ZmFrZS1tYWxpY2lvdXMuc2l0ZQ==
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.articleIndicator"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.articleIndicator",
+ "id": "ZmFrZS1tYWxpY2lvdXMuc2l0ZQ==",
+ "source": "microsoftDefenderThreatIntelligence",
+ "artifact": {
+ "@odata.type": "#microsoft.graph.security.hostname",
+ "id": "fake-malicious.site"
+ }
+ }
+}
+```
v1.0 Security Ediscoveryexportoperation Getdownloadurl https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryexportoperation-getdownloadurl.md
Title: "ediscoveryExportOperation: getDownloadUrl"
-description: "return a downloadUrl from where the export content is delivered as a stream"
+ Title: "ediscoveryExportOperation: getDownloadUrl (deprecated)"
+description: "Return a download URL from where the export content is delivered as a stream."
ms.localizationpriority: medium ms.prod: "ediscovery" doc_type: "apiPageType"
-# ediscoveryExportOperation: getDownloadUrl
+# ediscoveryExportOperation: getDownloadUrl (deprecated)
+ Namespace: microsoft.graph.security [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-If a Azure blob url is not provided in export action, the export operation exports the files to an internal store. Contents of this store can be fetched by calling into this function. This will return a downloadUrl where the zipped content is delivered as a stream.
+
+> [!CAUTION]
+> The **getDownloadUrl** method is deprecated and will stop returning data on April 30th, 2023. Please use the new **exportFileMetadata** property returned by the [Get caseOperation](../api/security-caseoperation-get.md) API instead.
++
+If an Azure blob URL is not provided in export action, the export operation exports the files to an internal store. Contents of this store can be fetched by calling into this function. This returns a download URL where the zipped content is delivered as a stream.
## Permissions
v1.0 Security Ediscoveryreviewset Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewset-export.md
The following table shows the parameters that can be used with this action.
|Parameter|Type|Description| |:|:|:|
-|outputName|String| Name of the export. Required. |
-|description|String| Description of the export |
-|azureBlobContainer|String| when you export to your own Azure storage account, this is the container URL. |
-|azureBlobToken|String| when you export to your own Azure storage account, SAS token for the container URL. |
-|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`.|
+|description|String| Description of the export. |
+|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included.|
|exportStructure|String| Options that control file structure and packaging of the export. Possible values are: `none`, `directory`, `pst`.|
+|outputName|String| Name of the export. Required. |
+|azureBlobContainer (deprecated)|String| When you export to your own Azure storage account, this is the container URL. The **azureBlobContainer** property is deprecated and will stop returning data on April 30th, 2023. |
+|azureBlobToken (deprecated)|String| When you export to your own Azure storage account, SAS token for the container URL. The **azureBlobToken** property is deprecated and will stop returning data on April 30th, 2023. |
+ ## Response If the export has started successfully, this action returns a `202 Accepted` response code. The response will also contain a `Location` header, which contains the location of the [Export operation](../resources/security-ediscoveryexportoperation.md) that was created to handle the export.
v1.0 Security Ediscoveryreviewsetquery Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewsetquery-export.md
The following table shows the parameters that can be used with this action.
|Parameter|Type|Description| |:|:|:|
-|outputName|String| Name of the export. Required. |
-|description|String| Description of the export |
-|azureBlobContainer|String| when you export to your own Azure storage account, this is the container URL. |
-|azureBlobToken|String| when you export to your own Azure storage account, SAS token for the container URL. |
-|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`.|
+|description|String| Description of the export. |
+|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo` (deprecated), `tags`. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included.|
|exportStructure|String| Options that control file structure and packaging of the export. Possible values are: `none`, `directory`, `pst`.|-
+|outputName|String| Name of the export. Required. |
+|azureBlobContainer (deprecated) |String| When you export to your own Azure storage account, this is the container URL. The **azureBlobContainer** property is deprecated and will stop returning data on April 30th, 2023. |
+|azureBlobToken (deprecated) |String| When you export to your own Azure storage account, SAS token for the container URL. The **azureBlobToken** property is deprecated and will stop returning data on April 30th, 2023. |
## Response
v1.0 Security Host Get Reputation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-host-get-reputation.md
+
+ Title: "Get hostReputation"
+description: "Get the properties and relationships of a hostReputation."
+
+ms.localizationpriority: medium
++
+# Get hostReputation
+
+Namespace: microsoft.graph.security
++
+Get the properties and relationships of a [hostReputation](../resources/security-hostreputation.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hosts/{hostId}/reputation
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.hostReputation](../resources/security-hostreputation.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_hostreputation",
+ "sampleKeys": ["fake-malicious.site"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hosts/fake-malicious.site/reputation
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.hostReputation"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.security.hostReputation",
+ "id": "1e3b9ded-abb6-1828-c4ef-a5ca48b287a0",
+ "classification": "malicious",
+ "score": 100,
+ "rules": [
+ {
+ "name": "Microsoft Defender Threat Intelligence Intel Article",
+ "description": "Activity Snapshot: DPRK Actors Target Maritime Sector",
+ "severity": "high",
+ "relatedDetailsUrl": "https://ti.defender.microsoft.com/article/831b70a4"
+ },
+ {
+ "name": "Name server",
+ "description": "Domain is using a name server that has been associated with suspicious behavior",
+ "severity": "medium",
+ "relatedDetailsUrl": null
+ },
+ {
+ "name": "Registrar",
+ "description": "Domains registered using this registrar are frequently associated with suspicious behavior",
+ "severity": "medium",
+ "relatedDetailsUrl": null
+ },
+ {
+ "name": "Resolving IP Address",
+ "description": "192.168.1.1",
+ "severity": "low",
+ "relatedDetailsUrl": "https://ti.defender.microsoft.com/search?query=192.168.1.1"
+ }
+ ]
+}
+```
v1.0 Security Host Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-host-get.md
+
+ Title: "Get host"
+description: "Read the properties and relationships of a host object."
+
+ms.localizationpriority: medium
++
+# Get host
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [host](../resources/security-host.md) object. The [host](../resources/security-host.md) resource is the abstract base type that returns an implementation. A host can be of one of the following types:
+
+* [hostname](../resources/security-hostname.md)
+* [ipAddress](../resources/security-ipaddress.md)
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hosts/{hostId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.host](../resources/security-host.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_host",
+ "sampleKeys": ["contoso.com"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hosts/contoso.com
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.host"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.hostname",
+ "id": "contoso.com",
+ "firstSeenDateTime": "2009-09-02T03:29:10.000Z",
+ "lastSeenDateTime": "2009-09-02T03:29:10.000Z",
+ "registrar": "MarkMonitor Inc.",
+ "registrant": "Microsoft Corporation"
+ }
+}
+```
v1.0 Security Host List Components https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-host-list-components.md
+
+ Title: "List components"
+description: "Get a list of hostComponent resources."
+
+ms.localizationpriority: medium
++
+# List components
+
+Namespace: microsoft.graph.security
++
+Get a list of [hostComponent](../resources/security-hostcomponent.md) resources.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hosts/{hostId}/components
+```
+
+## Optional query parameters
+
+This method supports the `$count`, `$select`, `$top`, and `$skip` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_hostcomponent",
+ "sampleKeys": ["contoso.com"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hosts/contoso.com/components
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.hostComponent)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.hostComponent",
+ "id": "TWljcm9zb2Z0LUlJUyQkMTAuMCQkU2VydmVyJCRjMS5taWNyb3NvZnQuY29t",
+ "firstSeenDateTime": "2023-02-28T00:00:19.644Z",
+ "lastSeenDateTime": "2023-03-06T23:58:55.615Z",
+ "name": "Microsoft-IIS",
+ "version": "10.0",
+ "category": "Server",
+ "host": {
+ "id": "c1.microsoft.com"
+ }
+ }
+ ]
+}
+```
v1.0 Security Host List Cookies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-host-list-cookies.md
+
+ Title: "List cookies"
+description: "Get a list of hostCookie resources."
+
+ms.localizationpriority: medium
++
+# List cookies
+
+Namespace: microsoft.graph.security
++
+Get a list of [hostCookie](../resources/security-hostcookie.md) resources.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hosts/{hostId}/cookies
+```
+
+## Optional query parameters
+
+This method supports the `$count`, `$select`, `$top`, and `$skip` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_hostcookie",
+ "sampleKeys": ["contoso.com"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hosts/contoso.com/cookies
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.hostCookie)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.hostCookie",
+ "id": "c2VjdXJlbWFpbC5jb250b3NvLmNvbSQkT0lEQyQkc2VjdXJlbWFpbC5jb250b3NvLmNvbQ==",
+ "firstSeenDateTime": "2022-02-26T07:23:34.558Z",
+ "lastSeenDateTime": "2023-02-28T04:57:15.288Z",
+ "domain": "securemail.contoso.com",
+ "name": "OIDC",
+ "host": {
+ "id": "securemail.contoso.com"
+ }
+ }
+ ]
+}
+```
v1.0 Security Host List Passivedns https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-host-list-passivedns.md
+
+ Title: "List passiveDns"
+description: "Get a list of passiveDnsRecord resources associated to a host."
+
+ms.localizationpriority: medium
++
+# List passiveDns
+
+Namespace: microsoft.graph.security
++
+Get a list of [passiveDnsRecord](../resources/security-passivednsrecord.md) resources associated to a host.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hosts/{hostId}/passiveDns
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_passivedns_e1",
+ "sampleKeys": ["contoso.com"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hosts/contoso.com/passiveDns
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.passiveDnsRecord)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.passiveDnsRecord",
+ "id": "Y29udG9zby5jb20kJDIwLjEwMy44NS4zMyQkZmFsc2U=",
+ "firstSeenDateTime": "2022-04-18T10:31:12Z",
+ "lastSeenDateTime": "2023-03-07T13:19:35Z",
+ "collectedDateTime": "2023-03-07T13:59:34.735Z",
+ "recordType": "A",
+ "parentHost": {
+ "id": "contoso.com"
+ },
+ "artifact": {
+ "@odata.type": "#microsoft.graph.security.ipAddress",
+ "id": "20.103.85.33"
+ }
+ }
+ ]
+}
+```
v1.0 Security Host List Passivednsreverse https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-host-list-passivednsreverse.md
+
+ Title: "List passiveDnsReverse"
+description: "Get a list of passiveDnsRecord resources."
+
+ms.localizationpriority: medium
++
+# List passiveDnsReverse
+
+Namespace: microsoft.graph.security
++
+Get a list of [passiveDnsRecord](../resources/security-passivednsrecord.md) resources.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hosts/{hostId}/passiveDnsReverse
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_passivedns",
+ "sampleKeys": ["contoso.com"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hosts/contoso.com/passiveDnsReverse
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.passiveDnsRecord)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.passiveDnsRecord",
+ "id": "bWljcm9zb2Z0LmNvbTcxNDA5MjAuMTAzLjg1LjMz",
+ "firstSeenDateTime": "2022-04-18T10:31:12Z",
+ "lastSeenDateTime": "2023-03-07T13:19:35Z",
+ "collectedDateTime": "2023-03-07T13:59:34.735Z",
+ "recordType": "CNAME",
+ "parentHost": {
+ "id": "contoso.com"
+ },
+ "artifact": {
+ "@odata.type": "#microsoft.graph.security.hostname",
+ "id": "www.contoso.com"
+ }
+ }
+ ]
+}
+```
v1.0 Security Host List Trackers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-host-list-trackers.md
+
+ Title: "List trackers"
+description: "Get a list of hostTracker resources."
+
+ms.localizationpriority: medium
++
+# List trackers
+
+Namespace: microsoft.graph.security
++
+Get a list of [hostTracker](../resources/security-hosttracker.md) resources.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hosts/{hostId}/trackers
+```
+
+## Optional query parameters
+
+This method supports the `$count`, `$select`, `$top`, and `$skip` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_hosttracker",
+ "sampleKeys": ["contoso.com"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hosts/contoso.com/trackers
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.hostTracker)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.hostTracker",
+ "id": "Y29udG9zby1hZHZlcnRpc2luZzkyNDEwQ29udG9zb0lkOTI0MTBhYm91dC5hZHMuY29udG9zby5jb20=",
+ "firstSeenDateTime": "2019-06-13T17:25:22.761Z",
+ "lastSeenDateTime": "2023-03-25T23:59:32.157Z",
+ "kind": "ContosoId",
+ "value": "contoso-advertising",
+ "host": {
+ "id": "about.ads.contoso.com"
+ }
+ }
+ ]
+}
+```
v1.0 Security Hostcomponent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-hostcomponent-get.md
+
+ Title: "Get hostComponent"
+description: "Read the properties and relationships of a hostComponent object."
+
+ms.localizationpriority: medium
++
+# Get hostComponent
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [hostComponent](../resources/security-hostcomponent.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hostComponents/{hostComponentId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_hostcomponent",
+ "sampleKeys": ["TWljcm9zb2Z0LUlJUyQkMTAuMCQkU2VydmVyJCRjMS5taWNyb3NvZnQuY29t"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hostComponents/TWljcm9zb2Z0LUlJUyQkMTAuMCQkU2VydmVyJCRjMS5taWNyb3NvZnQuY29t
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.hostComponent"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.hostComponent",
+ "id": "TWljcm9zb2Z0LUlJUyQkMTAuMCQkU2VydmVyJCRjMS5taWNyb3NvZnQuY29t",
+ "firstSeenDateTime": "2023-02-28T00:00:19.644Z",
+ "lastSeenDateTime": "2023-03-06T23:58:55.615Z",
+ "name": "Microsoft-IIS",
+ "version": "10.0",
+ "category": "Server",
+ "host": {
+ "id": "contoso.com"
+ }
+ }
+}
+```
v1.0 Security Hostcookie Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-hostcookie-get.md
+
+ Title: "Get hostCookie"
+description: "Read the properties and relationships of a hostCookie object."
+
+ms.localizationpriority: medium
++
+# Get hostCookie
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [hostCookie](../resources/security-hostcookie.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hostCookies/{hostCookieId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_hostcookie",
+ "sampleKeys": ["c2VjdXJlbWFpbC5jb250b3NvLmNvbSQkT0lEQyQkc2VjdXJlbWFpbC5jb250b3NvLmNvbQ=="]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hostCookies/c2VjdXJlbWFpbC5jb250b3NvLmNvbSQkT0lEQyQkc2VjdXJlbWFpbC5jb250b3NvLmNvbQ==
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.hostCookie"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.hostCookie",
+ "id": "c2VjdXJlbWFpbC5jb250b3NvLmNvbSQkT0lEQyQkc2VjdXJlbWFpbC5jb250b3NvLmNvbQ==",
+ "firstSeenDateTime": "2022-02-26T07:23:34.558Z",
+ "lastSeenDateTime": "2023-02-28T04:57:15.288Z",
+ "domain": "securemail.contoso.com",
+ "name": "OIDC",
+ "host": {
+ "id": "securemail.contoso.com"
+ }
+ }
+}
+```
v1.0 Security Hosttracker Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-hosttracker-get.md
+
+ Title: "Get hostTracker"
+description: "Read the properties and relationships of a hostTracker object."
+
+ms.localizationpriority: medium
++
+# Get hostTracker
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [hostTracker](../resources/security-hosttracker.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/hostTrackers/{hostTrackerId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_hosttracker",
+ "sampleKeys": ["Y29udG9zby1hZHZlcnRpc2luZzkyNDEwQ29udG9zb0lkOTI0MTBhYm91dC5hZHMuY29udG9zby5jb20="]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/hostTrackers/Y29udG9zby1hZHZlcnRpc2luZzkyNDEwQ29udG9zb0lkOTI0MTBhYm91dC5hZHMuY29udG9zby5jb20=
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.hostTracker"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.security.hostTracker",
+ "id": "Y29udG9zby1hZHZlcnRpc2luZzkyNDEwQ29udG9zb0lkOTI0MTBhYm91dC5hZHMuY29udG9zby5jb20=",
+ "firstSeenDateTime": "2019-06-13T17:25:22.761Z",
+ "lastSeenDateTime": "2023-03-25T23:59:32.157Z",
+ "kind": "ContosoId",
+ "value": "contoso-advertising",
+ "host": {
+ "id": "about.ads.contoso.com"
+ }
+}
+```
v1.0 Security Intelligenceprofile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-intelligenceprofile-get.md
+
+ Title: "Get intelligenceProfile"
+description: "Read the properties and relationships of an intelligenceProfile object."
+
+ms.localizationpriority: medium
++
+# Get intelligenceProfile
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [intelligenceProfile](../resources/security-intelligenceprofile.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/intelProfiles/{intelligenceProfileId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_intelligenceprofile",
+ "sampleKeys": ["actinium"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/intelProfiles/actinium
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.intelligenceProfile"
+}
+-->
+```json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.security.intelligenceProfile",
+ "id": "actinium",
+ "kind": "actor",
+ "title": "ACTINIUM",
+ "firstActiveDateTime": "2022-01-31T16:00:00.000Z",
+ "aliases": [
+ "Primitive Bear",
+ "TEMP.Armageddon",
+ "Shuckworm",
+ "Gamaredon"
+ ],
+ "targets": [
+ "Government",
+ "Humanitarian"
+ ],
+ "sponsorStates": [
+ {
+ "@odata.type": "microsoft.graph.security.intelligenceProfileSponsorState",
+ "label": "Country/Region",
+ "code": "Country/Region code"
+ }
+ ],
+ "summary": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "ACTINIUM is an activity group with a long history of targeting government and private sector organizations that have a presence in or an association with Ukraine",
+ "format": "text"
+ },
+ "description": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "### Summary\n\nACTINIUM is an activity group with a long history of targeting government and private sector organizations that have a presence in or an association with Ukraine. On February 4, 2022, Microsoft released a [blog]...",
+ "format": "markdown"
+ },
+ "tradecraft": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "#### Tactics, Techniques, and Procedures\n\n[ACTINIUM](https://attack.mitre.org/groups/G0047/) has exhibited use of the following attack techniques...",
+ "format": "markdown"
+ }
+}
+```
v1.0 Security Intelligenceprofile List Indicators https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-intelligenceprofile-list-indicators.md
+
+ Title: "List intelligenceProfileIndicators"
+description: "Get the intelligenceProfileIndicator resources from the indicators navigation property."
+
+ms.localizationpriority: medium
++
+# List intelligenceProfileIndicators
+
+Namespace: microsoft.graph.security
++
+Get the [intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) resources from the **indicators** navigation property of an [intelligenceProfile](../resources/security-intelligenceprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/intelProfiles/{intelligenceProfileId}/indicators
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_intelligenceprofileindicator",
+ "sampleKeys": ["actinium"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/intelProfiles/actinium/indicators
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.intelligenceProfileIndicator)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.intelligenceProfileIndicator",
+ "id": "ff3eecd2-a2be-27c2-8dc0-40d1c0eada55",
+ "source": "microsoftDefenderThreatIntelligence",
+ "firstSeenDateTime": "2022-05-02T23:09:20.000Z",
+ "lastSeenDateTime": null,
+ "artifact": {
+ "@odata.type": "#microsoft.graph.security.hostname",
+ "id": "fake-malicious.site"
+ }
+ }
+ ]
+}
+```
v1.0 Security Intelligenceprofile List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-intelligenceprofile-list.md
+
+ Title: "List intelligenceProfiles"
+description: "Get a list of the intelligenceProfile objects and their properties."
+
+ms.localizationpriority: medium
++
+# List intelligenceProfiles
+
+Namespace: microsoft.graph.security
++
+Get a list of the [intelligenceProfile](../resources/security-intelligenceprofile.md) objects and their properties.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/intelProfiles
+```
+
+## Optional query parameters
+
+This method supports the `$count`, `$select`, `$search`, `$top`, `$skip`, `$orderBy`, and `$filter` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_intelligenceprofile"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/intelProfiles
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.intelligenceProfile)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.intelligenceProfile",
+ "id": "actinium",
+ "kind": "actor",
+ "title": "ACTINIUM",
+ "firstActiveDateTime": "2022-01-31T16:00:00.000Z",
+ "aliases": [
+ "Primitive Bear",
+ "TEMP.Armageddon",
+ "Shuckworm",
+ "Gamaredon"
+ ],
+ "targets": [
+ "Government",
+ "Humanitarian"
+ ],
+ "sponsorStates": [
+ {
+ "@odata.type": "microsoft.graph.security.intelligenceProfileSponsorState",
+ "label": "Country/Region",
+ "code": "Country/Region code"
+ }
+ ],
+ "summary": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "ACTINIUM is an activity group with a long history of targeting government and private sector organizations that have a presence in or an association with Ukraine",
+ "format": "text"
+ },
+ "description": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "### Summary\n\nACTINIUM is an activity group with a long history of targeting government and private sector organizations that have a presence in or an association with Ukraine. On February 4, 2022, Microsoft released a [blog]...",
+ "format": "markdown"
+ },
+ "tradecraft": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "#### Tactics, Techniques, and Procedures\n\n[ACTINIUM](https://attack.mitre.org/groups/G0047/) has exhibited use of the following attack techniques...",
+ "format": "markdown"
+ }
+ }
+ ]
+}
+```
v1.0 Security Intelligenceprofileindicator Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-intelligenceprofileindicator-get.md
+
+ Title: "Get intelligenceProfileIndicator"
+description: "Read the properties and relationships of an intelligenceProfileIndicator object."
+
+ms.localizationpriority: medium
++
+# Get intelligenceProfileIndicator
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/intelProfileIndicators/{intelligenceProfileIndicatorId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_intelligenceprofileindicator",
+ "sampleKeys": ["ff3eecd2-a2be-27c2-8dc0-40d1c0eada55"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/intelProfileIndicators/ff3eecd2-a2be-27c2-8dc0-40d1c0eada55
+```
+
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.intelligenceProfileIndicator"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.intelligenceProfileIndicator",
+ "id": "ff3eecd2-a2be-27c2-8dc0-40d1c0eada55",
+ "source": "microsoftDefenderThreatIntelligence",
+ "firstSeenDateTime": "2022-05-02T23:09:20.000Z",
+ "lastSeenDateTime": null,
+ "artifact": {
+ "@odata.type": "#microsoft.graph.security.hostname",
+ "id": "fake-malicious.site"
+ }
+ }
+}
+```
v1.0 Security List Alerts_V2 https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-list-alerts_v2.md
GET https://graph.microsoft.com/beta/security/alerts_v2
[!INCLUDE [sample-code](../includes/snippets/go/security-list-alerts-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/security-list-alerts-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Security Passivednsrecord Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-passivednsrecord-get.md
+
+ Title: "Get passiveDnsRecord"
+description: "Read the properties and relationships of a passiveDnsRecord object."
+
+ms.localizationpriority: medium
++
+# Get passiveDnsRecord
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [passiveDnsRecord](../resources/security-passivednsrecord.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/passiveDnsRecords/{passiveDnsRecordId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_passivedns",
+ "sampleKeys": ["Y29udG9zby5jb20kJDIwLjEwMy44NS4zMyQkZmFsc2U="]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/passiveDnsRecords/Y29udG9zby5jb20kJDIwLjEwMy44NS4zMyQkZmFsc2U=
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.passiveDnsRecord"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.passiveDnsRecord",
+ "id": "Y29udG9zby5jb20kJDIwLjEwMy44NS4zMyQkZmFsc2U=",
+ "firstSeenDateTime": "2022-04-18T10:31:12Z",
+ "lastSeenDateTime": "2023-03-07T13:19:35Z",
+ "collectedDateTime": "2023-03-07T13:59:34.735Z",
+ "recordType": "A",
+ "parentHost": {
+ "id": "contoso.com"
+ },
+ "artifact": {
+ "@odata.type": "#microsoft.graph.security.ipAddress",
+ "id": "20.103.85.33"
+ }
+ }
+}
+```
v1.0 Security Vulnerability Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-vulnerability-get.md
+
+ Title: "Get vulnerability"
+description: "Read the properties and relationships of a vulnerability object."
+
+ms.localizationpriority: medium
++
+# Get vulnerability
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [vulnerability](../resources/security-vulnerability.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/vulnerabilities/{vulnerabilityId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.vulnerability](../resources/security-vulnerability.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_vulnerability",
+ "sampleKeys": ["CVE-2021-44228"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/vulnerabilities/CVE-2021-44228
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.vulnerability"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.vulnerability",
+ "id": "CVE-2021-44228",
+ "createdDateTime": "2021-11-27T13:18:28.240Z",
+ "lastModifiedDateTime": "2023-02-06T18:53:00.000Z",
+ "publishedDateTime": "2021-12-10T18:15:00.000Z",
+ "description": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints...",
+ "format": "markdown"
+ },
+ "remediation": {
+ "@odata.type": "microsoft.graph.security.formattedContent",
+ "content": "##### Upgrade Apache Log4j to 2.15.0...",
+ "format": "markdown"
+ },
+ "priorityScore": 100,
+ "severity": "high",
+ "commonWeaknessEnumerationIds": [
+ "CWE-20",
+ "CWE-400",
+ "CWE-502"
+ ],
+ "cvss2Summary": {
+ "@odata.type": "microsoft.graph.security.cvssSummary",
+ "score": 9.3,
+ "severity": "high",
+ "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C"
+ },
+ "cvss3Summary": {
+ "@odata.type": "microsoft.graph.security.cvssSummary",
+ "score": 10.0,
+ "severity": "critical",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ },
+ "hasChatter": "true",
+ "exploitsAvailable": "true",
+ "activeExploitsObserved": "true",
+ "exploits": [
+ {
+ "@odata.type": "microsoft.graph.security.hyperlink",
+ "name": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html",
+ "url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
+ }
+ ],
+ "references": [
+ {
+ "@odata.type": "microsoft.graph.security.hyperlink",
+ "name": "MicrosoftΓÇÖs Response to CVE-2021-44228 Apache Log4j 2",
+ "url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/",
+ }
+ ]
+ }
+}
+```
v1.0 Security Vulnerability List Components https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-vulnerability-list-components.md
+
+ Title: "List vulnerabilityComponents"
+description: "Get a list of the vulnerabilityComponent objects and their properties."
+
+ms.localizationpriority: medium
++
+# List vulnerabilityComponents
+
+Namespace: microsoft.graph.security
++
+Get a list of the [microsoft.graph.security.vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/vulnerabilities/{vulnerabilityId}/components
+```
+
+## Optional query parameters
+
+This method supports the `$select`, `$top`, and `$skip` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.security.vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_vulnerabilitycomponent",
+ "sampleKeys": ["CVE-2021-44228"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/vulnerabilities/CVE-2021-44228/components
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.security.vulnerabilityComponent)"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.security.vulnerabilityComponent",
+ "id": "Y3ZlLTIwMjEtNDQyMjg3MTQwOUFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIExvZzRqIDIuMA==",
+ "name": "Apache Software Foundation Log4j 2.0"
+ }
+ ]
+}
+```
v1.0 Security Vulnerabilitycomponent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-vulnerabilitycomponent-get.md
+
+ Title: "Get vulnerabilityComponent"
+description: "Read the properties and relationships of a vulnerabilityComponent object."
+
+ms.localizationpriority: medium
++
+# Get vulnerabilityComponent
+
+Namespace: microsoft.graph.security
++
+Read the properties and relationships of a [vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ThreatIntelligence.Read.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|ThreatIntelligence.Read.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /security/threatIntelligence/vulnerabilities/{vulnerabilityId}/components/{vulnerabilityComponentId}
+```
+
+## Optional query parameters
+
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [microsoft.graph.security.vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_vulnerabilitycomponent",
+ "sampleKeys": ["cve-2021-44228", "Y3ZlLTIwMjEtNDQyMjg3MTQwOUFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIExvZzRqIDIuMA=="]
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/security/threatIntelligence/vulnerabilities/cve-2021-44228/components/Y3ZlLTIwMjEtNDQyMjg3MTQwOUFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIExvZzRqIDIuMA==
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.security.vulnerabilityComponent"
+}
+-->
+``` json
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.security.vulnerabilityComponent",
+ "id": "Y3ZlLTIwMjEtNDQyMjg3MTQwOUFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIExvZzRqIDIuMA==",
+ "name": "Apache Software Foundation Log4j 2.0"
+ }
+}
+```
v1.0 Securityactions Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/securityactions-post.md
Title: "Create securityAction"
-description: Create a new securityAction object."
+description: "Create a new securityAction object."
ms.localizationpriority: medium ms.prod: "security"
In the request body, supply a JSON representation of a [securityAction](../resou
## Response
-If successful, this method returns `201 Created` response code and a [securityAction](../resources/securityaction.md) object in the response body.
+If successful, this method returns a `201 Created` response code and a [securityAction](../resources/securityaction.md) object in the response body.
## Examples
Content-type: application/json
The following is an example of the response.
-> [!NOTE]
-> The response object shown here might be shortened for readability.
+> **Note**: The response object shown here might be shortened for readability.
<!-- { "blockType": "response",
v1.0 Servicestoragequotabreakdown Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/servicestoragequotabreakdown-get.md
+
+ Title: "Get serviceStorageQuotaBreakdown"
+description: "Read the properties and relationships of a serviceStorageQuotaBreakdown object."
+
+ms.localizationpriority: medium
++
+# Get serviceStorageQuotaBreakdown
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| Not supported. |
+|Delegated (personal Microsoft account)| Files.Read, Files.Read.All, Files.ReadWrite, Files.ReadWrite.All |
+|Application| Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/settings/storage/quota/services/{serviceStorageQuotaBreakdownId}
+GET /users/{usersId}/settings/storage/quota/services/{serviceStorageQuotaBreakdownId}
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_servicestoragequotabreakdown"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota/services/OneDrive
+```
++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.serviceStorageQuotaBreakdown"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "displayName": "OneDrive",
+ "id": "OneDrive",
+ "used": 102633320226,
+ "manageWebUrl": "String"
+}
+```
+
v1.0 Signin Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/signin-get.md
Content-type: application/json
"networkNames":["North America"] } ],
+ "managedServiceIdentity":{
+ "msiType":"systemAssigned",
+ "associatedResourceId":"/subscriptions/a89523b8-b5db-4697-9c1b-2f7dcfd074d9/resourcegroups/Scenario-TestRPToKeyVaultSAJob_USCentral/providers/Providers.Test/msiStateful/testrp30964"
+ },
"authenticationDetails":[ { "authenticationStepDateTime":"2021-06-30T16:34:32Z",
v1.0 Signin List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/signin-list.md
Content-type: application/json
"value":"True" } ],
+ "managedServiceIdentity":{
+ "msiType":"systemAssigned",
+ "associatedResourceId":"/subscriptions/a89523b8-b5db-4697-9c1b-2f7dcfd074d9/resourcegroups/Scenario-TestRPToKeyVaultSAJob_USCentral/providers/Providers.Test/msiStateful/testrp30964"
+ },
"networkLocationDetails":[ { "networkType":"namedNetwork",
v1.0 Simulation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/simulation-delete.md
DELETE https://graph.microsoft.com/beta/security/attackSimulation/simulations/2f
[!INCLUDE [sample-code](../includes/snippets/go/delete-simulation-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/delete-simulation-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Simulation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/simulation-get.md
GET https://graph.microsoft.com/beta/security/attackSimulation/simulations/f1b13
[!INCLUDE [sample-code](../includes/snippets/go/get-simulation-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-simulation-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/security/attackSimulation/simulations/f1b13
[!INCLUDE [snippet-not-available](../includes/snippets/snippet-not-available.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [snippet-not-available](../includes/snippets/snippet-not-available.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/security/attackSimulation/simulations/f1b13
[!INCLUDE [snippet-not-available](../includes/snippets/snippet-not-available.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [snippet-not-available](../includes/snippets/snippet-not-available.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Sitepage Getwebpartsbyposition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/sitepage-getwebpartsbyposition.md
The following is an example of a request.
<!-- { "blockType": "request",
- "name": "list_webpart"
+ "name": "get_webparts_by_position"
} -->
The following is an example of a request.
GET https://graph.microsoft.com/beta/sites/{siteId}/pages/{sitePageId}/getWebPartsByPosition(horizontalSectionId={horizontalSectionId},columnId={columnId},webPartIndex={webPartIndex},isInVerticalSection={isInVerticalSection}) ``` - ### Response The following is an example of the response
v1.0 Smsauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/smsauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Smsauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/smsauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Smsauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/smsauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/s
|Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object with the values of fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
-
-The following table shows the properties that are required when you update the [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object.
|Property|Type|Description| |:|:|:|
-|id|String|The authentication method policy identifier.|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.| >**Note:** The `@odata.type` property with a value of `#microsoft.graph.smsAuthenticationMethodConfiguration` must be included in the body.
v1.0 Softwareoathauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/softwareoathauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs [one of the following directory roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Authentication administrator
-* Privileged authentication administrator
-* Global administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
+Remove a software OATH token authentication method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+```http
+DELETE /me/authentication/softwareOathMethods/{id}
+```
+
+Remove a software OATH token authentication method from another user's account.
+<!-- { "blockType": "ignored" } -->
+```http
DELETE /users/{id | userPrincipalName}/authentication/softwareOathMethods/{id} ```
v1.0 Softwareoathauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/softwareoathauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs [one of the following directory roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global Reader
-* Authentication administrator
-* Privileged authentication administrator
-* Global administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve details of your own software OATH token authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/softwareOathMethods/{id}
+```
+
+Retrieve details of your own or another user's software OATH token authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/softwareOathMethods/{id} ```
v1.0 Softwareoathauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/softwareoathauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Softwareoathauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/softwareoathauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Softwareoathauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/softwareoathauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Synchronization Synchronizationtemplate Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/synchronization-synchronizationtemplate-get.md
One of the following permissions is required to call this API. To learn more, in
### HTTP Request ```http
-GET applications/{id}/synchronization/templates/{templateId}
-GET servicePrincipals/{id}/synchronization/templates/{templateId}
+GET /applications/{id}/synchronization/templates/{templateId}
+GET /servicePrincipals/{id}/synchronization/templates/{templateId}
``` ## Request headers
v1.0 Synchronization Synchronizationtemplate List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/synchronization-synchronizationtemplate-list.md
One of the following permissions is required to call this API. To learn more, in
### HTTP Request <!-- { "blockType": "ignored" } --> ```http
-GET servicePrincipals/{id}/synchronization/templates
-GET applications/{id}/synchronization/templates
+GET /servicePrincipals/{id}/synchronization/templates
+GET /applications/{id}/synchronization/templates
``` ## Request headers
v1.0 Synchronization Synchronizationtemplate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/synchronization-synchronizationtemplate-update.md
One of the following permissions is required to call this API. To learn more, in
### HTTP Request <!-- { "blockType": "ignored" } --> ```http
-PATCH applications/{id}/synchronization/templates/{templateId}
+PATCH /applications/{id}/synchronization/templates/{templateId}
``` ## Request headers
v1.0 Team Get Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-get-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadForUser, TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadForUser, TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteForTeam, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam, TeamsAppInstallation.ReadWriteAndConsentForTeam, Group.Read.All<sup>1</sup>, Group.ReadWrite.All<sup>1</sup>, Directory.Read.All<sup>1</sup>, Directory.ReadWrite.All<sup>1</sup> |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.Read.Group*, TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.Read.Group<sup>2</sup>, TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, TeamsAppInstallation.ReadWriteAndConsentForTeam.All, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam.All, Group.Read.All<sup>1</sup>, Group.ReadWrite.All<sup>1</sup>, Directory.Read.All<sup>1</sup>, Directory.ReadWrite.All<sup>1</sup> |
[!INCLUDE [teamwork-permissions-note](../../../includes/teamwork-permissions-note.md)]
Content-type: application/json
} ```
+### Example 3: Get the resource specific permissions consented for the app installed in the specified team
+
+The following example gets the list of any [resource-specific permissions that were granted to an app](../resources/teamsAppResourceSpecificPermission.md) as part of installation. A `$select` query parameter is required to show the consented permission set.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_installedApps_in_team_select_consentedPermissionSet",
+ "sampleKeys": ["19%5bd86ec7f6b247d3b9e519b0bfef5d03%40thread.v2"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/betIwIyMxYzI1NmE2NS04M2E2LTRiNWMtOWNjZi03OGY4YWZiNmYxZTg=?$select=consentedPermissionSet,id
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "name": "get_installedApps_in_team_select_consentedPermissionSet",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.teamsAppInstallation",
+ "isCollection": false
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#teams('7eeb5a95-f602-4861-ab67-49714fa5a020')/installedApps(consentedPermissionSet,id)/$entity",
+ "id": "N2VlYjVhOTUtZjYwMi00ODYxLWFiNjctNDk3MTRmYTVhMDIwIyMxYzI1NmE2NS04M2E2LTRiNWMtOWNjZi03OGY4YWZiNmYxZTg=",
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "ChannelMeeting.ReadBasic.Group",
+ "permissionType": "delegated"
+ },
+ {
+ "permissionValue": "ChannelMeetingStage.Write.Group",
+ "permissionType": "delegated"
+ }
+ ]
+ }
+}
+```
+
+## See also
+- [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
+ <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 Team List Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-list-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam, TeamsAppInstallation.ReadWriteAndConsentForTeam, Group.Read.All<sup>1</sup>, Group.ReadWrite.All<sup>1</sup>, Directory.Read.All<sup>1</sup>, Directory.ReadWrite.All<sup>1</sup> |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.Read.Group*, TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.Read.Group<sup>2</sup>, TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, TeamsAppInstallation.ReadWriteAndConsentForTeam.All, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam.All, Group.Read.All<sup>1</sup>, Group.ReadWrite.All<sup>1</sup>, Directory.Read.All<sup>1</sup>, Directory.ReadWrite.All<sup>1</sup> |
[!INCLUDE [teamwork-permissions-note](../../../includes/teamwork-permissions-note.md)]
Content-type: application/json
] } ```
+### Example 4: Get the set of resource specific permissions consented for the apps installed in the specified team
+
+The following example gets the list of any [resource-specific permissions that were granted to an app](../resources/teamsAppResourceSpecificPermission.md) as part of installation. A `$select` query parameter is required to show the consented permission set.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_installed_apps_in_team_select_consentedPermissionSet",
+ "sampleKeys": ["19%5bd86ec7f6b247d3b9e519b0bfef5d03%40thread.v2"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/teams/7eeb5a95-f602-4861-ab67-49714fa5a020/installedApps?$select=consentedPermissionSet,id
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "name": "list_installed_apps_in_team_select_consentedPermissionSet",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.teamsAppInstallation",
+ "isCollection": true
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/teams('7eeb5a95-f602-4861-ab67-49714fa5a020')/installedApps(consentedPermissionSet,id)",
+ "@odata.count": 70,
+ "value": [
+ {
+ "id": "N2VlYjVhOTUtZjYwMi00ODYxLWFiNjctNDk3MTRmYTVhMDIwIyMwMDAwMTAxNi1kZTA1LTQ5MmUtOTEwNi00ODI4ZmM4YTg2ODc=",
+ "consentedPermissionSet": null
+ },
+ {
+ "id": "N2VlYjVhOTUtZjYwMi00ODYxLWFiNjctNDk3MTRmYTVhMDIwIyMxYzI1NmE2NS04M2E2LTRiNWMtOWNjZi03OGY4YWZiNmYxZTg=",
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "ChannelMeeting.ReadBasic.Group",
+ "permissionType": "delegated"
+ },
+ {
+ "permissionValue": "ChannelMeetingStage.Write.Group",
+ "permissionType": "delegated"
+ }
+ ]
+ }
+ },
+ ]
+}
+```
+## See also
+- [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC -->
v1.0 Team Post Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-post-installedapps.md
Namespace: microsoft.graph
Install an [app](../resources/teamsapp.md) to the specified [team](../resources/team.md).
-> **Note:** Currently, this operation does not support installation of apps that require resource-specific consent permissions. For details, see [Known issues](/graph/known-issues#installation-of-apps-that-require-resource-specific-consent-permissions-is-not-supported).
+> **Note:**
+> - Currently, installing an app that requires resource-specific consent permissions is not supported in application context.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam<sup>1</sup>, TeamsAppInstallation.ReadWriteForTeam<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam, Group.ReadWrite.All<sup>2</sup>, Directory.ReadWrite.All<sup>2</sup> |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All<sup>1</sup>, TeamsAppInstallation.ReadWriteForTeam.All<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentForTeam.All, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam.All, Group.ReadWrite.All<sup>2</sup>, Directory.ReadWrite.All<sup>2</sup> |
-> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
+> **Note**:
+<br><sup>1</sup> These permissions cannot be used to install apps that require consent to [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent) permissions
+<br><sup>2</sup> These permissions are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission and avoid using these permissions going forward.
## HTTP request <!-- { "blockType": "ignored" } -->
POST /teams/{team-id}/installedApps
## Request body
+The request body should contain the catalog app's generated app ID. For details, see [teamsApp properties](../resources/teamsapp.md#properties).
+
+The following table lists additional properties that can be included in the request body.
+ | Property | Type |Description| |:|:--|:-|
-|teamsApp|String|The id of the app to add.|
+|teamsApp|String|The ID of the app to add.|
+|consentedPermissionSet|[teamsAppPermissionSet](../resources/teamsapppermissionset.md)|The set of resource-specific permissions that are being consented to.|
+
+> **Note**:
+> The permissions consented to during the install must be the same as the resource-specific permissions present in the [teamsAppDefinition](../resources/teamsAppDefinition.md) of the app. To get the application and delegated resource-specific permissions, see [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app). If only delegated resource-specific permissions are present in **teamsAppDefinition**, permissions can be omitted in the body of this request.
## Response If successful, this method returns a `200 OK` response code. It does not return anything in the response body.
-## Example
+## Examples
+
+### Example 1: Install app in a chat
-### Request
+#### Request
The following is an example of the request.
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "add_app_in_team",
+ "name": "add_app_in_team_e1",
"sampleKeys": ["87654321-0abc-zqf0-321456789q"] }--> ```http
Content-type: application/json
-### Response
+#### Response
The following is an example of the response.
The following is an example of the response.
HTTP/1.1 200 OK ```
+### Example 2: Install app in a team and consent to the resource-specific permissions required by the app
+To get the list of resource-specific permissions required by the app, get the app from **appCatalog**, as shown in [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app).
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "add_app_in_team_e2",
+ "sampleKeys": ["7023576d-9e40-47ca-9cf2-daae6838e785"]
+}-->
+
+```http
+POST https://graph.microsoft.com/beta/teams/7023576d-9e40-47ca-9cf2-daae6838e785/installedApps
+Content-Type: application/json
+
+{
+ "teamsApp@odata.bind" : "https://graph.microsoft.com/beta/appCatalogs/teamsApps/7023576d-9e40-47ca-9cf2-daae6838e785",
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "OnlineMeeting.ReadBasic.Chat",
+ "permissionType": "delegated"
+ },
+ {
+ "permissionValue": "ChatMessage.Read.Chat",
+ "permissionType": "application"
+ }]
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+<!-- {
+ "blockType": "response"
+} -->
+
+```http
+HTTP/1.1 201 Created
+```
+## See also
+- [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!--
v1.0 Team Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-post.md
The following is an example of a minimal request. By omitting other properties,
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_team_post"
+ "name": "create_team_post_e1"
}--> ```http POST https://graph.microsoft.com/beta/teams
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "create_team_post"
+ "blockType": "response",
+ "truncated": true
}--> ```http
The following is an example of a minimal request using application permissions.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_team_post_minimal"
+ "name": "create_team_post_minimal_e2"
}--> ```http
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "create_team_post_minimal"
+ "blockType": "response",
+ "truncated": true
}--> ```http
The following is a request with a full payload. The client can override values i
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_team_post_full_payload"
+ "name": "create_team_post_full_payload_e3"
}--> ```http
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go)
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "create_team_post_full_payload"
+ "blockType": "response",
+ "truncated": true
}--> ```http
A few things to note about this call:
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_team_from_group"
+ "name": "create_team_from_group_e4"
}--> ```http
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "create_team_from_group"
+ "blockType": "response",
+ "truncated": true
}--> ```http
To learn more about supported base template types and supported properties, see
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "convert_team_from_group"
+ "name": "convert_team_from_group_e5"
}--> ```http
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "convert_team_from_group"
+ "blockType": "response",
+ "truncated": true
}--> ```http
To learn more about supported base template types, see [Get started with Teams t
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "convert_team_from_non_standard"
+ "name": "convert_team_from_non_standard_e6"
}--> ```http
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "convert_team_from_non_standard"
+ "blockType": "response",
+ "truncated": true
}--> ```http HTTP/1.1 202 Accepted
Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')/operations('3a6fdce1-c2
Content-Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375') Content-Length: 0 ```
+### Example 7: Create a team with a localized non-standard base template type
+Base template types can be localized to your preferred language choice, which enables you to create templates in your preferred language.
-### Example 7: Create a team with a non-standard base template type with extended properties
+Choose your team template from the defintion list returned by the [List definitions](/graph/api/teamtemplate-list-definitions) operation.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "convert_team_from_non_standard_localized_e7"
+}-->
+
+```http
+POST https://graph.microsoft.com/beta/teams
+Content-Type: application/json
+
+{
+
+    "templateDefinition@odata.bind": "https://graph.microsoft.com/betC50ZWFtcy50ZW1wbGF0ZS5NYW5hZ2VBUHJvamVjdCMjUHVibGljIyNhci1TQQ==",
+
+    "displayName": "My Sample Team",
+
+    "description": "My Sample Team’s Description"
+
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}-->
+```http
+HTTP/1.1 202 Accepted
+Content-Type: application/json
+Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')/operations('3a6fdce1-c261-48bc-89de-1cfef658c0d5')
+Content-Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')
+Content-Length: 0
+```
+
+### Example 8: Create a team with a non-standard base template type with extended properties
Base template types can be extended with additional properties, enabling you to build on an existing base template with additional team settings, channels, apps, or tabs.
To learn more about supported base template types and supported properties, see
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "convert_team_from_non_standard2"
+ "name": "convert_team_from_non_standard2_e8"
}--> ```http POST https://graph.microsoft.com/beta/teams
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "convert_team_from_non_standard2",
+ "blockType": "response",
+ "truncated": true
}--> ```http
Content-Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')
Content-Length: 0 ```
-### Example 8: Create a team in migration mode
+### Example 9: Create a team in migration mode
#### Request
The following example shows how to create a team for imported messages.
>**Note:** Teams created in migration mode only support the `standard` template.
+<!-- {
+ "blockType": "request",
+ "name": "create_team_in_migration_mode_e9"
+}-->
+ ```http POST https://graph.microsoft.com/beta/teams Content-Type: application/json
Content-Type: application/json
#### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}-->
+ ```http HTTP/1.1 202 Accepted Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')/operations('3a6fdce1-c261-48bc-89de-1cfef658c0d5')
The following are common reasons for this response:
* **createdDateTime** is set in the future. * **createdDateTime** is correctly specified but the **teamCreationMode** instance attribute is missing or set to an invalid value.
-### Example 9: Application permissions using user principal name
+### Example 10: Application permissions using user principal name
The following is an example of a minimal request using application permissions. By omitting other properties, the client is implicitly taking defaults from the predefined template represented by `template`. When issuing a request with application permissions, a [user](../resources/user.md) must be specified in the `members` collection.
The following is an example of a minimal request using application permissions.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_team_post_upn"
+ "name": "create_team_post_upn_e10"
}--> ```http
Content-Type: application/json
#### Response <!-- {
- "blockType": "response",
- "name": "create_team_post_upn"
+ "blockType": "response",
+ "truncated": true
}--> ```http
v1.0 Team Teamsappinstallation Upgrade https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-teamsappinstallation-upgrade.md
Namespace: microsoft.graph
Upgrade an [app installation](../resources/teamsappinstallation.md) in a [team](../resources/team.md) to the latest version of the app.
-> **Note:** Currently, this operation does not support upgrade of apps that require resource-specific consent permissions. For details, see [Known issues](/graph/known-issues#Installation-of-apps-that-require-resource-specific-consent-permissions-is-not-supported).
+> **Note:**
+> - Currently, upgrading an app that requires resource-specific consent permissions is not supported in application context.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam<sup>1</sup>, TeamsAppInstallation.ReadWriteForTeam<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentForTeam, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam, Group.ReadWrite.All<sup>2</sup>, Directory.ReadWrite.All<sup>2</sup> |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All<sup>1</sup>, TeamsAppInstallation.ReadWriteForTeam.All<sup>1</sup>, TeamsAppInstallation.ReadWriteAndConsentForTeam.All, TeamsAppInstallation.ReadWriteAndConsentSelfForTeam.All, Group.ReadWrite.All<sup>2</sup>, Directory.ReadWrite.All<sup>2</sup> |
-> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
+> **Note**:
+<br><sup>1</sup> These permissions cannot be used to install apps that require consent to [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent) permissions.
+<br><sup>2</sup> These permissions are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission and avoid using these permissions going forward.
## HTTP request <!-- { "blockType": "ignored" } -->
POST /teams/{team-id}/installedApps/{app-installation-id}/upgrade
## Request body
-Do not supply a request body for this method.
+In the request body, supply a JSON representation of the parameters.
+
+The following table shows additional parameters that can be used with the upgrade action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|consentedPermissionSet|[teamsAppPermissionSet](../resources/teamsapppermissionset.md)|Set of resource specific permissions that are being consented.|
+
+> **Note**:
+> The permissions consented to during the upgrade must be the same as the resource-specific permissions present in the [teamsAppDefinition](../resources/teamsAppDefinition.md) of the app. To get the application and delegated resource-specific permissions, see [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app). If only delegated resource-specific permissions are present in **teamsAppDefinition**, permissions can be omitted in the body of this request.
## Response If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
-## Example
+## Examples
-### Request
-
-The following is an example of the request.
+### Example 1: Upgrade the teams app installed in team
+#### Request
# [HTTP](#tab/http) <!-- {
POST https://graph.microsoft.com/beta/teams/db5e04be-daa2-4a35-beb1-5e73cc381599
-### Response
+#### Response
The following is an example of the response.
The following is an example of the response.
```http HTTP/1.1 204 No Content ```
+### Example 2: Upgrade app installed in a team and consent to the resource-specific permissions required by the app
+To get the list of resource-specific permissions required by the app, get the app from **appCatalog**, as shown in [Example 7](../api/appcatalogs-list-teamsapps.md#example-7-list-applications-with-a-given-id-and-return-only-the-resource-specific-permissions-required-by-the-app).
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "upgrade_installedApps_in_team",
+ "sampleKeys": ["20988f0f-a647-42f6-be30-79e04de3c2ed", "MjA5ODhmMGYtYTY0Ny00MmY2LWJlMzAtNzllMDRkZTNjMmVkIyNmYTkzN2Y4OS1iYWNhLTQ5NzktYmY4YS00MmY5ODE5MWY3ODA="]
+}-->
+
+```http
+POST https://graph.microsoft.com/betRkZTNjMmVkIyNmYTkzN2Y4OS1iYWNhLTQ5NzktYmY4YS00MmY5ODE5MWY3ODA=/upgrade
+Content-Type: application/json
+
+{
+ "consentedPermissionSet": {
+ "resourceSpecificPermissions": [
+ {
+ "permissionValue": "Channel.Create.Group",
+ "permissionType": "application"
+ },
+ {
+ "permissionValue": "ChannelMeeting.ReadBasic.Group",
+ "permissionType": "delegated"
+ }
+ ]
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+<!-- {
+ "blockType": "response"
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+## See also
+- [List apps in catalog](appcatalogs-list-teamsapps.md)
+- [Request resource-specific consent for apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent)
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!--
v1.0 Teamtemplatedefinition Get Teamdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/teamtemplatedefinition-get-teamdefinition.md
Namespace: microsoft.graph
Get the properties of the [team](../resources/team.md) associated with a [teamTemplateDefinition](../resources/teamstemplate.md) object.
+> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
++ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Teamtemplatedefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/teamtemplatedefinition-get.md
Namespace: microsoft.graph
Read the properties and relationships of a [teamTemplateDefinition](../resources/teamtemplatedefinition.md) object.
+> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
++ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Temporaryaccesspassauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/temporaryaccesspassauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete your own temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
``` http
-DELETE /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{id}
DELETE /me/authentication/temporaryAccessPassMethods/{id} ```
+Delete your own or another user's temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{id}
+```
+ ## Request headers |Name|Description| |:|:|
v1.0 Temporaryaccesspassauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/temporaryaccesspassauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve details of your own temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/temporaryAccessPassMethods/{temporaryAccessPassAuthenticationMethodId}
-GET /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{temporaryAccessPassAuthenticationMethodId}
```
+Retrieve details of your own or another user's temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+GET /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{temporaryAccessPassAuthenticationMethodId}
+```
## Request headers |Name|Description|
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/temporaryaccesspassauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/temporaryaccesspassauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/temporaryaccesspassauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Tenantappmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tenantappmanagementpolicy-update.md
PATCH /policies/defaultAppManagementPolicy
| Authorization | Bearer {token}. Required. | | Content-Type | application/json. Required. |
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+ ## Request body In the request body, supply the values for relevant fields from the [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) that should be updated. Existing properties that are not included in the request body will maintain their previous values. For best performance, do not include unchanged values in the request payload.
In the request body, supply the values for relevant fields from the [tenantAppMa
| isEnabled | Boolean | Denotes if the policy is enabled. Default value is false. | | servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+ ## Response If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
v1.0 Tenantreference Removepersonaldata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tenantreference-removepersonaldata.md
+
+ Title: "tenantReference: removePersonalData"
+description: "Create a request to remove the personal data for an outboundSharedUserProfile."
+
+ms.localizationpriority: medium
++
+# tenantReference: removePersonalData
+
+Namespace: microsoft.graph
++
+Create a request to remove the personal data for an [outboundSharedUserProfile](../resources/inboundshareduserprofile.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| CrossTenantUserProfileSharing.ReadWrite, CrossTenantUserProfileSharing.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not applicable|
+|Application|CrossTenantUserProfileSharing.ReadWrite.All|
+
+A user can create a request to remove their own personal data when the app is granted the `CrossTenantUserProfileSharing.ReadWrite` delegated permission on their behalf.
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /directory/outboundSharedUserProfiles/{userId}/tenants/{tenantId}/removePersonalData
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this action returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "tenantreferencethis.removepersonaldata"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/directory/outboundSharedUserProfiles/c228b2ae-c4fb-4eda-9620-7e73dddd1cac/tenants/62bfb458-9474-4c44-896b-b30942d055f0/removePersonalData
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Termsofusecontainer List Agreements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/termsofusecontainer-list-agreements.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Not supported. |
-When calling on behalf of a user, the user needs to belong to one of the following directory roles. To learn more about directory roles, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Conditional Access Administrator
-+ Security Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Termsofusecontainer Post Agreements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/termsofusecontainer-post-agreements.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Not supported. |
-When calling on behalf of a user, the user needs to belong to one of the following directory roles. To learn more about directory roles, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Conditional Access Administrator
-+ Security Administrator
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Tokenlifetimepolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-delete.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}
+DELETE https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
v1.0 Tokenlifetimepolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-get.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}
+GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-list-appliesto.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}/appliesTo
+GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/appliesTo
``` # [JavaScript](#tab/javascript)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "id": "id-value",
- "deletedDateTime": "datetime-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directoryObjects",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "3ccc9971-9ae7-45d6-8de8-263fd25fe116",
+ "appId": "6e4a2285-a438-4bcc-9d76-6c45fb91d4b0",
+ "applicationTemplateId": "8adf8e6e-67b2-4cf2-a259-e3dc5476c621",
+ "displayName": "Contoso IWA App",
+ "publisherDomain": "Contoso.com",
+ "signInAudience": "AzureADMyOrg"
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-list.md
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/tokenLifetimePolicies",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
If successful, this method returns a `201 Created` response code and a new [toke
### Request
-The following is an example of the request.
+The following is an example of a request that creates a token lifetime policy that sets the access and ID token lifetime to eight hours.
# [HTTP](#tab/http) <!-- {
POST https://graph.microsoft.com/beta/policies/tokenLifetimePolicies
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
HTTP/1.1 201 Created
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-update.md
In the request body, supply the values for relevant fields that should be update
| Property | Type | Description | |:-|:|:|
-|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. Required.|
+|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. For more information about the JSON schema for this property, see [Properties of a token lifetime policy definition](../resources/tokenlifetimepolicy.md#properties-of-a-token-lifetime-policy-definition). Required.|
|description|String| Description for this policy.| |displayName|String| Display name for this policy. Required.|
-|isOrganizationDefault|Boolean|If set to true, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is false.|
+|isOrganizationDefault|Boolean|If set to `true`, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is `false`.|
## Response
The following is an example of the request.
}--> ```http
-PATCH https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}
+PATCH https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
Content-type: application/json
The following is an example of the response.
-> **Note:** The response object shown here might be shortened for readability.
- <!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.tokenLifetimePolicy"
+ "blockType": "response"
} --> ```http HTTP/1.1 204 No Content
-Content-type: application/json
-
-{
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
-}
``` <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
v1.0 Unifiedstoragequota Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedstoragequota-get.md
+
+ Title: "Get unifiedStorageQuota"
+description: "Read the properties and relationships of a unifiedStorageQuota object."
+
+ms.localizationpriority: medium
++
+# Get unifiedStorageQuota
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [unifiedStorageQuota](../resources/unifiedstoragequota.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| Not supported. |
+|Delegated (personal Microsoft account)| Files.Read, Files.Read.All, Files.ReadWrite, Files.ReadWrite.All |
+|Application| Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/settings/storage/quota
+GET /users/{user-id}/settings/storage/quota
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [unifiedStorageQuota](../resources/unifiedstoragequota.md) object in the response body.
+
+## Examples
+
+### Example 1: Get the unified quota information for the current user
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedstoragequota"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedStorageQuota"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "manageWebUrl": "String",
+ "remaining": 1066671526110,
+ "state": "normal",
+ "total": 1169304846336,
+ "used": 102633320226
+ }
+}
+```
+
+### Example 2: Get the unified quota information for the current user
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedstoragequotabyuserid"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/users/1234BBS1121YY95/settings/storage/quota
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedStorageQuota"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "manageWebUrl": "String",
+ "remaining": 1066671526110,
+ "state": "normal",
+ "total": 1169304846336,
+ "used": 102633320226
+ }
+}
+```
+
+### Example 3: Get the unified quota information, along with the service breakdowns, for the current user
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedstoragequotaandservices"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota?$expand=services
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedStorageQuota"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "manageWebUrl": "String",
+ "remaining": 1066671526110,
+ "state": "normal",
+ "total": 1169304846336,
+ "used": 102633320226,
+ "services": [
+ {
+ "displayName": "OneDrive",
+ "id": "OneDrive",
+ "used": 102633320226
+ },
+ {
+ "displayName": "Outlook (Attachments)",
+ "id": "Outlook",
+ "used": 123
+ }
+ ]
+ }
+}
+```
v1.0 Unifiedstoragequota List Services https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedstoragequota-list-services.md
+
+ Title: "List serviceStorageQuotaBreakdown"
+description: "Get a list of serviceStorageQuotaBreakdown objects and their properties."
+
+ms.localizationpriority: medium
++
+# List serviceStorageQuotaBreakdown
+Namespace: microsoft.graph
++
+Get a list of [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| Not supported. |
+|Delegated (personal Microsoft account)| Files.Read, Files.Read.All, Files.ReadWrite, Files.ReadWrite.All |
+|Application| Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/settings/storage/quota/services
+GET /users/{usersId}/settings/storage/quota/services
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_servicestoragequotabreakdown"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota/services
+```
++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.serviceStorageQuotaBreakdown)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "displayName": "OneDrive",
+ "id": "OneDrive",
+ "used": 102633320226
+ },
+ {
+ "displayName": "Outlook (Attachments)",
+ "id": "Outlook",
+ "used": 123456
+ }
+ ]
+}
+```
+
v1.0 User Activateserviceplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-activateserviceplan.md
- Title: "user: activateServicePlan"
-description: "Activate a service plan with a given `servicePlanId` and `skuId` for a given user."
-
-doc_type: apiPageType
--
-# user: activateServicePlan (deprecated)
-
-Namespace: microsoft.graph
--
-> [!CAUTION]
-> The **activateServicePlan** API is deprecated and will stop returning data on June 30, 2022.
-
-Activate a service plan with a given `servicePlanId` and `skuId` for a given user.
-
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-| : | : |
-| Delegated (work or school account) | Directory.ReadWrite.All |
-| Delegated (personal Microsoft account) | Not Supported. |
-| Application | Directory.ReadWrite.All |
-
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>-
-``` http
-POST /users/{id | userPrincipalName}/activateServicePlan
-```
-
-## Request headers
-
-| Name | Description |
-| : | : |
-| Authorization | Bearer {token}. Required. |
-| Content-Type | application/json. Required. |
-
-## Request body
-
-In the request body, provide a JSON object with the following parameter:
-
-| Parameter | Type | Description |
-| : | : | : |
-| servicePlanId | Guid | PlanId of the ServicePlan to activate. |
-| skuId | Guid | SkuId of SKU the service plan is on. |
-
-## Response
-
-If successful, this action returns a `204 No Content` response code.
-
-## Examples
-
-### Request
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "user_activateserviceplan"
-}
>-
-``` http
-POST https://graph.microsoft.com/beta/me/activateServicePlan
-Content-type: application/json
-
-{
- "servicePlanId": "28f42d6f-8034-4a0f-9d8a-a218a63b3299",
- "skuId": "465a2a90-5e59-456d-a7b8-127b9fb2e484"
-}
-```
-
-# [JavaScript](#tab/javascript)
---
-### Response
-
-<!-- {
- "blockType": "response",
- "truncated": true
-}
>-
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 User List Contacts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-contacts.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and collection of [contact](../resources/contact.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [contact](../resources/contact.md) objects in the response body.
+ ## Example
-##### Request
+### Request
The following example gets the **displayName** and **emailAddresses** properties of the signed-in user's contacts. # [HTTP](#tab/http)
GET https://graph.microsoft.com/beta/me/contacts?$select=displayName,emailAddres
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
] } -->--
v1.0 User List Mailfolders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-mailfolders.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_mailfolders"
+ "name": "get_mailfolders_e1"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/me/mailFolders
The next example uses the `includeHiddenFolders` query parameter to get a list o
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_hiddenmailfolders"
+ "name": "get_hiddenmailfolders_e2"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/me/mailFolders/?includeHiddenFolders=true
v1.0 User List People https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-people.md
This method supports the following OData query parameters to help customize the
|$search|string|Search for people by name or alias. Supports Fuzzy matching. Parameter only works for searching the signed-in user's relevant people, not for searching people relevant to other users. Also supports the `topic` keyword to find people based on topics extracted from e-mail conversations with that person. For information and examples, see the *Perform a fuzzy search* section at [Use the People API to get information about the people most relevant to you](/graph/people-insights-overview#perform-a-fuzzy-search).| |$select|string|Comma-separated list of properties to include in the response. For optimal performance, only select the subset of properties needed.| |$skip|int|Skip the first n results, useful for paging. This is not supported when using *$search*.|
-|$top|int|Number of results to be returned.|
+|$top|int|The maximum number of results to be returned on a results page. For more information, see [top parameter](/graph/query-parameters?tabs=http#top-parameter).|
## Request headers
v1.0 User List Transitivememberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-transitivememberof.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | | :- | : |
-| Delegated (work or school account) | User.Read, GroupMember.Read.All, Directory.Read.All, Directory.ReadWrite.All |
+| Delegated (work or school account) | User.Read, User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
-| Application | Directory.Read.All, Directory.ReadWrite.All |
+| Application | User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
## HTTP request <!-- { "blockType": "ignored" } --> ```http
+GET /me/transitiveMemberOf
GET /users/{id | userPrincipalName}/transitiveMemberOf ```
v1.0 User List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list.md
GET /users
## Optional query parameters
-This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. The default and maximum page sizes are 100 and 999 user objects respectively. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). The `$count` and `$search` parameters are currently not available in Azure AD B2C tenants.
+This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. The default and maximum page sizes are 100 and 999 user objects respectively, except when you specify `$select=signInActivity` or `$filter=signInActivity`. When `signInActivity` is selected or filtered on, the maximum page size is 120. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). The `$count` and `$search` parameters are currently not available in Azure AD B2C tenants.
[Extension properties](/graph/extensibility-overview) also support query parameters, in some cases, only with advanced query parameters. For more information, see [support for `$filter` by extension properties](/graph/aad-advanced-queries#:~:text=The%20following%20table%20shows%20support%20for%20%24filter%20by%20extension%20properties%20on%20the%20user%20object.).
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_users"
+ "name": "get_users_e1"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_signinname_users"
+ "name": "get_signinname_users_e2"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$select=displayName,id&$filter=identities/any(c:c/issuerAssignedId eq 'j.smith@yahoo.com' and c/issuer eq 'My B2C tenant')
Content-type: application/json
The following is an example of the request. Details for the **signInActivity** property require an Azure AD Premium P1/P2 license and the AuditLog.Read.All permission.
->**Note:** There's a [known issue](/graph/known-issues#license-check-errors-for-azure-ad-activity-reports) with retrieving the **signInActivity** property.
+>**Note:** When you specify `$select=signInActivity` or `$filter=signInActivity` while listing users, the maximum page size for `$top` is 120. Requests with `$top` set higher than 120 will fail. signInActivity supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_signin_last_time"
+ "name": "get_signin_last_time_e3"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$select=displayName,userPrincipalName,signInActivity
Content-type: application/json
{ "displayName": "Adele Vance", "userPrincipalName": "AdeleV@contoso.com",
+ "id": "1aecaf40-dc3a-461f-88a8-d06994e12898",
"signInActivity": { "lastSignInDateTime": "2021-06-17T16:41:33Z", "lastSignInRequestId": "d4d31c40-4c36-4775-ad59-7d1e6a171f00",
Content-type: application/json
{ "displayName": "Alex Wilber", "userPrincipalName": "AlexW@contoso.com",
+ "id": "f0662ee5-84b1-43d6-8338-769cce1bc141",
"signInActivity": { "lastSignInDateTime": "2021-07-29T15:53:27Z", "lastSignInRequestId": "f3149ee1-e347-4181-b45b-99a1f82b1c00",
The following is an example of the request. Details for the **signInActivity** p
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_signin_last_time_filter"
+ "name": "get_signin_last_time_filter_e4"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$filter=startswith(displayName,'Eric')&$select=displayName,signInActivity
The following is an example of the request. Details for the **signInActivity** p
<!-- { "blockType": "ignored",
- "name": "get_signin_last_time_range"
+ "name": "get_signin_last_time_range_e5"
}--> ```http GET https://graph.microsoft.com/beta/users?filter=signInActivity/lastSignInDateTime le 2021-07-21T00:00:00Z
The following is an example of the request. This request requires the **Consiste
<!-- { "blockType": "ignored",
- "name": "get_count_only"
+ "name": "get_count_only_e6"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users/$count
The following is an example of the request. This request requires the **Consiste
<!-- { "blockType": "ignored",
- "name": "list_users_startswith"
+ "name": "list_users_startswith_e7"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$filter=startswith(displayName,'a')&$orderby=displayName&$count=true&$top=1
The following is an example of the request. This request requires the **Consiste
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_a_count_endsWith"
+ "name": "get_a_count_endsWith_e8"
} --> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$filter=endswith(mail,'a@contoso.com')&$orderby=userPrincipalName&$count=true
The following is an example of the request. This request requires the **Consiste
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_wa_count"
+ "name": "get_wa_count_e9"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$search="displayName:wa"&$orderby=displayName&$count=true
The following is an example of the request. This request requires the **Consiste
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_to_count"
+ "name": "get_to_count_e10"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$search="displayName:wa" OR "displayName:ad"&$orderby=displayName&$count=true
The following is an example of the request. This request requires the **Consiste
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_user_assignedLicenses"
+ "name": "get_user_assignedLicenses_e11"
} --> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$select=id,mail,assignedLicenses&$filter=assignedLicenses/any(u:u/skuId eq cbdc14ab-d96c-4c30-b9f4-6ada7cdc1d46)
In this example, the ID of the schema extension is `ext55gb1l09_msLearnCourses`.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_schemaextension"
+ "name": "list_schemaextension_e12"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$select=ext55gb1l09_msLearnCourses
For examples of custom security attribute assignments, see [Examples: Assign, up
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "customsecurityattribute_filter_users_equals_value"
+ "name": "customsecurityattribute_filter_users_equals_value_e13"
}--> ```msgraph-interactive GET https://graph.microsoft.com/beta/users?$count=true&$select=id,displayName,customSecurityAttributes&$filter=customSecurityAttributes/Marketing/AppCountry eq 'Canada'
v1.0 User Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-update.md
PATCH /users/{id | userPrincipalName}
## Request body In the request body, supply the values for relevant fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't changed.
-| Property | Type |Description|
+| Property | Type |Description|
|:|:--|:-| |aboutMe|String|A freeform text entry field for the user to describe themselves.| |accountEnabled|Boolean| `true` if the account is enabled; otherwise, `false`. This property is required when a user is created. A global administrator assigned the _Directory.AccessAsUser.All_ delegated permission can update the **accountEnabled** status of all administrators in the tenant.|
In the request body, supply the values for relevant fields that should be update
|employeeLeaveDateTime|DateTimeOffset|The date and time when the user left or will leave the organization. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.<br><br> For delegated scenarios, the calling user must have the Global Administrator role and the calling app assigned the _User.Read.All_ and _User-LifeCycleInfo.ReadWrite.All_ delegated permissions. | |identities|[objectIdentity](../resources/objectidentity.md) collection| Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft, by organizations, or by social identity providers such as Facebook, Google, and Microsoft, and tied to a user account. Any update to **identities** will replace the entire collection and you must supply the userPrincipalName **signInType** identity in the collection.| |interests|String collection|A list for the user to describe their interests.|
-|jobTitle|String|The userΓÇÖs job title.|
-|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address.|
+|jobTitle|String|The user's job title.|
+|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address. Cannot be updated to `null`.|
|mailNickname|String|The mail alias for the user. This property must be specified when a user is created.| |mobilePhone|String|The primary cellular telephone number for the user.| |mySite|String|The URL for the user's personal site.| |officeLocation|String|The office location in the user's place of business.| | onPremisesExtensionAttributes | [onPremisesExtensionAttributes](../resources/onpremisesextensionattributes.md) | Contains extensionAttributes 1-15 for the user. Note that the individual extension attributes are neither selectable nor filterable. For an `onPremisesSyncEnabled` user, the source of authority for this set of properties is the on-premises and is read-only and is read-only. These extension attributes are also known as Exchange custom attributes 1-15.|
-|onPremisesImmutableId|String|This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the userΓÇÖs **userPrincipalName** (UPN) property. **Important:** The **$** and **_** characters cannot be used when specifying this property. |
+|onPremisesImmutableId|String|This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user's **userPrincipalName** (UPN) property. **Important:** The **$** and **_** characters cannot be used when specifying this property. |
|otherMails|String collection|A list of additional email addresses for the user; for example: `["bob@contoso.com", "Robert@fabrikam.com"]`.| |passwordPolicies|String|Specifies password policies for the user. This value is an enumeration with one possible value being `DisableStrongPassword`, which allows weaker passwords than the default policy to be specified. `DisablePasswordExpiration` can also be specified. The two may be specified together; for example: `DisablePasswordExpiration, DisableStrongPassword`.|
-|passwordProfile|[PasswordProfile](../resources/passwordprofile.md)|Specifies the password profile for the user. The profile contains the userΓÇÖs password. As a best practice, always set the **forceChangePasswordNextSignIn** to `true`. The password in the profile must satisfy minimum requirements as specified by the **passwordPolicies** property. By default, a strong password is required. <br><br> In delegated access, the calling app must be assigned the *Directory.AccessAsUser.All* delegated permission on behalf of the signed-in user. In application-only access, the calling app must be assigned the *User.ReadWrite.All* application permission and at least the *User Administrator* [Azure AD role](/azure/active-directory/roles/permissions-reference).|
+|passwordProfile|[PasswordProfile](../resources/passwordprofile.md)|Specifies the password profile for the user. The profile contains the user's password. The password in the profile must satisfy minimum requirements as specified by the **passwordPolicies** property. By default, a strong password is required. As a best practice, always set the **forceChangePasswordNextSignIn** to `true`. This cannot be used for federated users. <br><br> In delegated access, the calling app must be assigned the *Directory.AccessAsUser.All* delegated permission on behalf of the signed-in user. In application-only access, the calling app must be assigned the *User.ReadWrite.All* application permission and at least the *User Administrator* [Azure AD role](/azure/active-directory/roles/permissions-reference?toc=%2Fgraph%2Ftoc.json).|
|pastProjects|String collection|A list for the user to enumerate their past projects.| |postalCode|String|The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.| |preferredLanguage|String|The preferred language for the user. Should follow ISO 639-1 Code; for example `en-US`.|
v1.0 Userflowlanguageconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/userflowlanguageconfiguration-delete.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "delete_userflowlanguageconfiguration",
+ "name": "delete_userflowlanguageconfiguration_1",
"sampleKeys": ["B2C_1_Customer", "es-ES"] } -->
v1.0 Verticalsection Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/verticalsection-get.md
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_verticalsection"
+ "name": "get_verticalsection_e1"
} -->
With `select` and `expand` statements, you can retrieve verticalSection metadata
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_verticalsection"
+ "name": "get_verticalsection_e2"
} -->
v1.0 Virtualendpoint Post Onpremisesconnections https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-post-onpremisesconnections.md
Title: "Create cloudPcOnPremisesConnection" description: "Create an Azure network connection for provisioning Cloud PCs."-+ ms.localizationpriority: medium ms.prod: "cloud-pc" doc_type: apiPageType
POST https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/onPremise
Content-Type: application/json {
- "@odata.type": "#microsoft.graph.cloudPcOnPremisesConnection",
"displayName": "test-canary-02", "type": "hybridAzureADJoin", "subscriptionId": "0ac520ee-14c0-480f-b6c9-0a90c585ffff",
- "subscriptionName": "CPC customer 001 test subscription",
"adDomainName": "contoso001.com", "adDomainUsername": "dcadmin", "organizationalUnit": "OU=Domain Controllers, DC=contoso001, DC=com",
v1.0 Voiceauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/voiceauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Voiceauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/voiceauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Voiceauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/voiceauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/v
|Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [voiceAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object with the values of fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
-For the list of properties, see [voiceAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md).
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|isOfficePhoneAllowed|Boolean|`true` if users can register office phones, otherwise, `false`.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
>**Note:** The `@odata.type` property with a value of `#microsoft.graph.voiceAuthenticationMethodConfiguration` must be included in the body.
v1.0 Webpart List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/webpart-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_webpart"
The following is an example of a request.
GET https://graph.microsoft.com/beta/sites/{sitesId}/pages/{sitePageId}/canvasLayout/horizontalSections/{horizontalSectionId}/columns/{horizontalSectionColumnId}/webparts ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++ ### Response
Content-Type: application/json
"innerHtml": "<h2>How do you get started?</h2>" }, {
- "@odata.type": "#microsoft.graph.textWebPart",
+ "@odata.type": "#microsoft.graph.standardWebPart",
"id": "6346d908-f20d-4528-902f-3c2a9c8c2442", "webPartType": "d1d91016-032f-456d-98a4-721247c305e8", "data": {
+ "audiences": [],
"dataVersion": "1.9", "description": "Show an image on your page", "title": "Image",
Content-Type: application/json
"alignment": "Center" }, "serverProcessedContent": {
+ "componentDependencies": [],
+ "htmlStrings": [],
+ "links": [],
+ "searchablePlainTexts": [],
"imageSources": [ {
+ "@odata.type": "#microsoft.graph.metaDataKeyStringPair",
"key": "imageSource", "value": "/_LAYOUTS/IMAGES/VISUALTEMPLATEIMAGE1.JPG" } ], "customMetadata": [ {
+ "@odata.type": "#microsoft.graph.metaDataKeyValuePair",
"key": "imageSource", "value": { "siteid": "0264cabe-6b92-450a-b162-b0c3d54fe5e8",
v1.0 Windowshelloforbusinessauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowshelloforbusinessauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete your own Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
``` http DELETE /me/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId}
+```
+
+Delete your own or another user's Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
DELETE /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId} ```
v1.0 Windowshelloforbusinessauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowshelloforbusinessauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Read details of your own Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId}
+```
+
+Read details of your own or another user's Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId} ```
v1.0 Windowshelloforbusinessauthenticationmethod List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowshelloforbusinessauthenticationmethod-list.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve details of your own Windows Hello For Business authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/windowsHelloForBusinessMethods
+```
+
+Retrieve details of your own or another user's Windows Hello For Business authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods ```
v1.0 Windowsupdates Catalog List Entries https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-catalog-list-entries.md
GET /admin/windows/updates/catalog/entries
## Optional query parameters This method supports some of the [OData query parameters](/graph/query-parameters) to help customize the response, including `$count`, `$filter`, `$orderBy`, `$select`, `$skip`, and `$top`.
-To use a query parameter on a property that is not inherited from **catalogEntry**, include the full resource type for the property. For example, to filter on the **version** property of [featureUpdateCatalogEntry](../resources/windowsupdates-featureupdatecatalogentry.md) that equals 'Windows 11, version 22H2' , use `?$filter=microsoft.graph.windowsUpdates.featureUpdateCatalogEntry/version eq 'Windows 11, version 22H2''.
+To use a query parameter on a property that is not inherited from **catalogEntry**, include the full resource type for the property. For example, to filter on the **version** property of [featureUpdateCatalogEntry](../resources/windowsupdates-featureupdatecatalogentry.md) that equals 'Windows 11, version 22H2' , use `?$filter=microsoft.graph.windowsUpdates.featureUpdateCatalogEntry/version eq 'Windows 11, version 22H2'`.
## Request headers |Name|Description|
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a collection of catalogEntry objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [catalogEntry](../resources/windowsupdates-catalogentry.md) objects in the response body.
## Examples ### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
GET https://graph.microsoft.com/beta/admin/windows/updates/catalog/entries
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true,
Content-Type: application/json
] } ```-
v1.0 Workbook Tablerowoperationresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/workbook-tablerowoperationresult.md
The following example shows a request.
<!-- { "blockType": "request", "sampleKeys": ["0195cfac-bd22-4f91-b276-dece0aa2378b", "01CCETFLK7GVZTZHSQNRD2AEI5XWTCU6FJ"],
- "name": "workbook_tablerowoperationresult"
+ "name": "workbook_tablerowoperationresult_e1"
} --> ``` http
v1.0 Workflow List Executionscope https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/workflow-list-executionscope.md
Namespace: microsoft.graph.identityGovernance
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Lists the users who are in the scope of the execution conditions of a [workflow](../resources/identitygovernance-workflow.md). Users who initially fall in the scope of the execution conditions, but are updated to no longer meet the conditions after it's scheduled to run, will remain on the list for a short period of time before being removed. If the execution scope is changed, users who initially met it's conditions, but no longer do so will be cleared from the list after a short period of time. New users who meet the conditions for the workflow will then be listed.
+List the users that meet the [execution conditions](../resources/identitygovernance-workflowexecutionconditions.md) regardless of whether they have already been processed by the [workflow](../resources/identitygovernance-workflow.md).
-This API call requires workflow scheduling to be enabled.
+The workflow engine periodically evaluates the users that meet the execution conditions. The results will not be up to date if the execution conditions have been changed recently, relevant attributes on the user have been changed recently or the [time based trigger](../resources/identitygovernance-timebasedattributetrigger.md) has been reached recently.
+
+The API is only supported for workflows with [trigger and scope based](../resources/identitygovernance-triggerandscopebasedconditions.md) [execution conditions](../resources/identitygovernance-workflowexecutionconditions.md). Furthermore, results are only returned if the workflows schedule (isSchedulingEnabled) is enabled.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "lifecycleworkflows_list_executionScope"
+ "name": "lifecycleworkflows_list_executionScope_e1"
} --> ``` http
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "lifecycleworkflows_list_executionScope"
+ "name": "lifecycleworkflows_list_executionScope_e2"
} --> ``` http
v1.0 X509certificateauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/x509certificateauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 X509certificateauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/x509certificateauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 X509certificateauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/x509certificateauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/x
## Request body [!INCLUDE [table-intro](../../includes/update-property-table-intro.md)]
-The following properties can be updated.
-
-|Property|Type|Description|
-|:|:|:|
-|state|authenticationMethodState|The possible values are: `enabled`, `disabled`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
-|certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
-|authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. |
>**Note:** The `@odata.type` property with a value of `#microsoft.graph.x509CertificateAuthenticationMethodConfiguration` must be included in the body.
v1.0 Accesspackageassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignment.md
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
|assignmentState|String|The state of the access package assignment. Possible values are `Delivering`, `Delivered`, or `Expired`. Read-only. Supports `$filter` (`eq`).| |assignmentStatus|String|More information about the assignment lifecycle. Possible values include `Delivering`, `Delivered`, `NearExpiry1DayNotificationTriggered`, or `ExpiredNotificationTriggered`. Read-only.| |catalogId|String|The identifier of the catalog containing the access package. Read-only.|
+|customExtensionCalloutInstances|[customExtensionCalloutInstance](customextensioncalloutinstance.md) collection|Information about all the custom extension calls that were made during the access package assignment workflow.|
|expiredDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |id|String| Read-only.| |isExtended|Boolean|Indicates whether the access package assignment is extended. Read-only.|
The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
- "optionalProperties": [
-
- ],
+ "keyProperty": "id",
"@odata.type": "microsoft.graph.accessPackageAssignment",
- "keyProperty": "id"
-}-->
-
-```json
+ "openType": false
+}
+-->
+``` json
{
- "id":"9bdae7b4-6ece-487b-9eb8-9679dbd67aa2",
- "catalogId":"cc30dc98-6d3c-4fa0-bed8-fd76d0efd993",
- "accessPackageId":"e3f47362-993f-4fcb-8a38-532ffca16150",
- "assignmentPolicyId":"63ebd106-8116-40e7-a0ab-01ae475d11bb",
- "targetId":"ab4291f6-66b7-42bf-b597-a05b29414f5c",
- "assignmentStatus":"ExpiredNotificationTriggered",
- "assignmentState":"Expired",
- "isExtended":false,
- "expiredDateTime":"2019-04-25T23:45:40.42Z"
+ "@odata.type": "#microsoft.graph.accessPackageAssignment",
+ "id": "String (identifier)",
+ "catalogId": "String",
+ "accessPackageId": "String",
+ "assignmentPolicyId": "String",
+ "targetId": "String",
+ "assignmentStatus": "String",
+ "assignmentState": "String",
+ "isExtended": "Boolean",
+ "expiredDateTime": "String (timestamp)",
+ "schedule": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "customExtensionCalloutInstances": [
+ {
+ "@odata.type": "microsoft.graph.customExtensionCalloutInstance"
+ }
+ ]
} ```
v1.0 Accesspackageassignmentpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentpolicy.md
To assign a user to an access package, [create an accessPackageAssignmentRequest
|:-|:|:| |accessPackage|[accessPackage](accesspackage.md)| The access package with this policy. Read-only. Nullable. Supports `$expand`.| |customExtensionHandlers|[customExtensionHandler](../resources/customextensionhandler.md) collection| The collection of stages when to execute one or more custom access package workflow extensions. Supports `$expand`.|
+|customExtensionStageSettings|[customExtensionStageSetting](../resources/customextensionstagesetting.md) collection|The collection of stages when to execute one or more custom access package workflow extensions. Supports `$expand`.|
The following is a JSON representation of the resource.
```json {
- "@odata.type": "#microsoft.graph.accessPackageAssignmentPolicy",
- "id": "String (identifier)",
- "accessPackageId": "String",
- "displayName": "String",
- "description": "String",
- "canExtend": "Boolean",
- "durationInDays": "Integer",
- "expirationDateTime": "String (timestamp)",
- "createdBy": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedBy": "String",
- "modifiedDateTime": "String (timestamp)",
- "questions": [
- {
- "@odata.type": "microsoft.graph.accessPackageQuestion"
- }
- ],
- "requestorSettings": {
- "@odata.type": "microsoft.graph.requestorSettings"
- },
- "requestApprovalSettings": {
- "@odata.type": "microsoft.graph.approvalSettings"
- },
- "accessReviewSettings": {
- "@odata.type": "microsoft.graph.assignmentReviewSettings"
- }
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentPolicy",
+ "id":"String (identifier)",
+ "accessPackageId":"String",
+ "displayName":"String",
+ "description":"String",
+ "canExtend":"Boolean",
+ "durationInDays":"Integer",
+ "expirationDateTime":"String (timestamp)",
+ "createdBy":"String",
+ "createdDateTime":"String (timestamp)",
+ "modifiedBy":"String",
+ "modifiedDateTime":"String (timestamp)",
+ "questions":[
+ {
+ "@odata.type":"microsoft.graph.accessPackageQuestion"
+ }
+ ],
+ "requestorSettings":{
+ "@odata.type":"microsoft.graph.requestorSettings"
+ },
+ "requestApprovalSettings":{
+ "@odata.type":"microsoft.graph.approvalSettings"
+ },
+ "accessReviewSettings":{
+ "@odata.type":"microsoft.graph.assignmentReviewSettings"
+ }
} ```
v1.0 Accesspackageassignmentrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentrequest.md
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
|:-|:|:| |completedDate|DateTimeOffset|The date of the end of processing, either successful or failure, of a request. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.| |createdDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
-|customExtensionHandlerInstances|[customExtensionHandlerInstance](../resources/customextensionhandlerinstance.md) collection| A collection of [custom workflow extension](customaccesspackageworkflowextension.md) instances being run on an assignment request. Read-only. |
+|customExtensionCalloutInstances|[customExtensionCalloutInstance](../resources/customextensioncalloutinstance.md) collection|Information about all the custom extension calls that were made during the access package assignment request workflow.|
+|customExtensionHandlerInstances|[customExtensionHandlerInstance](../resources/customextensionhandlerinstance.md) collection| A collection of [custom workflow extension](customaccesspackageworkflowextension.md) instances being run on an assignment request. Read-only.|
|id|String| Read-only.| |isValidationOnly|Boolean|True if the request is not to be processed for assignment.| |justification|String|The requestor's supplied justification.|
The following is a JSON representation of the resource.
{ "@odata.type": "microsoft.graph.customExtensionHandlerInstance" }
+ ],
+ "customExtensionCalloutInstances": [
+ {
+ "@odata.type": "microsoft.graph.customExtensionCalloutInstance"
+ }
] } ```
v1.0 Accesspackageassignmentrequestcallbackdata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentrequestcallbackdata.md
+
+ Title: "accessPackageAssignmentRequestCallbackData resource type"
+description: "Access package assignment request workflow calllback back that custom extension endpoint callback."
+
+ms.localizationpriority: medium
++
+# accessPackageAssignmentRequestCallbackData resource type
+
+Namespace: microsoft.graph
++
+Access package assignment request workflow calllback back that custom extension endpoint callback, derived from [customextensiondata](../resources/customextensiondata.md)
++
+Inherits from [customExtensionData](../resources/customextensiondata.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|customExtensionStageInstanceId|String|Unique identifier of the callout to the custom extension.|
+|customExtensionStageInstanceDetail|String|Details for the callback.|
+|stage|accessPackageCustomExtensionStage|Indicates the stage at which the custom callout extension will be executed. The possible values are: `assignmentRequestCreated`, `assignmentRequestApproved`, `assignmentRequestGranted`, `assignmentRequestRemoved`, `assignmentFourteenDaysBeforeExpiration`, `assignmentOneDayBeforeExpiration`, `unknownFutureValue`.|
+|state|String|Allow the extension to be able to deny or cancel the request submitted by the requestor. The supported values are `Denied` and `Canceled`. This property can only be set for an `assignmentRequestCreated` stage.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestCallbackData",
+ "stage": "String",
+ "customExtensionStageInstanceId": "String",
+ "customExtensionStageInstanceDetail": "String",
+ "state": "String"
+}
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentrequestworkflowextension.md
+
+ Title: "accessPackageAssignmentRequestWorkflowExtension resource type"
+description: "Defines the attributes of a logic app that can be called at various stages of an access package request cycle."
+
+ms.localizationpriority: medium
++
+# accessPackageAssignmentRequestWorkflowExtension resource type
+
+Namespace: microsoft.graph
++
+Defines the attributes of a logic app that can be called at various stages of an access package request cycle. You can integrate logic apps with entitlement management to broaden your governance workflows beyond the core entitlement management use cases.
+
+The following use cases can be integrated with logic apps using [access package assignment request](accesspackageassignmentrequest.md) workflow:
+- When an [access package is requested](accesspackageassignmentrequest.md)
+- When an [access package request is approved](accesspackageassignmentrequest.md)
+- When an [access package request is granted](accesspackageassignmentrequest.md)
+- When an [access package assignment expires](accesspackageassignmentrequest.md)
++
+Inherits from [customCalloutExtension](../resources/customcalloutextension.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List accessPackageAssignmentRequestWorkflowExtension](../api/accesspackagecatalog-list-accesspackagecustomworkflowextensions.md)|[customCalloutExtension](../resources/accesspackageassignmentrequestworkflowextension.md) collection|Get a list of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) objects and their properties.|
+|[Create accessPackageAssignmentRequestWorkflowExtension](../api/accesspackagecatalog-post-accesspackagecustomworkflowextensions.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md)| Create a new [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+|[Get accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-get.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md)|Read the properties and relationships of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+|[Update accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-update.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md)|Update the properties of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+|[Delete accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-delete.md)|None|Delete an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The callback configuration for a custom extension.|
+|createdBy|String|The userPrincipalName of the user or identity of the subject that created this resource. Read-only.|
+|createdDateTime|DateTimeOffset|When the object was created.|
+|description|String|Description for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|id|String|Read-only.|
+|lastModifiedBy|String|The userPrincipalName of the identity that last modified the object. |
+|lastModifiedDateTime|DateTimeOffset|When the object was last modified.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "baseType": "microsoft.graph.customCalloutExtension",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id": "String (identifier)",
+ "authenticationConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration"
+ },
+ "description": "String",
+ "displayName": "String",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ },
+ "createdBy": "String",
+ "lastModifiedBy": "String",
+ "createdDateTime": "String (timestamp)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "callbackConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionCallbackConfiguration"
+ }
+}
+```
+
v1.0 Accesspackageassignmentworkflowextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentworkflowextension.md
+
+ Title: "accessPackageAssignmentWorkflowExtension resource type"
+description: "Defines the attributes of a logic app that can be called at various stages of an access package assignment cycle."
+
+ms.localizationpriority: medium
++
+# accessPackageAssignmentWorkflowExtension resource type
+
+Namespace: microsoft.graph
++
+Defines the attributes of a logic app that can be called at various stages of an access package request cycle. You can integrate logic apps with entitlement management to broaden your governance workflows beyond the core entitlement management use cases.
+
+The following use cases can be integrated with logic apps in the [access package assignment](accesspackageassignment.md) workflow:
+- When an [access package assignment will expire in fourteen days](accesspackageassignment.md)
+- When an [access package assignment will expire in one day](accesspackageassignment.md)
+
+Inherits from [customCalloutExtension](../resources/customcalloutextension.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List accessPackageAssignmentWorkflowExtensions](../api/accesspackagecatalog-list-accesspackagecustomworkflowextensions.md)|[customCalloutExtension](../resources/accesspackageassignmentworkflowextension.md) collection|Get a list of the [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) objects and their properties.|
+|[Create accessPackageAssignmentWorkflowExtension](../api/accesspackagecatalog-post-accesspackagecustomworkflowextensions.md)|[accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)|Create a new [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+|[Get accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-get.md)|[accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)|Read the properties and relationships of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+|[Update accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-update.md)|[accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)|Update the properties of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+|[Delete accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-delete.md)|None|Delete an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The callback configuration for a custom extension.|
+|createdBy|String|The userPrincipalName of the user or identity of the subject that created this resource. Read-only.|
+|createdDateTime|DateTimeOffset|When the entity was created.|
+|description|String|Description for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|id|String|Read-only.|
+|lastModifiedBy|String|The userPrincipalName of the identity that last modified the entity. |
+|lastModifiedDateTime|DateTimeOffset|When the entity was last modified.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "baseType": "microsoft.graph.customCalloutExtension",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id": "String (identifier)",
+ "authenticationConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration"
+ },
+ "clientConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionClientConfiguration"
+ },
+ "description": "String",
+ "displayName": "String",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ },
+ "createdBy": "String",
+ "lastModifiedBy": "String",
+ "createdDateTime": "String (timestamp)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "callbackConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionCallbackConfiguration"
+ }
+}
+```
+
v1.0 Accesspackagecatalog https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackagecatalog.md
An access package catalog might also have linked resources that are used in thos
| [List accessPackageCatalog resources](../api/accesspackagecatalog-list-accesspackageresources.md) | [accessPackageResource](accesspackageresource.md) collection | Retrieve a list of accessPackageResource objects in a catalog. | | **Access package resource roles**| | | | [List accessPackageCatalog resource roles](../api/accesspackagecatalog-list-accesspackageresourceroles.md) | [accessPackageResourceRole](accesspackageresourcerole.md) collection | Retrieve a list of accessPackageResourceRole objects for resources in a catalog. |
+| **Access package custom package workflow extensions**| | |
+|[List accessPackageCustomWorkflowExtensions](../api/accesspackagecatalog-list-accessPackageCustomWorkflowExtensions.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) and [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) collection|Get a list of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) and [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) objects and their properties.|
+|[Create accessPackageCustomWorkflowExtensions](../api/accesspackagecatalog-post-accessPackageCustomWorkflowExtensions.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md)|Create a new [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
+|[Get accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-get.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md)|Read the properties and relationships of a [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) object.|
+|[Update accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-update.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md)|Update the properties of a [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) object.|
+|[Delete accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-delete.md)|None|Deletes a [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) object.|
+|[Get accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-get.md)|[accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md)|Read the properties and relationships of a [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
+|[Update accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-update.md)|[accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md)|Update the properties of a [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
+|[Delete accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-delete.md)|None|Deletes a [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
| **Custom access package package workflow extensions**| | | |[List customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-list-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|Get a list of the [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) objects and their properties.| |[Create customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Create a new [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
An access package catalog might also have linked resources that are used in thos
| Relationship | Type | Description | |:-|:|:| |accessPackages|[accessPackage](accesspackage.md) collection| The access packages in this catalog. Read-only. Nullable. Supports `$expand`.|
+|accessPackageCustomWorkflowExtensions|[customCalloutExtension](../resources/customcalloutextension.md) collection|The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. |
|accessPackageResources|[accessPackageResource](accesspackageresource.md) collection| Read-only. Nullable.| |accessPackageResourceRoles|[accessPackageResourceRole](accesspackageresourcerole.md) collection|The roles in each resource in a catalog. Read-only.| |accessPackageResourceScopes|[accessPackageResourceScope](accesspackageresourcescope.md) collection|Read-only.|
-|customAccessPackageWorkflowExtension|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. |
+|customAccessPackageWorkflowExtension |[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. |
## JSON representation
v1.0 Accessreviewschedulesettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accessreviewschedulesettings.md
The **accessReviewScheduleSettings** defines the settings of an [accessReviewSch
| mailNotificationsEnabled|Boolean | Indicates whether emails are enabled or disabled. Default value is `false`. | | reminderNotificationsEnabled|Boolean | Indicates whether reminders are enabled or disabled. Default value is `false`. | | justificationRequiredOnApproval|Boolean | Indicates whether reviewers are required to provide justification with their decision. Default value is `false`. |
-| defaultDecisionEnabled|Boolean | Indicates whether the default decision is enabled or disabled when reviewers do not respond. Default value is `false`. |
+| defaultDecisionEnabled|Boolean | Indicates whether the default decision is enabled or disabled when reviewers do not respond. Default value is `false`. <br/><br/> **CAUTION:** If both **autoApplyDecisionsEnabled** and **defaultDecisionEnabled** are `true`, all access for the principals to the resource risks being revoked if the reviewers fail to respond. |
| defaultDecision|String | Decision chosen if `defaultDecisionEnabled` is enabled. Can be one of `Approve`, `Deny`, or `Recommendation`. | | instanceDurationInDays|Int32 | Duration of each recurrence of review (`accessReviewInstance`) in number of days. <br/>**NOTE:** If the **stageSettings** of the [accessReviewScheduleDefinition](accessreviewscheduledefinition.md) object is defined, its **durationInDays** setting will be used instead of the value of this property. | | recurrence|[patternedRecurrence](../resources/patternedrecurrence.md) | Detailed settings for recurrence using the standard Outlook recurrence object. <br/><br/>**Note:** Only **dayOfMonth**, **interval**, and **type** (`weekly`, `absoluteMonthly`) properties are supported. Use the property **startDate** on **recurrenceRange** to determine the day the review starts. |
-| autoApplyDecisionsEnabled|Boolean | Indicates whether decisions are automatically applied. When set to `false`, an admin must apply the decisions manually once the reviewer completes the access review. When set to `true`, decisions are applied automatically after the access review instance duration ends, whether or not the reviewers have responded. Default value is `false`. |
+| autoApplyDecisionsEnabled|Boolean | Indicates whether decisions are automatically applied. When set to `false`, an admin must apply the decisions manually once the reviewer completes the access review. When set to `true`, decisions are applied automatically after the access review instance duration ends, whether or not the reviewers have responded. Default value is `false`. <br/><br/> **CAUTION:** If both **autoApplyDecisionsEnabled** and **defaultDecisionEnabled** are `true`, all access for the principals to the resource risks being revoked if the reviewers fail to respond.|
| applyActions|[accessReviewApplyAction](../resources/accessreviewapplyaction.md) collection | Optional field. Describes the actions to take once a review is complete. There are two types that are currently supported: `removeAccessApplyAction` (default) and `disableAndDeleteUserApplyAction`. Field only needs to be specified in the case of `disableAndDeleteUserApplyAction`. | | recommendationsEnabled|Boolean | Indicates whether decision recommendations are enabled or disabled. <br/>**NOTE:** If the **stageSettings** of the [accessReviewScheduleDefinition](accessreviewscheduledefinition.md) object is defined, its **recommendationsEnabled** setting will be used instead of the value of this property. | | recommendationLookBackDuration | Duration| Optional field. Indicates the period of inactivity (with respect to the start date of the review instance) that recommendations will be configured from. The recommendation will be to `deny` if the user is inactive during the look-back duration. For reviews of groups and Azure AD roles, any duration is accepted. For reviews of applications, 30 days is the maximum duration. If not specified, the duration is 30 days. <br/><br/>**NOTE:** If the **stageSettings** of the [accessReviewScheduleDefinition](accessreviewscheduledefinition.md) object is defined, its **recommendationLookBackDuration** setting will be used instead of the value of this property. |
v1.0 Activateservice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/activateservice.md
- Title: "activateService resource type"
-description: "Represents a service to be activated."
-
-doc_type: apiPageType
--
-# activateService resource type (deprecated)
-
-Namespace: microsoft.graph
--
-Represents a service to be activated.
-
-## Properties
-
-| Property | Type | Description |
-| -- | | - |
-| service| String | The name of the service to activate. |
-| servicePlanId | Guid | The plan identifier of the service plan to activate. |
-| skuId | Guid | The SKU identifier of the service plan. |
-
-## JSON representation
-
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "@odata.type": "microsoft.graph.activateService"
-}-->
-
-```json
-{
- "service": "String",
- "skuId": "Guid",
- "servicePlanId": "Guid"
-}
-
-```
-
-<!-- uuid: 20fd7863-9545-40d4-ae8f-fee2d115a690
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "activateService",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>
v1.0 Application https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/application.md
This resource supports:
| signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. The possible values are: `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` (default), and `PersonalMicrosoftAccount`. See more in the [table](#signinaudience-values). <br/><br/>The value of this object also limits the number of permissions an app can request. For more information, see [Limits on requested permissions per app](#limits-on-requested-permissions-per-app). <br><br>The value for this property has implications on other app object properties. As a result, if you change this property, you may need to change other properties first. For more information, see [Validation differences for signInAudience](/azure/active-directory/develop/supported-accounts-validation?context=graph/context).<br><br>Supports `$filter` (`eq`, `ne`, `not`).| | servicePrincipalLockConfiguration | [servicePrincipalLockConfiguration](servicePrincipalLockConfiguration.md) | Specifies whether sensitive properties of a multi-tenant application should be locked for editing after the application is provisioned in a tenant. Nullable. `null` by default. | | spa | [spaApplication](../resources/spaapplication.md) | Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and access tokens. |
-| tags |String collection| Custom strings that can be used to categorize and identify the application. Not nullable.<br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
+| tags |String collection| Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here will also appear in the **tags** property of any associated [service principals](serviceprincipal.md).<br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
| tokenEncryptionKeyId |Guid|Specifies the keyId of a public key from the keyCredentials collection. When configured, Azure AD encrypts all the tokens it emits by using the key this property points to. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.| | verifiedPublisher | [verifiedPublisher](verifiedPublisher.md) | Specifies the verified publisher of the application. For more information about how publisher verification helps support application security, trustworthiness, and compliance, see [Publisher verification](/azure/active-directory/develop/publisher-verification-overview).| | uniqueName | String | The unique identifier that can be assigned to an application as an alternative identifier. Immutable. Read-only. |
v1.0 Applicationauthenticationmethodpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/applicationauthenticationmethodpolicy.md
ms.prod: "identity-and-sign-in"
doc_type: "conceptualPageType"
-# Azure AD application authentication methods API overview (preview)
+# Azure AD application authentication methods API overview
Namespace: microsoft.graph
v1.0 Authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationmethodconfiguration.md
The following authentication methods are derived from the **authenticationMethod
+ [emailAuthenticationMethodConfiguration](emailauthenticationmethodconfiguration.md) + [fido2AuthenticationMethodConfiguration](fido2authenticationmethodconfiguration.md) + [microsoftAuthenticatorAuthenticationMethodConfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)++ [voiceAuthenticationMethodConfiguration](voiceauthenticationmethodconfiguration.md) + [smsAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md)++ [softwareOathAuthenticationMethodConfiguration](softwareoathauthenticationmethodconfiguration.md) + [temporaryAccessPassAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md) + [x509CertificateAuthenticationMethodConfiguration](x509certificateauthenticationmethodconfiguration.md)
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.authenticationMethodConfiguration", "id": "String (identifier)",
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
} ```
v1.0 Authenticationmethodspolicies Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationmethodspolicies-overview.md
The authentication method policies APIs are used to manage policy settings. For
|Authentication method policy | Description | |:|:|
-|[smsAuthenticationMethodConfiguration](smsAuthenticationMethodConfiguration.md)| Define users who can use Text Message on the Azure AD tenant.|
+|[emailauthenticationmethodconfiguration](emailauthenticationmethodconfiguration.md)|Define users who can use email OTP on the Azure AD tenant.|
|[fido2authenticationmethodconfiguration](fido2authenticationmethodconfiguration.md)| Define FIDO2 security key restrictions and users who can use them to sign in to Azure AD.| |[microsoftauthenticatorauthenticationmethodconfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)|Define users who can use Microsoft Authenticator on the Azure AD tenant.|
-|[emailauthenticationmethodconfiguration](emailauthenticationmethodconfiguration.md)|Define users who can use email OTP on the Azure AD tenant.|
|[passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration](passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration.md) (deprecated)|Define users who can use Passwordless Phone Sign-in to sign in to Azure AD.|
+|[smsAuthenticationMethodConfiguration](smsAuthenticationMethodConfiguration.md)| Define users who can use Text Message on the Azure AD tenant.|
+|[softwareOathAuthenticationMethodConfiguration](softwareOathAuthenticationMethodConfiguration.md)|Define users who can use a third-party software OATH authentication method.|
|[temporaryaccesspassauthenticationmethodconfiguration](temporaryaccesspassauthenticationmethodconfiguration.md)|Define users who can use Temporary Access Pass to sign in to Azure AD.|
+|[voiceAuthenticationMethodConfiguration](voiceAuthenticationMethodConfiguration.md)|Define users or groups that are enabled to use the voice call authentication method.|
|[x509CertificateAuthenticationMethodConfiguration](x509CertificateAuthenticationMethodConfiguration.md)|Define users who can use X.509 certificate to sign in to Azure AD.| ## Policies available to push users to set up authentication methods:
v1.0 Azureadpoptokenauthentication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/azureadpoptokenauthentication.md
+
+ Title: "azureAdPopTokenAuthentication resource type"
+description: "Defines the Azure AD Proof Of Possession (PoP) used to authenticate with a workflow extension."
+
+ms.localizationpriority: medium
++
+# azureAdPopTokenAuthentication resource type
+
+Namespace: microsoft.graph
++
+Defines the Proof Of Possession (PoP) token authentication model to authenticate a logic app with a [accessPackageAssignmentRequestWorkflowExtensions](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or a [accessPackageAssignmentWorkflowExtensions](../resources/accessPackageAssignmentWorkflowExtension.md) object.
+
+Inherits from [customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md).
+
+## Properties
+None.
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "baseType": "microsoft.graph.customExtensionAuthenticationConfiguration",
+ "@odata.type": "microsoft.graph.azureAdPopTokenAuthentication"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.azureAdPopTokenAuthentication"
+}
+```
v1.0 Callrecords Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/callrecords-api-overview.md
Title: "Working with the call records API in Microsoft Graph" description: "The Microsoft Graph call records API allows you to retrieve usage and diagnostics data for calls and online meetings within your organization."-+ doc_type: conceptualPageType ms.prod: cloud-communications ms.localizationpriority: high
ms.localizationpriority: high
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs.
+Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs. A call record is created after a call or meeting ends and the record is retained for 30 days.
The call records API is defined in the OData sub-namespace, `microsoft.graph.callRecords`.
v1.0 Callrecords Callrecord https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/callrecords-callrecord.md
Title: "callRecord resource type" description: "Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting." ms.localizationpriority: medium-+ ms.prod: "cloud-communications" doc_type: "resourcePageType"
Namespace: microsoft.graph.callRecords
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting.
+Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting. A call record is created after a call or meeting ends.
## Methods
v1.0 Calltranscript https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/calltranscript.md
Represents a transcript associated with an [online meeting](onlinemeeting.md).
| content| Stream| A field that represents the content of the transcript. Read-only.| | createdDateTime| DateTimeOffset| Date and time at which the transcript was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.| | id| String| The unique identifier for the transcript. Read-only.|
+| metadataContent| Stream| A field that represents the time-aligned metadata of the utterances in the transcript. Read-only.|
## JSON representation
The following is a JSON representation of the resource.
{ "content": "stream", "createdDateTime": "dateTimeOffset",
- "id": "string (identifier)"
+ "id": "string (identifier)",
+ "metadataContent": "stream"
} ```
v1.0 Chatmessagefromidentityset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/chatmessagefromidentityset.md
Inherits from [identitySet](../resources/identityset.md).
|:|:|:| |application|[identity](../resources/identity.md)|Inherited from [identitySet](../resources/identityset.md). If present, represents the application (for example, bot) that sent the message.| |device|[identity](../resources/identity.md)|Inherited from [identitySet](../resources/identityset.md). Not used.|
-|user|[identity](../resources/identity.md)|Inherited from [identitySet](../resources/identityset.md). If present, represents the user that sent the message.|
+|user|[teamworkUserIdentity](../resources/teamworkUserIdentity.md)|If present, represents the user that sent the message.|
## Relationships None.
v1.0 Cloudpc https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpc.md
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|[List for user](../api/user-list-cloudpcs.md)|[cloudPC](../resources/cloudpc.md) collection|List the [cloudPC](../resources/cloudpc.md) devices that are attributed to the signed-in user.| |[Get launch info for user](../api/cloudpc-getcloudpclaunchinfo.md)|[cloudPCLaunchInfo](../resources/cloudpclaunchinfo.md)|Get the [cloudPCLaunchInfo](../resources/cloudpclaunchinfo.md) for the signed-in user.| |[Get connectivity history](../api/cloudpc-getcloudpcconnectivityhistory.md)|[cloudPcConnectivityEvent](../resources/cloudpcconnectivityevent.md) collection|Get the Cloud PC connectivity history.|
+|[Get shift work access state](../api/cloudpc-getshiftworkcloudpcaccessstate.md)|[shiftWorkCloudPcAccessState](#shiftworkcloudpcaccessstate-values)|Get the access state of the shift work Cloud PC. The possible values are: {unassigned, noLicensesAvailable, activationFailed, active, activating, waitlisted, unknownFutureValue, hibernated}. Note that you must use the `Prefer: include-unknown-enum-members` request header to get the following value in this [shiftWorkCloudPcAccessState](#shiftworkcloudpcaccessstate-values): {hibernated}.|
|[Get supported remote actions](../api/cloudpc-getsupportedcloudpcremoteactions.md)|[cloudPcRemoteActionCapability](../resources/cloudpcremoteactioncapability.md) collection|Get a list of supported Cloud PC remote actions for a specific Cloud PC device, including the action names and capabilities.| |[Retry partner agent installation](../api/cloudpc-retrypartneragentinstallation.md)|None|Retry installation for the partner agents which failed to install on the [cloudPC](../resources/cloudpc.md).|
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|Property|Type|Description| |:|:|:| |aadDeviceId|String|The Azure Active Directory (Azure AD) device ID of the Cloud PC.|
-|connectivityResult|[cloudPcConnectivityResult](../resources/cloudpcconnectivityresult.md)|The connectivity health check result of a Cloud PC, including the updated timestamp and whether the Cloud PC is able to be connected or not.|
+|connectivityResult|[cloudPcConnectivityResult](../resources/cloudpcconnectivityresult.md)|The connectivity health check result of a Cloud PC, including the updated timestamp and whether the Cloud PC can be connected.|
|diskEncryptionState|[cloudPcDiskEncryptionState](#cloudpcdiskencryptionstate-values)|The disk encryption applied to the Cloud PC. Possible values: `notAvailable`, `notEncrypted`, `encryptedUsingPlatformManagedKey`, `encryptedUsingCustomerManagedKey`, and `unknownFutureValue`.| |displayName|String|The display name of the Cloud PC.| |gracePeriodEndDateTime|DateTimeOffset|The date and time when the grace period ends and reprovisioning/deprovisioning happens. Required only if the status is `inGracePeriod`. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|restoring|The Cloud PC is restoring.| |unknownFutureValue|Evolvable enumeration sentinel value. Do not use.|
+### shiftWorkCloudPcAccessState values
+The following table lists the members of an [evolvable enumeration](#shiftworkcloudpcaccessstate-values). You must use the `Prefer: include-unknown-enum-members` request header to get the following values in this evolvable enum: `hibernated`.
+
+|Member|Description|
+|:|:|
+|unassigned|Set to unassigned if the Cloud PC is not consuming any shared-use licenses. The default value is unassigned.|
+|noLicensesAvailable|Indicates that all shared-use licenses are in use.|
+|activationFailed|Indicates that the shift work Cloud PC activation failed after the user requested a shift work Cloud PC.|
+|active|Indicates that the shift work Cloud PC is in an active state with a shared-use license assigned, and the user can connect to the Cloud PC.|
+|activating|Indicates that a user requested to connect the Cloud PC and the service is starting.|
+|waitlisted (deprecated)|Indicates that the shift work Cloud PC is in waitlisted state after the user requests to connect this Cloud PC and all shared use licenses are being actively used. This value is deprecated and will stop returning on May 17, 2023. |
+|unknownFutureValue|Evolvable enumeration sentinel value. Do not use.|
+|hibernated|Indicates that the shift work Cloud PC is in the hibernated state before it's shut down and deallocated. A shift work Cloud PC in hibernated state is still accessible by the user.|
+ ## Relationships None.
v1.0 Cloudpcdeviceimage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcdeviceimage.md
Represents the image resource on a Cloud PC.
|Property|Type|Description| |:|:|:|
-|displayName|String|The image's display name.|
+|displayName|String|The display name of the image.|
|expirationDate|Date|The date the image became unavailable.| |id|String|Unique identifier for the image resource on the Cloud PC. Read-only.|
-|lastModifiedDateTime|DateTimeOffset|The data and time that the image was last modified. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. For example, midnight UTC on Jan 1, 2014 appears as '2014-01-01T00:00:00Z'.|
-|operatingSystem|String|The image's operating system. For example: Windows 10 Enterprise.|
-|osBuildNumber|String|The image's OS build version. For example: 1909.|
+|lastModifiedDateTime|DateTimeOffset|The data and time that the image was last modified. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. For example, midnight UTC on Jan 1, 2014 appears as `2014-01-01T00:00:00Z`.|
+|operatingSystem|String|The operating system of the image. For example, `Windows 10 Enterprise`.|
+|osBuildNumber|String|The OS build version of the image. For example, `1909`.|
|osStatus|[cloudPcDeviceImageOsStatus](#cloudpcdeviceimageosstatus-values)|The OS status of this image. Possible values are: `supported`, `supportedWithWarning`, `unknownFutureValue`.|
-|sourceImageResourceId|String|The ID of the source image resource on Azure. Required format: "/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}".|
+|sourceImageResourceId|String|The ID of the source image resource on Azure. Required format: `/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}`.|
|status|[cloudPcDeviceImageStatus](#cloudpcdeviceimagestatus-values)|The status of the image on Cloud PC. Possible values are: `pending`, `ready`, `failed`.|
-|statusDetails|cloudPcDeviceImageStatusDetails|The details of the image's status, which indicates why the upload failed, if applicable. Possible values are: `internalServerError`, `sourceImageNotFound`, `osVersionNotSupported`, `sourceImageInvalid`, and `sourceImageNotGeneralized`.|
-|version|String|The image version. For example: 0.0.1, 1.5.13.|
+|statusDetails|cloudPcDeviceImageStatusDetails|The details of the status of the image that indicates why the upload failed, if applicable. Possible values are: `internalServerError`, `sourceImageNotFound`, `osVersionNotSupported`, `sourceImageInvalid`, and `sourceImageNotGeneralized`.|
+|version|String|The image version. For example, `0.0.1` and `1.5.13`.|
### cloudPcDeviceImageStatus values
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.cloudPcDeviceImage",
- "id": "String (identifier)",
"displayName": "String",
+ "expirationDate": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastModifiedDateTime": "String (timestamp)",
"operatingSystem": "String", "osBuildNumber": "String",
- "version": "String",
- "lastModifiedDateTime": "String (timestamp)",
+ "osStatus": "String",
+ "sourceImageResourceId": "String",
"status": "String", "statusDetails": "String",
- "sourceImageResourceId": "String",
- "expirationDate":"String (timestamp)",
- "osStatus":"String"
+ "version": "String"
} ```
v1.0 Cloudpcgalleryimage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcgalleryimage.md
Title: "cloudPcGalleryImage resource type"
-description: "Represents the gallery image resource of the current organization."
+description: "Represents the gallery image resource of the current organization that can be used to provision a Cloud PC."
ms.localizationpriority: medium ms.prod: "cloud-pc"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents the gallery image resource of the current organization which can be used to provision a Cloud PC.
+Represents the gallery image resource of the current organization that can be used to provision a Cloud PC.
## Methods
Represents the gallery image resource of the current organization which can be u
|Property|Type|Description| |:|:|:| |displayName|String|The official display name of the gallery image. Read-only.|
-|endDate|Date|The date in which this image is no longer within long-term support. The Cloud PC will continue to provide short-term support. Read-only.|
+|endDate|Date|The date in which this image is no longer within long-term support. The Cloud PC continues to provide short-term support. Read-only.|
|expirationDate|Date|The date when the image is no longer available. Read-only.| |id|String|Unique identifier for the gallery image resource on the Cloud PC. Read-only.|
-|offer|String|The offer name of the gallery image. This value will be passed to Azure to get the image resource. Read-only.|
-|offerDisplayName|String|The official display offer name of the gallery image. For example, Windows 10 Enterprise + OS Optimizations. Read-only.|
-|publisher|String|The publisher name of the gallery image. This value will be passed to Azure to get the image resource. Read-only.|
+|offer|String|The offer name of the gallery image. This value is passed to Azure to get the image resource. Read-only.|
+|offerDisplayName|String|The official display offer name of the gallery image. For example, `Windows 10 Enterprise + OS Optimizations`. Read-only.|
+|publisher|String|The publisher name of the gallery image. This value is passed to Azure to get the image resource. Read-only.|
|recommendedSku|String|Recommended Cloud PC SKU for this gallery image. Read-only.| |sizeInGB|Int32|The size of this image in gigabytes. Read-only.|
-|sku|String|The SKU name of the gallery image. This value will be passed to Azure to get the image resource. Read-only.|
-|skuDisplayName|String|The official display stock keeping unit (SKU) name of this gallery image. For example, 2004. Read-only.|
+|sku|String|The SKU name of the gallery image. This value is passed to Azure to get the image resource. Read-only.|
+|skuDisplayName|String|The official display stock keeping unit (SKU) name of this gallery image. For example, `2004`. Read-only.|
|startDate|Date|The date when the image becomes available. Read-only.| |status|cloudPcGalleryImageStatus|The status of the gallery image on the Cloud PC. Possible values are: `supported`, `supportedWithWarning`, `notSupported`, `unknownFutureValue`. Read-only.|
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.cloudPcDeviceImage",
+ "displayName": "String",
+ "endDate": "String (Date)",
+ "expiredDate": "String (Date)",
"id": "String (identifier)",
- "displayName":"String",
- "offerDisplayName":"String",
- "skuDisplayName":"String",
- "publisher":"String",
- "offer":"String",
- "sku":"String",
- "recommendedSku":"String",
- "status":"String",
- "sizeInGB":"Int32",
- "startDate":"String (Date)",
- "endDate":"String (Date)",
- "expiredDate":"String (Date)"
+ "offer": "String",
+ "offerDisplayName": "String",
+ "publisher": "String",
+ "recommendedSku": "String",
+ "sizeInGB": "Int32",
+ "sku": "String",
+ "skuDisplayName": "String",
+ "startDate": "String (Date)",
+ "status": "String"
} ```
v1.0 Cloudpcserviceplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcserviceplan.md
Title: "cloudPcServicePlan resource type"
-description: "Represents a Windows 365 service plan configured for a Cloud PC."
+description: "Represents a Windows 365 service plan that can be purchased and configured for a Cloud PC."
ms.localizationpriority: medium ms.prod: "cloud-pc"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents a Windows 365 service plan configured for a Cloud PC.
+Represents a Windows 365 service plan that can be purchased and configured for a Cloud PC.
-For examples of currently available service plans, see [Windows 365 compare plans and pricing](https://www.microsoft.com/windows-365/business/compare-plans-pricing). Currently, Microsoft Graph API is available for Windows 365 Enterprise.
+For examples of currently available service plans, see [Windows 365 compare plans and pricing](https://www.microsoft.com/windows-365/business/compare-plans-pricing). Currently, the Microsoft Graph API is available for Windows 365 Enterprise.
## Methods
For examples of currently available service plans, see [Windows 365 compare plan
|type|[cloudPcServicePlanType](#cloudpcserviceplantype-values)|The type of the service plan. Possible values are: `enterprise`, `business`, `unknownFutureValue`. Read-only.| |userProfileInGB|Int32|The size of the user profile disk in GB. Read-only.| |vCpuCount|Int32|The number of vCPUs. Read-only.|
+|supportedSolution|[cloudPcManagementService](../resources/cloudpconpremisesconnection.md#cloudpcmanagementservice-values)|The supported service or solution for the region. The possible values are: `windows365`, `devBox`, `rpaBox`, `unknownFutureValue`. Read-only.|
+|provisioningType|[cloudPcProvisioningType](../resources/cloudpcprovisioningpolicy.md#cloudpcprovisioningtype-values)|Specifies the type of license used when provisioning Cloud PCs. By default, the license type is `dedicated`. Possible values are: `dedicated`, `shared`, `unknownFutureValue`.|
### cloudPcServicePlanType values
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.cloudPcServicePlan",
- "id": "String (identifier)",
"displayName": "String",
- "type": "String",
- "vCpuCount": "Int32",
+ "id": "String (identifier)",
+ "provisioningType": "String",
"ramInGB": "Int32", "storageInGB": "Int32",
- "userProfileInGB": "Int32"
+ "supportedSolution": "String",
+ "type": "String",
+ "userProfileInGB": "Int32",
+ "vCpuCount": "Int32"
} ```
v1.0 Cloudpcsnapshot https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcsnapshot.md
Inherits from [entity](../resources/entity.md).
|createdDateTime|DateTimeOffset|The date and time at which the snapshot was taken. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.| |id|String|The unique identifier for the snapshot of the Cloud PC device at a specific point in time. Inherited from [entity](../resources/entity.md).| |lastRestoredDateTime|DateTimeOffset|The date and time at which the snapshot was last used to restore the Cloud PC device. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
-|snapshotType| [cloudPcSnapshotType](#cloudpcsnapshottype-values) | The type of snapshot. indicates how the snapshot is to be created. Possible values are `automatic`, `manual`. Default value is `automatic`.|
+|snapshotType| [cloudPcSnapshotType](#cloudpcsnapshottype-values) | The type of snapshot that indicates how to create the snapshot. Possible values are `automatic`, `manual`. Default value is `automatic`.|
|status|[cloudPcSnapshotStatus](#cloudpcsnapshotstatus-values)|The status of the Cloud PC snapshot. The possible values are: `ready`, `unknownFutureValue`.|
-|expirationDateTime|DateTimeOffset| The date and time when the snapshot expires. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. For example, midnight UTC on Jan 1, 2014 appears as'2014-01-01T00:00:00Z'.|
+|expirationDateTime|DateTimeOffset| The date and time when the snapshot expires. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
### cloudPcSnapshotStatus values
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.cloudPcSnapshot", "cloudPcId": "String", "createdDateTime": "String (timestamp)",
+ "expirationDateTime": "String (timestamp)",
"id": "String (identifier)", "lastRestoredDateTime": "String (timestamp)",
- "status": "String",
"snapshotType": "String",
- "expirationDateTime": "String (timestamp)",
+ "status": "String"
} ```
v1.0 Columndefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/columndefinition.md
-
-description: Represents a column in a site, a list, or a contentType.
Previously updated : 09/11/2017 Title: ColumnDefinition+
+description: "Represents a column in a site, a list, or a contentType."
+ Title: "columnDefinition resource type"
ms.localizationpriority: medium
-doc_type: resourcePageType
ms.prod: sites-and-lists
Namespace: microsoft.graph
Represents a column in a [site][], [list][] or [contentType][].
+By default, **columnDefinitions** and field values for `hidden` columns are not shown. To see them when listing **columnDefinitions**, include `hidden` in your `$select` statement. To see them when showing **field** values on [listItems][listItem], include the desired columns by name in your `$select` statement.
+ ## Methods | Method | Return type | Description |
Represents a column in a [site][], [list][] or [contentType][].
| [Create columnDefinition for a content type](../api/contenttype-post-columns.md) | [columnDefinition](../resources/columndefinition.md) | Create a new [columnDefinition](../resources/columndefinition.md) object in a [content type](../resources/contenttype.md). | | [Get columnDefinition](../api/columndefinition-get.md) | [columnDefinition](../resources/columndefinition.md) | Read the properties and relationships of a [columnDefinition](../resources/columndefinition.md) object. | | [Update columnDefinition](../api/columndefinition-update.md) | [columnDefinition](../resources/columndefinition.md) | Update the properties of a [columnDefinition](../resources/columndefinition.md) object. |
-| [Delete columnDefinition](../api/columndefinition-delete.md) | None | Deletes a [columnDefinition](../resources/columndefinition.md) object. |
+| [Delete columnDefinition](../api/columndefinition-delete.md) | None | Delete a [columnDefinition](../resources/columndefinition.md) object. |
## Properties
In those cases, none of the column type facets will be populated, and the column
## JSON representation
-Here is a JSON representation of a columnDefinition resource.
+The following is a JSON representation of the resource.
<!--{ "blockType": "resource",
Here is a JSON representation of a columnDefinition resource.
```json {
- "columnGroup": "string",
- "description": "description",
- "displayName": "friendly name",
- "enforceUniqueValues": true,
- "hidden": false,
- "id": "string",
- "indexed": true,
+ "boolean": {"@odata.type": "microsoft.graph.booleanColumn"},
+ "calculated": {"@odata.type": "microsoft.graph.calculatedColumn"},
+ "choice": {"@odata.type": "microsoft.graph.choiceColumn"},
+ "columnGroup": "String",
+ "contentApprovalStatus": {"@odata.type": "microsoft.graph.contentApprovalStatusColumn"},
+ "currency": {"@odata.type": "microsoft.graph.currencyColumn"},
+ "dateTime": {"@odata.type": "microsoft.graph.dateTimeColumn"},
+ "defaultValue": {"@odata.type": "microsoft.graph.defaultColumnValue"},
+ "description": "String",
+ "displayName": "String",
+ "enforceUniqueValues": "Boolean",
+ "geolocation": {"@odata.type": "microsoft.graph.geolocationColumn"},
+ "hidden": "Boolean",
+ "hyperlinkOrPicture": {"@odata.type": "microsoft.graph.hyperlinkOrPictureColumn"},
+ "id": "String (identifier)",
+ "indexed": "Boolean",
+ "isDeletable": "Boolean",
+ "isReorderable": "Boolean",
+ "isSealed": "Boolean",
+ "lookup": {"@odata.type": "microsoft.graph.lookupColumn"},
"name": "staticNameForApi",
- "readOnly": false,
- "required": false,
- "boolean": { "@odata.type": "microsoft.graph.booleanColumn" },
- "calculated": { "@odata.type": "microsoft.graph.calculatedColumn" },
- "choice": { "@odata.type": "microsoft.graph.choiceColumn" },
- "currency": { "@odata.type": "microsoft.graph.currencyColumn" },
- "dateTime": { "@odata.type": "microsoft.graph.dateTimeColumn" },
- "defaultValue": { "@odata.type": "microsoft.graph.defaultColumnValue" },
- "geolocation": { "@odata.type": "microsoft.graph.geolocationColumn" },
- "lookup": { "@odata.type": "microsoft.graph.lookupColumn" },
- "number": { "@odata.type": "microsoft.graph.numberColumn" },
- "personOrGroup": { "@odata.type": "microsoft.graph.personOrGroupColumn" },
- "text": { "@odata.type": "microsoft.graph.textColumn" },
- "isDeletable" : false,
- "propagateChanges": false,
- "isReorderable": false,
- "isSealed": false,
- "validation": { "@odata.type": "microsoft.graph.columnValidation" },
- "hyperlinkOrPicture": { "@odata.type": "microsoft.graph.hyperlinkOrPictureColumn" },
- "term": { "@odata.type": "microsoft.graph.termColumn" },
- "sourceContentType": { "@odata.type": "microsoft.graph.contentTypeInfo" },
- "thumbnail": { "@odata.type": "microsoft.graph.thumbnailColumn" },
- "type": { "@odata.type": "microsoft.graph.columnTypes" },
- "contentApprovalStatus": { "@odata.type": "microsoft.graph.contentApprovalStatusColumn" }
+ "number": {"@odata.type": "microsoft.graph.numberColumn"},
+ "personOrGroup": {"@odata.type": "microsoft.graph.personOrGroupColumn"},
+ "propagateChanges": "Boolean",
+ "readOnly": "Boolean",
+ "required": "Boolean",
+ "sourceContentType": {"@odata.type": "microsoft.graph.contentTypeInfo"},
+ "term": {"@odata.type": "microsoft.graph.termColumn"},
+ "text": {"@odata.type": "microsoft.graph.textColumn"},
+ "thumbnail": {"@odata.type": "microsoft.graph.thumbnailColumn"},
+ "type": {"@odata.type": "microsoft.graph.columnTypes"},
+ "validation": {"@odata.type": "microsoft.graph.columnValidation"}
} ```
-## Remarks
-
-ColumnDefinitions and field values for `hidden` columns are not shown by default.
-To see them when listing **columnDefinitions**, include `hidden` in your `$select` statement.
-To see them when showing **field** values on [listItems][listItem], include the desired columns by name in your `$select` statement.
- [booleanColumn]: booleancolumn.md [calculatedColumn]: calculatedcolumn.md [choiceColumn]: choicecolumn.md
v1.0 Conditionalaccessrulesatisfied https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/conditionalaccessrulesatisfied.md
ms.prod: "identity-and-access-reports"
doc_type: resourcePageType
-# conditionalAccessRulesSatisfied resource type
+# conditionalAccessRuleSatisfied resource type
Namespace: microsoft.graph
v1.0 Conditionalaccessusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/conditionalaccessusers.md
Represents users, groups, and roles included in and excluded from the policy sco
| Property | Type | Description | |:-|:|:|
-| includeUsers | String collection | User IDs in scope of policy unless explicitly excluded, or `None` or `All` or `GuestsOrExternalUsers`. |
-| excludeUsers | String collection | User IDs excluded from scope of policy and/or `GuestsOrExternalUsers`. |
-| includeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users included in the policy scope. Optionally populated. |
-| excludeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users excluded in the policy scope. Optionally populated. |
-| includeGroups | String collection | Group IDs in scope of policy unless explicitly excluded, or `All`. |
| excludeGroups | String collection | Group IDs excluded from scope of policy. |
-| includeRoles | String collection | Role IDs in scope of policy unless explicitly excluded, or `All`. |
+| excludeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users excluded in the policy scope. Optionally populated. |
| excludeRoles | String collection | Role IDs excluded from scope of policy. |
+| excludeUsers | String collection | User IDs excluded from scope of policy and/or `GuestsOrExternalUsers`. |
+| includeGroups | String collection | Group IDs in scope of policy unless explicitly excluded. |
+| includeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users included in the policy scope. Optionally populated. |
+| includeRoles | String collection | Role IDs in scope of policy unless explicitly excluded. |
+| includeUsers | String collection | User IDs in scope of policy unless explicitly excluded, `None`, `All`, or `GuestsOrExternalUsers`. |
## Relationships
v1.0 Customcalloutextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customcalloutextension.md
Title: "customCalloutExtension resource type" description: "An abstract type that defines the configuration for logic apps that can be integrated with the customer's entitlement management use cases to implement broader governance workflows. This abstract type is inherited by the customAccessPackageWorkflowExtension resource type"-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
This abstract type is inherited by:
- [customAccessPackageWorkflowExtension](customaccesspackageworkflowextension.md) - [customTaskExtension](../resources/identitygovernance-customtaskextension.md)
+- [accessPackageAssignmentRequestWorkflowExtension](accesspackageassignmentrequestworkflowextension.md)
+- [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)
Inherits from [entity](entity.md).
v1.0 Customextensionauthenticationconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionauthenticationconfiguration.md
Title: "customExtensionAuthenticationConfiguration resource type" description: "Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the customCalloutExtension abstract type"-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the [customCalloutExtension](customcalloutextension.md) abstract type. This abstract type is inherited by the [azureAdTokenAuthentication](../resources/azureadtokenauthentication.md) resource type.
+Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the [customCalloutExtension](customcalloutextension.md) abstract type.
+
+This abstract type is inherited by the following resource types:
+- [azureAdTokenAuthentication](../resources/azureadtokenauthentication.md)
+- [azureAdPopTokenAuthentication](../resources/azureAdPopTokenAuthentication.md)
+
+The type of token authentication used depends on the token security. If the token security value is normal, you will use the [azureAdTokenAuthentication](../resources/azureadtokenauthentication.md) resource type. If the value is Proof of Possession, you will use the [azureAdPopTokenAuthentication](../resources/azureAdPopTokenAuthentication.md) resource type.
## Properties
The following is a JSON representation of the resource.
``` json {
- "@odata.type": "#microsoft.graph.customExtensionAuthenticationConfiguration "
+ "@odata.type": "#microsoft.graph.customExtensionAuthenticationConfiguration"
}
-```
+```
v1.0 Customextensioncallbackconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensioncallbackconfiguration.md
Title: "customExtensionCallbackConfiguration resource type"
-description: "The callback configuration for a custom task extension that's linked to an Azure Logic App."
-
+description: "Callback settings that define how long Azure AD can wait for a resume signal for the callout that it made to the logic app."
+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-This is an abstract type describing the callback configuration of a [custom callout extension](../resources/customcalloutextension.md).
-This abstract type is inherited by:
-+ [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md)
+Callback settings that define how long Azure AD can wait for a resume signal for the callout that it made to the logic app. This is an abstract type that's inherited by [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md).
## Properties |Property|Type|Description| |:|:|:|
-|timeoutDuration|Duration|Callback time out in ISO 8601 time duration. Accepted time durations are between five minutes to three hours. For example, PT5M for five minutes and PT3H for three hours.|
+|timeoutDuration|Duration|The maximum duration in ISO 8601 format that Azure AD will wait for a resume action for the callout it sent to the logic app. The valid range for custom extensions in lifecycle workflows is five minutes to three hours. The valid range for custom extensions in entitlement management is between 5 minutes and 14 days. For example, `PT3H` refers to three hours, `P3D` refers to three days, `PT10M` refers to ten minutes.|
-## Relationships
+## Relationships
None. ## JSON representation- The following is a JSON representation of the resource. <!-- { "blockType": "resource",
The following is a JSON representation of the resource.
"timeoutDuration": "String (duration)" } ```+
v1.0 Customextensioncalloutinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensioncalloutinstance.md
+
+ Title: "customExtensionCalloutInstance resource type"
+description: "Defines the calls that were made by an instance of a custom extension callout."
+
+ms.localizationpriority: medium
++
+# customExtensionCalloutInstance resource type
+
+Namespace: microsoft.graph
++
+Defines the calls that were made by an instance of a custom extension callout.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|customExtensionId|String|Identification of the custom extension that was triggered at this instance.|
+|detail|String|Details provided by the logic app during the callback of the request instance.|
+|externalCorrelationId|String|The unique run identifier for the logic app.|
+|id|String|Unique identifier for the callout instance. Read-only.|
+|status|customExtensionCalloutInstanceStatus| The status of the request to the custom extension. The possible values are: `calloutSent`, `callbackReceived`, `calloutFailed`, `callbackTimedOut`, `waitingForCallback`, `unknownFutureValue`.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.customExtensionCalloutInstance"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionCalloutInstance",
+ "id": "String (identifier)",
+ "customExtensionId": "String",
+ "externalCorrelationId": "String",
+ "detail": "String",
+ "status": "String"
+}
+```
+
v1.0 Customextensiondata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensiondata.md
Title: "customExtensionData resource type" description: "An abstract type noting the data being sent and received as part of extensibility scenarios based on custom callout extensions"-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] This is an abstract type noting the data being sent and received as part of extensibility scenarios based on [custom callout extensions](../resources/customcalloutextension.md). The following types are derived from this abstract type:
-+ [customTaskExtensionCalloutData](../resources/identitygovernance-customtaskextensioncalloutdata.md)
-+ [customTaskExtensionCallbackData](../resources/identitygovernance-customtaskextensioncallbackdata.md)
+- [accessPackageAssignmentRequestCallbackData](../resources/accesspackageassignmentrequestcallbackdata.md)
+- [customTaskExtensionCalloutData](../resources/identitygovernance-customtaskextensioncalloutdata.md)
+- [customTaskExtensionCallbackData](../resources/identitygovernance-customtaskextensioncallbackdata.md)
## Properties- None. ## Relationships- None. ## JSON representation- The following is a JSON representation of the resource. <!-- { "blockType": "resource",
v1.0 Customextensionstagesetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionstagesetting.md
+
+ Title: "customExtensionStageSetting resource type"
+description: "Defines when to execute an access package custom workflow extension."
+
+ms.localizationpriority: medium
++
+# customExtensionStageSetting resource type
+
+Namespace: microsoft.graph
++
+Defines when to execute a [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.
++
+Inherits from [entity](../resources/entity.md).
+
+To read the **customExtensionStageSettings** objects on a policy, append `?$expand=customExtensionStageSettings` to a [GET accessPackageAssignmentPolicy](../api/accesspackageassignmentpolicy-get.md) request. For example, `GET https://graph.microsoft.com/bet#example-2-retrieve-the-custom-extension-handlers-for-a-policy).
+
+To delete the **customExtensionStageSettings** objects from a policy, call the [Update accessPackageAssignmentPolicy](../api/accesspackageassignmentpolicy-update.md) and specify the customExtensionHandlers property as an empty collection. For more details, see [Example 2: Remove the customExtensionStageSettings from a policy](../api/accesspackageassignmentpolicy-update.md#example-3-remove-the-customextensionstagesettings-from-a-policy).
+
+## Methods
+None
++
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String| Identifier of the stage. Inherited from [entity](../resources/entity.md).|
+|stage|accessPackageCustomExtensionStage|Indicates the stage of the access package assignment request workflow when the access package custom extension runs. The possible values are: `assignmentRequestCreated`, `assignmentRequestApproved`, `assignmentRequestGranted`, `assignmentRequestRemoved`, `assignmentFourteenDaysBeforeExpiration`, `assignmentOneDayBeforeExpiration`, `unknownFutureValue`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|customExtension|[customCalloutExtension](../resources/customcalloutextension.md)|Indicates the custom workflow extension that will be executed at this stage. Nullable. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.customExtensionStageSetting",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionStageSetting",
+ "id": "String (identifier)",
+ "stage": "String"
+}
+```
+
v1.0 Defaultuserrolepermissions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/defaultuserrolepermissions.md
Contains certains customizable permissions of default user role in Azure AD.
| allowedToCreateSecurityGroups | Boolean | Indicates whether the default user role can create security groups. | | allowedToReadBitlockerKeysForOwnedDevice | Boolean | Indicates whether the registered owners of a device can read their own BitLocker recovery keys with default user role. | | allowedToReadOtherUsers | Boolean | Indicates whether the default user role can read other users. |
+| allowedToCreateTenants | Boolean | Indicates whether the default user role can create tenants. |
## Relationships
The following is a JSON representation of the resource.
"allowedToCreateApps": true, "allowedToCreateSecurityGroups": true, "allowedToReadBitlockerKeysForOwnedDevice": true,
- "allowedToReadOtherUsers": true
+ "allowedToReadOtherUsers": true,
+ "allowedToCreateTenants": true
} ```
v1.0 Directory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/directory.md
Inherits from [entity](entity.md).
| deleteditems | [directoryObject](directoryobject.md) collection | Recently deleted items. Read-only. Nullable. | | featureRolloutPolicies | [featureRolloutPolicy](featurerolloutpolicy.md) collection | Nullable. | | federationConfigurations | [identityProviderBase](../resources/identityproviderbase.md) collection | Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol. |
+| inboundSharedUserProfiles | [inboundSharedUserProfile](inboundshareduserprofile.md) collection | A collection of external Azure AD users whose profile data has been shared with the Azure AD tenant. Nullable. |
| onPremisesSynchronization | [onPremisesDirectorySynchronization](../resources/onpremisesdirectorysynchronization.md) | A container for on-premises directory synchronization functionalities that are available for the organization. |
+| outboundSharedUserProfile | [outboundSharedUserProfile](outboundshareduserprofile.md) collection | A collection of Azure AD users whose profile data has been shared with an external Azure AD tenant. Nullable. |
| recommendations | [recommendation](../resources/recommendation.md) collection | List of recommended improvements to improve tenant posture. | ## JSON representation
v1.0 Dynamics Graph Reference https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/dynamics-graph-reference.md
Use the Azure AD v2.0 endpoint to authenticate Dynamics 365 Business Central API
## Common Dynamics 365 Business Central scenarios The Dynamics 365 Business Central API allows you to read and modify business data through apps that are connected and integrated through a single endpoint. Use the API to, for example, get access to [customer](../resources/dynamics-customer.md) and [vendor](../resources/dynamics-vendor.md) information, or [view overdue payments](../resources/dynamics-agedaccountspayable.md).
+## Environment
+To enable the Dynamics 365 Business Central API, you must ensure that the **Environment Name** in the Business Central Admin Center is **Production**.
+++ ## What's new Find out about the [latest new features and updates](/graph/whats-new-overview) for this API set.
v1.0 Emailauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/emailauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents this tenant's email OTP authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method. Email OTP may be used by the tenant's cloud-native users for self-service password reset, or by external users for authentication during invitation redemption and self-service sign-up for specific apps in user flows.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
Represents this tenant's email OTP authentication methods policy. Authentication
|Property|Type|Description| |:|:|:|
+|allowExternalIdToUseEmailOtp|externalEmailOtpState|Determines whether email OTP is usable by external users for authentication. Possible values are: `default`, `enabled`, `disabled`, `unknownFutureValue`. Tenants in the `default` state who did not use public preview will automatically have email OTP enabled beginning in October 2021.|
|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.| |id|String|The authentication method policy identifier. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).| |state|authenticationMethodState|Indicates whether this authentication method is enabled or not. Possible values are: `enabled`, `disabled`.|
-|allowExternalIdToUseEmailOtp|externalEmailOtpState|Determines whether email OTP is usable by external users for authentication. Possible values are: `default`, `enabled`, `disabled`, `unknownFutureValue`. Tenants in the `default` state who did not use public preview will automatically have email OTP enabled beginning in October 2021.|
## Relationships
The following is a JSON representation of the resource.
```json { "@odata.type": "#microsoft.graph.emailAuthenticationMethodConfiguration",
- "id": "String (identifier)",
- "state": "String",
- "excludeTargets": [
+ "allowExternalIdToUseEmailOtp": "String",
+ "excludeTargets": [
{ "@odata.type": "microsoft.graph.excludeTarget" } ],
- "allowExternalIdToUseEmailOtp": "String",
- "includeTargets": [ { "@odata.type": "microsoft.graph.authenticationMethodTarget" } ]
+ "id": "String (identifier)",
+ "includeTargets": [ { "@odata.type": "microsoft.graph.authenticationMethodTarget" } ],
+ "state": "String"
}
-```
+```
v1.0 Emailsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/emailsettings.md
+
+ Title: "emailSettings resource type"
+description: "Defines the settings for emails sent using Lifecycle Workflows."
+
+ms.localizationpriority: medium
++
+# emailSettings resource type
+
+Namespace: microsoft.graph
++
+Defines the settings for emails sent from Lifecycle workflow [tasks](identitygovernance-task.md). Allows you to use a verified custom [domain](domain.md) and [organizationalBranding](organizationalbranding.md) with emails sent out via workflow tasks.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|senderDomain|String|Specifies the [domain](domain.md) that should be used when sending email notifications. This domain must be [verified](../api/domain-verify.md) in order to be used. We recommend that you use a domain that has the appropriate DNS records to facilitate email validation, like SPF, DKIM, DMARC, and MX, because this then complies with the [RFC compliance](https://www.ietf.org/rfc/rfc2142.txt) for sending and receiving email. For details, see [Learn more about Exchange Online Email Routing](/exchange/mail-flow-best-practices/mail-flow-best-practices).|
+|useCompanyBranding|Boolean|Specifies if the organizationΓÇÖs banner logo should be included in email notifications. The banner logo will replace the Microsoft logo at the top of the email notification. If `true` the banner logo will be taken from the tenantΓÇÖs [branding settings](organizationalbranding.md). This value can only be set to `true` if the [organizationalBranding](organizationalbranding.md) **bannerLogo** property is set. |
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.emailSettings"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.emailSettings",
+ "senderDomain": "String",
+ "useCompanyBranding": "Boolean"
+}
+```
v1.0 Enums Security https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/enums-security.md
Namespace: microsoft.graph.security
+### contentFormat values
+
+|Member|
+|:|
+|text|
+|html|
+|markdown|
+|unknownFutureValue|
+ ### detectionStatus values | Member
Namespace: microsoft.graph.security
|notAvaliable| |unknownFutureValue|
+### hostReputationClassification values
+
+|Member|
+|:|
+|unknown|
+|neutral|
+|suspicious|
+|malicious|
+|unknownFutureValue|
+
+### hostReputationRuleSeverity values
+
+|Member|
+|:|
+|unknown|
+|low|
+|medium|
+|high|
+|unknownFutureValue|
+
+### indicatorSource values
+
+|Member|
+|:|
+|microsoftDefenderThreatIntelligence|
+|openSourceIntelligence|
+|public|
+|unknownFutureValue|
+
+### intelligenceProfileKind values
+
+|Member|
+|:|
+|actor|
+|tool|
+|unknownFutureValue|
+ ### queryType values
Namespace: microsoft.graph.security
|dateOfEvent| |unknownFutureValue|
+### vulnerabilitySeverity values
+
+|Member|
+|:|
+|none|
+|low|
+|medium|
+|high|
+|critical|
+|unknownFutureValue|
<!-- {
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/enums.md
Namespace: microsoft.graph
+### usqState values
+
+| Member |
+|:-|
+| norma. |
+| nearing |
+| critical |
+| full |
+| overLimit |
+ ### userPurpose values | Member |
Namespace: microsoft.graph
|requestReceived| |unknownFutureValue|
+### customExtensionCalloutInstanceStatus values
+
+|Member|
+|:|
+|calloutSent|
+|callbackReceived|
+|calloutFailed|
+|callbackTimedOut|
+|waitingForCallback|
+|unknownFutureValue|
+ ### accessPackageCustomExtensionStage values |Member|
Namespace: microsoft.graph
|disabled| |unknownFutureValue|
+### msiType values
+
+|Member|
+|:|
+|none|
+|userAssigned|
+|systemAssigned|
+|unknownFutureValue|
+ ### multiFactorAuthConfiguration values | Member | Value | Description |
Possible values for user account types (group membership), per Windows definitio
|premigration| |migrationInProgress| |migrationComplete|
+|unknownFutureValue|
### authenticationEventType values
v1.0 Externalconnectors Urltoitemresolverbase https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-urltoitemresolverbase.md
Namespace: microsoft.graph.externalConnectors
Defines the rules for resolving a URL to the ID of an [externalItem](externalconnectors-externalitem.md).
-This is an abstract type.
+This is an abstract base type of [itemIdResolver](externalconnectors-itemidresolver.md)..
## Properties |Property|Type|Description|
v1.0 Fido2authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/fido2authenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a FIDO2 authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration", "id": "String (identifier)", "state": "String",
- "excludeTargets": [
+ "excludeTargets": [
{ "@odata.type": "microsoft.graph.excludeTarget" }
v1.0 Groups Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/groups-overview.md
To learn more about Microsoft 365 groups and the administrator experiences, see
**Security groups** are for controlling user access to resources. By checking whether a user is a member of a security group, your app can make authorization decisions when that user is trying to access some secure resources in your app. Security groups can have users, other security groups, devices, and service principals as members.
-**Mail-enabled security groups** are used in the same way as security groups, but with the added feature of a shared mailbox. Mail-enabled security groups can't be created or updated through the API; instead, they're read-only. Learn more in the [Manage mail-enabled security groups Exchange article](/Exchange/recipients/mail-enabled-security-groups).
+**Mail-enabled security groups** are used in the same way as security groups, but can be used to send emails to group members. Mail-enabled security groups can't be created or updated through the API; instead, they're read-only. Learn more in the [Manage mail-enabled security groups Exchange article](/Exchange/recipients/mail-enabled-security-groups).
The following JSON object shows a sample representation of a group when you call the Microsoft Graph groups API.
v1.0 Hashes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/hashes.md
Here is a JSON representation of the resource.
## See also - For more information about the facets on a DriveItem, see [DriveItem](driveitem.md).-- To calculate **quickXorHash** for a file, refer to the [QuickXorHash snippet](https://dev.onedrive.com/snippets/quickxorhash.htm).
+- To calculate **quickXorHash** for a file, refer to the [QuickXorHash snippet](/onedrive/developer/code-snippets/quickxorhash).
<!--
v1.0 Identitygovernance Customtaskextensioncallbackconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-customtaskextensioncallbackconfiguration.md
Namespace: microsoft.graph.identityGovernance
Defines if, and in, which time span a callback is expected from the Azure Logic App.
-Inherits from [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md).
+Inherits from [customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md).
## Properties |Property|Type|Description| |:|:|:|
-|timeoutDuration|Duration| Callback time out in ISO 8601 time duration. Accepted time durations are between five minutes to three hours. For example, PT5M for five minutes and PT3H for three hours. Inherited from [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md).|
+|timeoutDuration|Duration| Callback time out in ISO 8601 time duration. Accepted time durations are between five minutes to three hours. For example, PT5M for five minutes and PT3H for three hours. Inherited from [customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md).|
+|authorizedApps|microsoft.graph.application collection| A collection of unique identifiers or **appIds** of the applications that are allowed to [resume](../api/identitygovernance-taskprocessingresult-resume.md) a task processing result.|
+ ## Relationships
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration"
+ "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration",
+ "baseType": "microsoft.graph.customExtensionCallbackConfiguration"
} --> ``` json { "@odata.type": "#microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration",
- "timeoutDuration": "String (duration)"
+ "timeoutDuration": "String (duration)",
+ "authorizedApps":[
+ {
+ "@odata.type": "microsoft.graph.application"
+ }
+]
} ```
v1.0 Identitygovernance Customtaskextensioncallbackdata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-customtaskextensioncallbackdata.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackData"
+ "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackData",
+ "baseType": "microsoft.graph.customExtensionData"
} --> ``` json
v1.0 Identitygovernance Customtaskextensioncalloutdata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-customtaskextensioncalloutdata.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCalloutData"
+ "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCalloutData",
+ "baseType": "microsoft.graph.customExtensionData"
} --> ``` json
v1.0 Identitygovernance Lifecyclemanagementsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecyclemanagementsettings.md
The settings of Azure AD Lifecycle Workflows in the tenant.
|:|:|:| |id|String|Identifier used for individually addressing Lifecycle Workflow settings.| |workflowScheduleIntervalInHours|Int32|The interval in hours at which all [workflows](../resources/identitygovernance-workflow.md) running in the tenant should be scheduled for execution. This interval has a minimum value of 1 and a maximum value of 24. The default value is 3 hours. |
+|emailSettings|[microsoft.graph.emailSettings](../resources/emailsettings.md)|Defines the settings for emails sent out from email-specific [tasks](../resources/identitygovernance-task.md) within workflows. Accepts 2 parameters<br><br>senderDomain- Defines the domain of who is sending the email. <br>useCompanyBranding- A boolean value that defines if company branding is to be used with the email.|
## Relationships
The following is a JSON representation of the resource.
--> ``` json {
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/settings/$entity",
- "workflowScheduleIntervalInHours": 1
+ "@odata.type": "#microsoft.graph.identityGovernance.lifecycleManagementSettings",
+ "workflowScheduleIntervalInHours": "Integer",
+ "emailSettings": {
+ "@odata.type": "microsoft.graph.emailSettings"
+ }
} ```
v1.0 Identitygovernance Lifecycleworkflows Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecycleworkflows-overview.md
Each workflow contains general descriptive information such as it's identifier,
Workflow tasks are specific actions that run automatically when a workflow is triggered. Lifecycle Workflows defines the following preconfigured and read-only tasks that are allowed for the specified workflow categories. These task definitions show the settings for the task type, guiding you as you create tasks for your workflow.
-<!-- Comment out CRR until we can resolve the links problem
->- [!INCLUDE [lifecycle-workflows-tasks-table](../includes/identitygovernance-lifecycleworkflows-tasks-table.md)] Use the [taskDefinition resource type](identitygovernance-taskdefinition.md) and its associated methods to discover all the predefined tasks that you can configure for your workflow and the settings for the properties The [task](identitygovernance-task.md) resource type and its associated GET methods allow you to view the tasks that are configured for your workflow.
Each tenant defines a tenant-wide [schedule](identitygovernance-lifecyclemanagem
## License checks
-The Lifecycle Workflows feature, including the API, is included in the Azure AD Premium P2 license. The tenant where Lifecycle Workflows are being created must have a valid purchased, or trial, Azure AD Premium P2 or EMS E5 subscription. For more information about the license requirements, see [Lifecycle Workflows license requirements](/azure/active-directory/governance/lifecycle-workflows-deployment#licenses).
+To preview the Lifecycle Workflows feature, you must have an Azure AD Premium P2 license in your tenant. The tenant where Lifecycle Workflows are being created must have a valid purchased, or trial, Azure AD Premium P2 license. For more information about the license requirements, see: [Lifecycle Workflows license requirements](/azure/active-directory/governance/lifecycle-workflows-deployment#licenses).
## Role and application permission authorization checks
The following [Azure AD roles](/azure/active-directory/roles/permissions-referen
| Operation | Application permissions | Required directory role of the calling user | |:|:|:--|
-| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All | Global Admin, Global Reader or Lifecycle Workflows Administrator |
-| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Global Administrator or Lifecycle Workflows Administrator |
+| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All |Global Reader or Lifecycle Workflows Administrator |
+| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Lifecycle Workflows Administrator |
## See also
v1.0 Identitygovernance Lifecycleworkflows Reporting Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecycleworkflows-reporting-overview.md
The following [Azure AD roles](/azure/active-directory/roles/permissions-referen
| Operation | Application permissions | Required directory role of the calling user | |:|:|:--|
-| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All | Global Admin, Global Reader or Lifecycle Workflows Administrator |
-| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Global Administrator or Lifecycle Workflows Administrator |
+| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All |Global Reader or Lifecycle Workflows Administrator |
+| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Lifecycle Workflows Administrator |
## See also
v1.0 Identitygovernance Lifecycleworkflowscontainer https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecycleworkflowscontainer.md
The following is a JSON representation of the resource.
"id": "String (identifier)" } ```+
v1.0 Identitygovernance Ondemandexecutiononly https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-ondemandexecutiononly.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.onDemandExecutionOnly"
+ "@odata.type": "microsoft.graph.identityGovernance.onDemandExecutionOnly",
+ "baseType": "microsoft.graph.identityGovernance.workflowExecutionConditions"
} --> ``` json
v1.0 Identitygovernance Rulebasedsubjectset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-rulebasedsubjectset.md
Inherits from [subjectSet](../resources/subjectset.md).
### Supported user properties and query parameters
-Lifecycle Workflows supports the following [user properties](user.md#properties) for configuring the rules that are in the scope of an execution condition. You can use the `$filter` OData query parameter with either the `eq`, `ne`, `in`, or `startsWith` operators. You can also combine the filter expressions using one of the following conjunction and disjunction operators:
+Lifecycle Workflows supports the following user properties for configuring the rules that are in the scope of an execution condition. You can use the `$filter` OData query parameter with either the `eq`, `ne`, `in`, or `startsWith` operators. You can also combine the filter expressions using one of the following conjunction and disjunction operators:
+ `and` + `or` + `and` and `not`
You can also configure rules using [Directory (Azure AD) extensions](/graph/exte
| Example rule | Description | ||--| | `"rule": "(department eq 'Marketing')"` | Run the workflow for users in the "Marketing" department. |
-| `"rule": "(department ne 'Marketing')"` | Run the workflow for users not the "Marketing" department. |
-| `"rule": "(department in ('Marketing'))"` | Run the workflow for users not the "Marketing" department. |
+| `"rule": "(department ne 'Marketing')"` | Run the workflow for users not in the "Marketing" department. |
+| `"rule": "(department in ('Marketing'))"` | Run the workflow for users in the "Marketing" department. |
| `"rule": "(accountEnabled eq true)"` | Run the workflow for users whose account is enabled. | | `"rule": "(employeeOrgData/costCenter eq '100')"` | Run the workflow for users whose costCenter is `100`. | | `"rule": "(otherMails/any(p:startsWith(p, 'Av')))"` | Run the workflow for users whose **otherMails** starts with `Av`. |
v1.0 Identitygovernance Run https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-run.md
Inherits from [entity](../resources/entity.md).
|[List runs](../api/identitygovernance-workflow-list-runs.md)|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md) collection|Get a list of the [run](../resources/identitygovernance-run.md) objects and their properties.| |[Get run](../api/identitygovernance-run-get.md)|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md)|Read the properties and relationships of a [run](../resources/identitygovernance-run.md) object.| |[summary](../api/identitygovernance-run-summary.md)|[microsoft.graph.identityGovernance.runSummary](../resources/identitygovernance-runsummary.md)|Get a summary of workflows runs.|
-|[List user processing results](../api/identitygovernance-run-summary.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|Get a list of user processing results of a run.|
-|[Get user processing result](../api/identitygovernance-run-summary.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md)|Get a user processing result of a run|
|[List task processing results of a run](../api/identitygovernance-run-list-taskprocessingresults.md)|[microsoft.graph.identityGovernance.taskReportSummary](../resources/identitygovernance-taskprocessingresult.md)|List task processing results from a run.| ## Properties
Inherits from [entity](../resources/entity.md).
|completedDateTime|DateTimeOffset|The date time that the run completed. Value is `null` if the workflow hasn't completed.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |failedTasksCount|Int32|The number of tasks that failed in the run execution.| |failedUsersCount|Int32|The number of users that failed in the run execution.|
+|id|String|A unique identifier for the workflow run.|
|lastUpdatedDateTime|DateTimeOffset|The datetime that the run was last updated.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.|
-|processingStatus|String|The run execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|processingStatus|microsoft.graph.identityGovernance.lifecycleWorkflowProcessingStatus|The run execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
|startedDateTime|DateTimeOffset|The date time that the run execution started.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |scheduledDateTime|DateTimeOffset|The date time that the run is scheduled to be executed for a workflow.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |successfulUsersCount|Int32|The number of successfully completed users in the run.| |totalUsersCount|Int32|The total number of users in the workflow execution.|
+|totalTasksCounts|Int32|The total number of tasks in the run execution.|
|totalUnprocessedTasksCount|Int32|The total number of unprocessed tasks in the run execution.|
-|workflowExecutionType|String|The execution type of the workflows associated with the run. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|workflowExecutionType|microsoft.graph.identityGovernance.workflowExecutionType|The execution type of the workflows associated with the run. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
## Relationships
The following is a JSON representation of the resource.
"blockType": "resource", "keyProperty": "id", "@odata.type": "microsoft.graph.identityGovernance.run",
- "baseType": "microsoft.graph.entity",
"openType": false } -->
The following is a JSON representation of the resource.
"startedDateTime": "String (timestamp)", "scheduledDateTime": "String (timestamp)", "successfulUsersCount": "Integer",
+ "totalTasksCounts": "Integer",
"totalUsersCount": "Integer", "totalUnprocessedTasksCount": "Integer", "workflowExecutionType": "String"
v1.0 Identitygovernance Runsummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-runsummary.md
A summary of runs for a specified time period. This summary allows the administr
|failedTasks|Int32|The number of failed tasks of a workflow.| |successfulRuns|Int32|The number of successful workflow runs.| |totalRuns|Int32|The total number of runs for a workflow.|
+|totalTasks|Int32|The total number of tasks processed by a workflow.|
+|totalUsers|Int32|The total number of users processed by a workflow.|
## Relationships
The following is a JSON representation of the resource.
"failedRuns": "Integer", "failedTasks": "Integer", "successfulRuns": "Integer",
- "totalRuns": "Integer"
+ "totalRuns": "Integer",
+ "totalTasks": "Integer",
+ "totalUsers": "Integer"
} ```
v1.0 Identitygovernance Task https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-task.md
Inherits from [entity](../resources/entity.md).
|taskDefinitionId|String|A unique template identifier for the task. For more information about the tasks that Lifecycle Workflows currently supports and their unique identifiers, see [supported tasks](../resources/identitygovernance-task.md#supported-tasks). Required.<br><br>Supports `$filter`(`eq`, `ne`).| ### Supported tasks
-<!-- Comment out CRR until we can resolve the links problem
-> [!INCLUDE [lifecycle-workflows-tasks-table](../includes/identitygovernance-lifecycleworkflows-tasks-table.md)]
v1.0 Identitygovernance Taskdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-taskdefinition.md
Inherits from [entity](../resources/entity.md).
|Property|Type|Description| |:|:|:|
-|category|microsoft.graph.identityGovernance.lifecycleTaskCategory|The category of the HR function that the tasks created using this definition can be used with. The possible values are: `joiner`, `leaver`. This is a multi-valued enumeration whose allowed combinations are `joiner`, `joiner,leaver`, or `leaver`.<br><br>Supports `$filter`(`eq`, `ne`, `has`) and `$orderby`. |
+|category|microsoft.graph.identityGovernance.lifecycleTaskCategory|The category of the HR function that the tasks created using this definition can be used with. The possible values are: `joiner`, `leaver`, `unknownFutureValue`. This is a multi-valued enumeration whose allowed combinations are `joiner`, `joiner,leaver`, or `leaver`.<br><br>Supports `$filter`(`eq`, `ne`, `has`) and `$orderby`. |
+|ContinueOnError|Boolean|Defines if the workflow will continue if the task has an error.|
|description|String|The description of the taskDefinition.| |displayName|String|The display name of the taskDefinition.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.| |id|String|The unique identifier for the taskDefinition. Inherited from [entity](../resources/entity.md).|
v1.0 Identitygovernance Timebasedattributetrigger https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-timebasedattributetrigger.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.timeBasedAttributeTrigger"
+ "@odata.type": "microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
+ "baseType": "microsoft.graph.identityGovernance.workflowExecutionTrigger"
} --> ``` json
v1.0 Identitygovernance Userprocessingresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-userprocessingresult.md
Inherits from [entity](../resources/entity.md).
|Method|Return type|Description| |:|:|:| |[List userProcessingResults](../api/identitygovernance-workflow-list-userprocessingresults.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|Get a list of the [userProcessingResult](../resources/identitygovernance-userprocessingresult.md) objects and their properties.|
+|[Get userProcessingResult](../api/identitygovernance-userprocessingresult-get.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md)|Get a user processing result.|
|[summary](../api/identitygovernance-userprocessingresult-summary.md)|[microsoft.graph.identityGovernance.userSummary](../resources/identitygovernance-usersummary.md)|Provides a summary of user processing results for a specified time period.|
-|[List taskProcessingResults](../api/identitygovernance-userprocessingresult-list-taskprocessingresults.md)|[microsoft.graph.identityGovernance.taskReport](../resources/identitygovernance-taskprocessingresult.md) collection|Get a list of the [taskProcessingResult](../resources/identitygovernance-taskprocessingresult.md) objects and their properties.|
+|[List taskProcessingResults for a userProcessingResult](../api/identitygovernance-userprocessingresult-list-taskprocessingresults.md)|[microsoft.graph.identityGovernance.taskReport](../resources/identitygovernance-taskprocessingresult.md) collection|Get a list of the [taskProcessingResult](../resources/identitygovernance-taskprocessingresult.md) objects and their properties.|
## Properties
Inherits from [entity](../resources/entity.md).
|:|:|:| |completedDateTime|DateTimeOffset|The date time that the workflow execution for a user completed. Value is null if the workflow hasn't completed.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |failedTasksCount|Int32|The number of tasks that failed in the workflow execution.|
-|id|String|Identifier used for individually addressing a specific user processing result. Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
-|processingStatus|String|The workflow execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|id|String|Identifier used for individually addressing a specific user processing result.Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|processingStatus|microsoft.graph.identityGovernance.lifecycleWorkflowProcessingStatus|The workflow execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
|scheduledDateTime|DateTimeOffset|The date time that the workflow is scheduled to be executed for a user.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |startedDateTime|DateTimeOffset|The date time that the workflow execution started. Value is `null` if the workflow execution has not started.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |totalTasksCount|Int32|The total number of tasks that in the workflow execution.| |totalUnprocessedTasksCount|Int32|The total number of unprocessed tasks for the workflow.|
-|workflowExecutionType|String|Describes the execution type of the workflow. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.|
+|workflowExecutionType|microsoft.graph.identityGovernance.workflowExecutionType|Describes the execution type of the workflow. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.|
|workflowVersion|Int32|The version of the workflow that was executed.| ## Relationships
v1.0 Identitygovernance Workflowbase https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-workflowbase.md
None.
|:|:|:| |createdBy|[user](../resources/user.md)|The user who created the workflow.| |lastModifiedBy|[user](../resources/user.md)|The user who last modified the workflow.|
-|runs|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md) collection|A history of every time a workflow ran.|
|tasks|[microsoft.graph.identityGovernance.task](../resources/identitygovernance-task.md) collection|The tasks in the workflow.|
-|userProcessingResults|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|The results of a user processed by the workflow.|
## JSON representation
v1.0 Identitygovernance Workflowtemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-workflowtemplate.md
Inherits from [entity](../resources/entity.md).
|description|String|The description of the `workflowTemplate`.| |displayName|String|The display name of the `workflowTemplate`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.| |executionConditions|[microsoft.graph.identityGovernance.workflowExecutionConditions](../resources/identitygovernance-workflowexecutionconditions.md)|Conditions describing when to execute the workflow and the criteria to identify in-scope subject set.|
-|id|String|The unique identifier for the `workflowTemplate`. Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|id|String|The unique identifier for the `workflowTemplate`.Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
### Supported workflow templates
v1.0 Identitygovernance Workflowversion https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-workflowversion.md
Inherits from [workflowBase](../resources/identitygovernance-workflowbase.md).
|:|:|:| |createdBy|[user](../resources/user.md)|The user who created the workflow. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$expand`.| |lastModifiedBy|[user](../resources/user.md)|The user who last modified the workflow.<br><br>Supports `$filter`(`eq`, `ne`) and `$expand`.|
-|runs|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md) collection|A history of every time a workflow ran. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).|
|tasks|[microsoft.graph.identityGovernance.task](../resources/identitygovernance-task.md) collection|The tasks in the workflow. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).|
-|userProcessingResults|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|The results of a user processed by the workflow. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).|
## JSON representation
v1.0 Inboundshareduserprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/inboundshareduserprofile.md
+
+ Title: "inboundSharedUserProfile resource type"
+description: "Represents an Azure AD user from an external Azure AD tenant whose profile data is shared with the current tenant using B2B direct connect."
+
+ms.localizationpriority: medium
++
+# inboundSharedUserProfile resource type
+
+Namespace: microsoft.graph
++
+Represents an Azure AD user from an external Azure AD tenant whose profile data is shared with the current tenant using B2B direct connect.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get inboundSharedUserProfile](../api/inboundshareduserprofile-get.md)|[inboundSharedUserProfile](../resources/inboundshareduserprofile.md)|Read the properties of an inboundSharedUserProfile.|
+|[List inboundSharedUserProfile](../api/directory-list-inboundshareduserprofiles.md)|[inboundSharedUserProfile](../resources/inboundshareduserprofile.md) collection|Retrieve all inboundSharedUserProfiles in the directory.|
+|[Remove personal data](../api/inboundshareduserprofile-removepersonaldata.md)|None|Create a request to remove all personal data associated with the inboundSharedUserProfile from the directory.|
+|[Export personal data](../api/inboundshareduserprofile-exportpersonaldata.md)|None|Create a request to export all personal data associated with the inboundSharedUserProfile and stores it in the specified location. The storage location must be an Azure Storage Account.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+| displayName | String | The name displayed in the address book for teh user at the time when the sharing record was created. Read-only. |
+| homeTenantId | String | The home tenant id of the external user. Read-only. |
+| userId | String | The object id of the external user. Read-only. |
+| userPrincipalName | String | The user principal name (UPN) of the external user. Read-only. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "userId",
+ "@odata.type": "microsoft.graph.inboundSharedUserProfile",
+ "openType": false
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.inboundSharedUserProfile",
+ "userId": "String",
+ "userPrincipalName": "String",
+ "displayName": "String",
+ "homeTenantId": "String"
+}
+```
v1.0 Industrydata Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/industrydata-overview.md
The industry data API is defined in the OData subnamespace `microsoft.graph.indu
## Industry data API and education
-The industry data API powers the [Microsoft School Data Sync](https://sds.microsoft.com) (SDS) platform to help automate the process of importing data and synchronizing organizations, users and users associations, and groups <!-- with Azure Active Directory (Azure AD) and Office 365 --> from student information systems (SIS) and student management systems (SMS) into an organization's Azure Data Lake. After normalizing the data in Azure Data Lake, the API utilizes the data in multiple outbound flows, synchronizing data with [Insights for Education Leaders](https://support.microsoft.com/topic/leader-s-guide-to-education-insights-premium-8738d1b1-4e1c-49bd-9e8d-b5292474c347) and [Education Data Lake Export](/schooldatasync/enable-education-data-lake-export) for custom analytics scenarios.
+The industry data API powers the [Microsoft School Data Sync](https://sds.microsoft.com) (SDS) platform to help automate the process of importing data and synchronizing organizations, users and users associations, and groups <!-- with Azure Active Directory (Azure AD) and Office 365 --> from student information systems (SIS) and student management systems (SMS) into an organization's Azure Data Lake. After normalizing the data in Azure Data Lake <!-- the API utilizes the data in multiple outbound flows, --> SDS can synchronize the data with [Insights for Education Leaders](/schooldatasync/enable-sync-with-insights), for use with the Insights app in Teams for Education, and [Education Data Lake Export](/schooldatasync/enable-education-data-lake-export), for custom analytics scenarios.
![Illustration of the industry data ETL process](/graph/images/industrydata-overview.png)
You can integrate industry data APIs with third-party apps. For details about ho
| Use case | REST resource | See also | | :- | :- | :-- | | Create an activity to import a delimited data set | [inboundFileFlow](../resources/industrydata-inboundfileflow.md) | [inboundFileFlow methods](../resources/industrydata-inboundfileflow.md#methods) |
-| Create a connector to retrieve data from an Azure Data Lake | [azureDataLakeConnector](../resources/industrydata-azuredatalakeconnector.md) | [azureDataLakeConnector methods](../resources/industrydata-azuredatalakeconnector.md#methods) |
| Define a source of inbound data | [sourceSystemDefinition](../resources/industrydata-sourcesystemdefinition.md) | [sourceSystemDefinition methods](../resources/industrydata-sourcesystemdefinition.md#methods) |
+| Create a connector to post data to an Azure Data Lake (if CSV)| [azureDataLakeConnector](../resources/industrydata-azuredatalakeconnector.md) | [azureDataLakeConnector methods](../resources/industrydata-azuredatalakeconnector.md#methods) |
<!-- ## Concepts
v1.0 Intune Androidfotaservice Zebrafotadeployment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidfotaservice-zebrafotadeployment.md
Here is a JSON representation of the resource.
"deploymentStatus": { "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus", "state": "String",
+ "errorCode": "String",
"totalDevices": 1024, "totalCreated": 1024, "totalScheduled": 1024,
v1.0 Intune Androidfotaservice Zebrafotadeploymentstatus https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidfotaservice-zebrafotadeploymentstatus.md
Describes the status for a single FOTA deployment.
|Property|Type|Description| |:|:|:| |state|[zebraFotaDeploymentState](../resources/intune-androidfotaservice-zebrafotadeploymentstate.md)|See zebraFotaDeploymentState enum for possible values. Possible values are: `pendingCreation`, `createFailed`, `created`, `inProgress`, `completed`, `pendingCancel`, `canceled`, `unknownFutureValue`.|
+|errorCode|[zebraFotaErrorCode](../resources/intune-androidfotaservice-zebrafotaerrorcode.md)|An error code indicating the failure reason, when the deployment state is `createFailed`. Possible values: See zebraFotaErrorCode enum. Possible values are: `success`, `noDevicesFoundInSelectedAadGroups`, `noIntuneDevicesFoundInSelectedAadGroups`, `noZebraFotaEnrolledDevicesFoundForCurrentTenant`, `noZebraFotaEnrolledDevicesFoundInSelectedAadGroups`, `noZebraFotaDevicesFoundForSelectedDeviceModel`, `zebraFotaCreateDeploymentRequestFailure`, `unknownFutureValue`.|
|totalDevices|Int32|An integer that indicates the total number of devices in the deployment.| |totalCreated|Int32|An integer that indicates the total number of devices that have a job in the CREATED state. Typically indicates jobs that did not reach the devices. | |totalScheduled|Int32|An integer that indicates the total number of devices that received the json and are scheduled. |
Here is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.zebraFotaDeploymentStatus", "state": "String",
+ "errorCode": "String",
"totalDevices": 1024, "totalCreated": 1024, "totalScheduled": 1024,
v1.0 Intune Androidfotaservice Zebrafotaerrorcode https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidfotaservice-zebrafotaerrorcode.md
+
+ Title: "zebraFotaErrorCode enum type"
+description: "An error code indicating the failure reason, when the deployment state is createFailed. Possible values: See zebraFotaErrorCode enum."
+
+localization_priority: Normal
++
+# zebraFotaErrorCode enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+An error code indicating the failure reason, when the deployment state is createFailed. Possible values: See zebraFotaErrorCode enum.
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|success|0|Default error code indicating success (no error).|
+|noDevicesFoundInSelectedAadGroups|1|This error indicates that no devices were found in the selected Azure Active Directory (AAD) security group(s) when creating a deployment. E.g.: a user selects one or more security groups that doesn't include any devices|
+|noIntuneDevicesFoundInSelectedAadGroups|2|This error indicates that no Intune managed devices were found in the selected Azure Active Directory (AAD) security groups when creating a deployment. E.g.: a user selects a group that includes devices that are no longer managed in Intune.|
+|noZebraFotaEnrolledDevicesFoundForCurrentTenant|3|This error indicates that no Zebra FOTA enrolled devices were found for the current tenant when creating a deployment. E.g.: a user has not enrolled any devices in Zebra FOTA and attempts to create a deployment targeting only non-Zebra devices.|
+|noZebraFotaEnrolledDevicesFoundInSelectedAadGroups|4|This error indicates that no Zebra FOTA enrolled devices were found in the selected Azure Active Directory (AAD) Groups when creating a deployment. E.g.: a user has enrolled one or more devices in Zebra FOTA, but attempts to create a deployment targeting security groups that don't include any Zebra Devices.|
+|noZebraFotaDevicesFoundForSelectedDeviceModel|5|This error indicates that no Zebra FOTA devices were found that match the selected device model when creating a deployment. E.g.: a user selects `TC8300` device model, but no Zebra devices with the same device model were found in the targeted Azure Active Directory (AAD) security groups.|
+|zebraFotaCreateDeploymentRequestFailure|6|This error indicates that an external request to Zebra APIs failed when creating a deployment. The failure can be caused by a transient issue (e.g.: Network is down) or caused by a permanent server error.|
+|unknownFutureValue|7|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Apps Androidlobapp https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-androidlobapp.md
Inherits from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)
|fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |packageId|String|The package identifier.|
-|identityName|String|The Identity Name. This property is deprecated starting in February 2023 (Release 2302).|
+|identityName|String|The Identity Name. This property is being deprecated in 2302(February 2023).|
|minimumSupportedOperatingSystem|[androidMinimumOperatingSystem](../resources/intune-apps-androidminimumoperatingsystem.md)|The value for the minimum applicable operating system.| |versionName|String|The version name of Android Line of Business (LoB) app.| |versionCode|String|The version code of Android Line of Business (LoB) app.|
-|identityVersion|String|The identity version. This property is deprecated starting in February 2023 (Release 2302).|
+|identityVersion|String|The identity version. This property is being deprecated in 2302(February 2023).|
## Relationships |Relationship|Type|Description|
v1.0 Intune Apps Enterprisecodesigningcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-enterprisecodesigningcertificate.md
Not yet documented
|:|:|:| |id|String|The unique identifier of the certificate, assigned upon creation. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Read-only.| |content|Binary|The Windows Enterprise Code-Signing Certificate in the raw data format. Set to null once certificate has been uploaded and other properties have been populated.|
-|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
+|status|certificateStatus|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
|subjectName|String|The subject name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |subject|String|The subject value for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |issuerName|String|The issuer name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.|
v1.0 Intune Apps Macoslobapp https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-macoslobapp.md
Inherits from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)
|buildNumber|String|The build number of the package. This should match the package CFBundleShortVersionString of the .pkg file.| |versionNumber|String|The version number of the package. This should match the package CFBundleVersion in the packageinfo file.| |childApps|[macOSLobChildApp](../resources/intune-apps-macoslobchildapp.md) collection|List of ComplexType macOSLobChildApp objects. Represents the apps expected to be installed by the package.|
-|identityVersion|String|The identity version. This property is deprecated starting in 2211(November 2022).|
|md5HashChunkSize|Int32|The chunk size for MD5 hash. This is '0' or empty if the package was uploaded directly. If the Intune App Wrapping Tool is used to create a .intunemac, this value can be found inside the Detection.xml file.| |md5Hash|String collection|The MD5 hash codes. This is empty if the package was uploaded directly. If the Intune App Wrapping Tool is used to create a .intunemac, this value can be found inside the Detection.xml file.| |ignoreVersionDetection|Boolean|When TRUE, indicates that the app's version will NOT be used to detect if the app is installed on a device. When FALSE, indicates that the app's version will be used to detect if the app is installed on a device. Set this to true for apps that use a self update feature.|
Here is a JSON representation of the resource.
"versionNumber": "String" } ],
- "identityVersion": "String",
"md5HashChunkSize": 1024, "md5Hash": [ "String"
v1.0 Intune Apps Macosvppappassignmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-macosvppappassignmentsettings.md
+
+ Title: "macOsVppAppAssignmentSettings resource type"
+description: "Contains properties used to assign an Mac VPP mobile app to a group."
+
+localization_priority: Normal
++
+# macOsVppAppAssignmentSettings resource type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Contains properties used to assign an Mac VPP mobile app to a group.
++
+Inherits from [mobileAppAssignmentSettings](../resources/intune-shared-mobileappassignmentsettings.md)
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|useDeviceLicensing|Boolean|Whether or not to use device licensing.|
+|uninstallOnDeviceRemoval|Boolean|Whether or not to uninstall the app when device is removed from Intune.|
+|preventManagedAppBackup|Boolean|When TRUE, indicates that the app should not be backed up to iCloud. When FALSE, indicates that the app may be backed up to iCloud. By default, this property is set to null which internally is treated as FALSE.|
+|preventAutoAppUpdate|Boolean|When TRUE, indicates that the app should not be automatically updated with the latest version from Apple app store. When FALSE, indicates that the app may be auto updated. By default, this property is set to null which internally is treated as FALSE.|
+
+## Relationships
+None
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.macOsVppAppAssignmentSettings"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.macOsVppAppAssignmentSettings",
+ "useDeviceLicensing": true,
+ "uninstallOnDeviceRemoval": true,
+ "preventManagedAppBackup": true,
+ "preventAutoAppUpdate": true
+}
+```
v1.0 Intune Apps Managedandroidlobapp https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-managedandroidlobapp.md
Inherits from [managedMobileLobApp](../resources/intune-apps-managedmobilelobapp
|fileName|String|The name of the main Lob application file. Inherited from [managedMobileLobApp](../resources/intune-apps-managedmobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [managedMobileLobApp](../resources/intune-apps-managedmobilelobapp.md)| |packageId|String|The package identifier.|
-|identityName|String|The Identity Name. This property is deprecated starting in February 2023 (Release 2302).|
+|identityName|String|The Identity Name. This property is being deprecated in 2302(February 2023).|
|minimumSupportedOperatingSystem|[androidMinimumOperatingSystem](../resources/intune-apps-androidminimumoperatingsystem.md)|The value for the minimum applicable operating system.| |versionName|String|The version name of managed Android Line of Business (LoB) app.| |versionCode|String|The version code of managed Android Line of Business (LoB) app.|
-|identityVersion|String|The identity version. This property is deprecated starting in February 2023 (Release 2302).|
+|identityVersion|String|The identity version. This property is being deprecated in 2302(February 2023).|
## Relationships |Relationship|Type|Description|
v1.0 Intune Apps Symanteccodesigningcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-symanteccodesigningcertificate.md
Not yet documented
|:|:|:| |id|String|The key of the entity.| |content|Binary|The Windows Symantec Code-Signing Certificate in the raw data format.|
-|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
+|status|certificateStatus|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
|password|String|The Password required for .pfx file.| |subjectName|String|The Subject Name for the cert.| |subject|String|The Subject value for the cert.|
v1.0 Intune Apps Windowsappx https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-windowsappx.md
Inherits from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)
|committedContentVersion|String|The internal committed content version. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)| |size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
-|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) for which this app can run on. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`, `arm64`.|
-|identityName|String|The Identity Name.|
-|identityPublisherHash|String|The Identity Publisher Hash.|
-|identityResourceIdentifier|String|The Identity Resource Identifier.|
-|isBundle|Boolean|Whether or not the app is a bundle.|
-|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system.|
-|identityVersion|String|The identity version.|
+|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) on which this app can run. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`; default value is `none`. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`, `arm64`.|
+|identityName|String|The identity name of the uploaded app package. For example: "Contoso.DemoApp".|
+|identityPublisherHash|String|The identity publisher hash of the uploaded app package. This is the hash of the publisher from the manifest. For example: "AB82CD0XYZ".|
+|identityResourceIdentifier|String|The identity resource identifier of the uploaded app package. For example: "TestResourceId".|
+|isBundle|Boolean|When TRUE, indicates that the app is a bundle. When FALSE, indicates that the app is not a bundle. By default, property is set to FALSE.|
+|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system. Valid values for a WindowsAppX app include `v8_0`, `v8_1` and `v10_0`. If the app is a bundle, the minimum supported OS has to be at least `v8_1`.|
+|identityVersion|String|The identity version of the uploaded app package. For example: "1.0.0.0".|
## Relationships |Relationship|Type|Description|
v1.0 Intune Apps Windowsappxappassignmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-windowsappxappassignmentsettings.md
+
+ Title: "windowsAppXAppAssignmentSettings resource type"
+description: "Contains properties used when assigning a Windows AppX mobile app to a group."
+
+localization_priority: Normal
++
+# windowsAppXAppAssignmentSettings resource type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Contains properties used when assigning a Windows AppX mobile app to a group.
++
+Inherits from [mobileAppAssignmentSettings](../resources/intune-shared-mobileappassignmentsettings.md)
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|useDeviceContext|Boolean|When TRUE, indicates that device execution context will be used for the AppX mobile app. When FALSE, indicates that user context will be used for the AppX mobile app. By default, this property is set to FALSE. Once this property has been set to TRUE it cannot be changed.|
+
+## Relationships
+None
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.windowsAppXAppAssignmentSettings"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.windowsAppXAppAssignmentSettings",
+ "useDeviceContext": true
+}
+```
v1.0 Intune Deviceconfig Androidforworkgeneraldeviceconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidforworkgeneraldeviceconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|vpnEnableAlwaysOnLockdownMode|Boolean|Enable lockdown mode for always-on VPN.| |workProfileAllowWidgets|Boolean|Allow widgets from work profile apps.| |workProfileBlockPersonalAppInstallsFromUnknownSources|Boolean|Prevent app installations from unknown sources in the personal profile.|
+|workProfileAccountUse|[androidWorkProfileAccountUse](../resources/intune-deviceconfig-androidworkprofileaccountuse.md)|Control user's ability to add accounts in work profile including Google accounts. Possible values are: `allowAllExceptGoogleAccounts`, `blockAll`, `allowAll`, `unknownFutureValue`.|
+|allowedGoogleAccountDomains|String collection|Determine domains allow-list for accounts that can be added to work profile.|
## Relationships |Relationship|Type|Description|
Here is a JSON representation of the resource.
"vpnAlwaysOnPackageIdentifier": "String", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "String",
+ "allowedGoogleAccountDomains": [
+ "String"
+ ]
} ```
v1.0 Intune Deviceconfig Androidworkprofileaccountuse https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidworkprofileaccountuse.md
+
+ Title: "androidWorkProfileAccountUse enum type"
+description: "An enum representing possible values for account use in work profile."
+
+localization_priority: Normal
++
+# androidWorkProfileAccountUse enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+An enum representing possible values for account use in work profile.
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|allowAllExceptGoogleAccounts|0|Allow additon of all accounts except Google accounts in Android Work Profile.|
+|blockAll|1|Block any account from being added in Android Work Profile. |
+|allowAll|2|Allow addition of all accounts (including Google accounts) in Android Work Profile.|
+|unknownFutureValue|3|Unknown future value for evolvable enum patterns.|
v1.0 Intune Deviceconfig Androidworkprofilegeneraldeviceconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidworkprofilegeneraldeviceconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|vpnEnableAlwaysOnLockdownMode|Boolean|Enable lockdown mode for always-on VPN.| |workProfileAllowWidgets|Boolean|Allow widgets from work profile apps.| |workProfileBlockPersonalAppInstallsFromUnknownSources|Boolean|Prevent app installations from unknown sources in the personal profile.|
+|workProfileAccountUse|[androidWorkProfileAccountUse](../resources/intune-deviceconfig-androidworkprofileaccountuse.md)|Control user's ability to add accounts in work profile including Google accounts. Possible values are: `allowAllExceptGoogleAccounts`, `blockAll`, `allowAll`, `unknownFutureValue`.|
+|allowedGoogleAccountDomains|String collection|Determine domains allow-list for accounts that can be added to work profile.|
## Relationships |Relationship|Type|Description|
Here is a JSON representation of the resource.
"vpnAlwaysOnPackageIdentifier": "String", "vpnEnableAlwaysOnLockdownMode": true, "workProfileAllowWidgets": true,
- "workProfileBlockPersonalAppInstallsFromUnknownSources": true
+ "workProfileBlockPersonalAppInstallsFromUnknownSources": true,
+ "workProfileAccountUse": "String",
+ "allowedGoogleAccountDomains": [
+ "String"
+ ]
} ```
v1.0 Intune Deviceconfig Endpointprivilegemanagementprovisioningstatus https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md
- Title: "endpointPrivilegeManagementProvisioningStatus resource type"
-description: "Endpoint privilege management (EPM) tenant provisioning status contains tenant level license and onboarding state information."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# endpointPrivilegeManagementProvisioningStatus resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Endpoint privilege management (EPM) tenant provisioning status contains tenant level license and onboarding state information.
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[Get endpointPrivilegeManagementProvisioningStatus](../api/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus-get.md)|[endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md)|Read properties and relationships of the [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md) object.|
-|[Update endpointPrivilegeManagementProvisioningStatus](../api/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus-update.md)|[endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md)|Update the properties of a [endpointPrivilegeManagementProvisioningStatus](../resources/intune-deviceconfig-endpointprivilegemanagementprovisioningstatus.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|A unique identifier represents Intune Account identifier.|
-|licenseType|[licenseType](../resources/intune-deviceconfig-licensetype.md)|Indicates whether tenant has a valid Intune Endpoint Privilege Management license. Possible value are : 0 - notPaid, 1 - paid, 2 - trial. See LicenseType enum for more details. Default notPaid. Possible values are: `notPaid`, `paid`, `trial`, `unknownFutureValue`.|
-|onboardedToMicrosoftManagedPlatform|Boolean|Indicates whether tenant is onboarded to Microsoft Managed Platform - Cloud (MMPC). When set to true, implies tenant is onboarded and when set to false, implies tenant is not onboarded. Default set to false.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.endpointPrivilegeManagementProvisioningStatus"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.endpointPrivilegeManagementProvisioningStatus",
- "id": "String (identifier)",
- "licenseType": "String",
- "onboardedToMicrosoftManagedPlatform": true
-}
-```
v1.0 Intune Deviceconfig Macosgeneraldeviceconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macosgeneraldeviceconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|touchIdTimeoutInHours|Int32|Maximum hours after which the user must enter their password to unlock the device instead of using Touch ID. Available for devices running macOS 12 and later. Valid values 0 to 2147483647| |iCloudPrivateRelayBlocked|Boolean|iCloud private relay is an iCloud+ service that prevents networks and servers from monitoring a person's activity across the internet. By blocking iCloud private relay, Apple will not encrypt the traffic leaving the device. Available for devices running macOS 12 and later.| |iCloudDesktopAndDocumentsBlocked|Boolean|When TRUE the synchronization of cloud desktop and documents is blocked. When FALSE, synchronization of the cloud desktop and documents are allowed. Available for devices running macOS 10.12.4 and later.|
+|activationLockWhenSupervisedAllowed|Boolean|When TRUE, activation lock is allowed when the devices is in the supervised mode. When FALSE, activation lock is not allowed. Default is false.|
## Relationships |Relationship|Type|Description|
Here is a JSON representation of the resource.
"softwareUpdateNonOSDeferredInstallDelayInDays": 1024, "touchIdTimeoutInHours": 1024, "iCloudPrivateRelayBlocked": true,
- "iCloudDesktopAndDocumentsBlocked": true
+ "iCloudDesktopAndDocumentsBlocked": true,
+ "activationLockWhenSupervisedAllowed": true
} ```
v1.0 Intune Deviceconfig Macospriority https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macospriority.md
+
+ Title: "macOSPriority enum type"
+description: "The scheduling priority options for downloading and preparing the requested mac OS update"
+
+localization_priority: Normal
++
+# macOSPriority enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+The scheduling priority options for downloading and preparing the requested mac OS update
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|low|0|Indicates low scheduling priority for downloading and preparing the requested update|
+|high|1|Indicates high scheduling priority for downloading and preparing the requested update|
+|unknownFutureValue|2|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Deviceconfig Macossoftwareupdateconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macossoftwareupdateconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|updateScheduleType|[macOSSoftwareUpdateScheduleType](../resources/intune-deviceconfig-macossoftwareupdatescheduletype.md)|Update schedule type. Possible values are: `alwaysUpdate`, `updateDuringTimeWindows`, `updateOutsideOfTimeWindows`.| |customUpdateTimeWindows|[customUpdateTimeWindow](../resources/intune-deviceconfig-customupdatetimewindow.md) collection|Custom Time windows when updates will be allowed or blocked. This collection can contain a maximum of 20 elements.| |updateTimeWindowUtcOffsetInMinutes|Int32|Minutes indicating UTC offset for each update time window|
+|maxUserDeferralsCount|Int32|The maximum number of times the system allows the user to postpone an update before itΓÇÖs installed. Supported values: 0 - 366. Valid values 0 to 365|
+|priority|[macOSPriority](../resources/intune-deviceconfig-macospriority.md)|The scheduling priority for downloading and preparing the requested update. Default: Low. Possible values: Null, Low, High. Possible values are: `low`, `high`, `unknownFutureValue`.|
## Relationships |Relationship|Type|Description|
Here is a JSON representation of the resource.
"endTime": "String (time of day)" } ],
- "updateTimeWindowUtcOffsetInMinutes": 1024
+ "updateTimeWindowUtcOffsetInMinutes": 1024,
+ "maxUserDeferralsCount": 1024,
+ "priority": "String"
} ```
v1.0 Intune Deviceconfig Vpntrafficdirection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-vpntrafficdirection.md
+
+ Title: "vpnTrafficDirection enum type"
+description: "Specify whether the rule applies to inbound traffic or outbound traffic."
+
+localization_priority: Normal
++
+# vpnTrafficDirection enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Specify whether the rule applies to inbound traffic or outbound traffic.
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|outbound|0|The rule applies to all outbound traffic.|
+|inbound|1|The rule applies to all inbound traffic.|
+|unknownFutureValue|2|Evolvable enum member|
v1.0 Intune Deviceconfig Vpntrafficrule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-vpntrafficrule.md
VPN Traffic Rule definition.
|appType|[vpnTrafficRuleAppType](../resources/intune-deviceconfig-vpntrafficruleapptype.md)|App type, if this traffic rule is triggered by an app. Possible values are: `none`, `desktop`, `universal`.| |routingPolicyType|[vpnTrafficRuleRoutingPolicyType](../resources/intune-deviceconfig-vpntrafficruleroutingpolicytype.md)|When app triggered, indicates whether to enable split tunneling along this route. Possible values are: `none`, `splitTunnel`, `forceTunnel`.| |claims|String|Claims associated with this traffic rule.|
+|vpnTrafficDirection|[vpnTrafficDirection](../resources/intune-deviceconfig-vpntrafficdirection.md)|Specify whether the rule applies to inbound traffic or outbound traffic. Possible values are: `outbound`, `inbound`, `unknownFutureValue`.|
## Relationships None
Here is a JSON representation of the resource.
"appId": "String", "appType": "String", "routingPolicyType": "String",
- "claims": "String"
+ "claims": "String",
+ "vpnTrafficDirection": "String"
} ```
v1.0 Intune Deviceconfig Windows10vpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-windows10vpnconfiguration.md
Here is a JSON representation of the resource.
"appId": "String", "appType": "String", "routingPolicyType": "String",
- "claims": "String"
+ "claims": "String",
+ "vpnTrafficDirection": "String"
} ], "routes": [
v1.0 Intune Deviceconfig Windowsupdateforbusinessconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-windowsupdateforbusinessconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|deviceStatusOverview|[deviceConfigurationDeviceOverview](../resources/intune-deviceconfig-deviceconfigurationdeviceoverview.md)|Device Configuration devices status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)| |userStatusOverview|[deviceConfigurationUserOverview](../resources/intune-deviceconfig-deviceconfigurationuseroverview.md)|Device Configuration users status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)| |deviceSettingStateSummaries|[settingStateDeviceSummary](../resources/intune-deviceconfig-settingstatedevicesummary.md) collection|Device Configuration Setting State Device Summary Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
-|deviceUpdateStates|[windowsUpdateState](../resources/intune-shared-windowsupdatestate.md) collection|Windows update for business configuration device states. This collection can contain a maximum of 500 elements.|
## JSON Representation Here is a JSON representation of the resource.
v1.0 Intune Deviceconfigv2 Devicemanagementcompliancepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementcompliancepolicy.md
Device Management Compliance Policy
|id|String|Key of the policy document. Automatically generated.| |name|String|Policy name| |description|String|Policy description|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time. This property is read-only.| |settingCount|Int32|Number of settings. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationcategory.md
Device Management Configuration Policy
|helpText|String|Help text of the item| |name|String|Name of the item| |displayName|String|Display name of the item|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
|parentCategoryId|String|Parent id of the category.| |rootCategoryId|String|Root id of the category.| |childCategoryIds|String collection|List of child ids of the category.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingcollectiondefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingcollectiondefinition.md
Namespace: microsoft.graph
Not yet documented
-Inherits from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md)
+Inherits from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)
## Methods |Method|Return Type|Description|
Inherits from [deviceManagementConfigurationChoiceSettingDefinition](../resource
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-shared-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md)|
-|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-shared-devicemanagementconfigurationchoicesettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
|maximumCount|Int32|Maximum number of choices in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of choices in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationexchangeonlinesettingapplicability https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationexchangeonlinesettingapplicability.md
Inherits from [deviceManagementConfigurationSettingApplicability](../resources/i
|description|String|description of the setting Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)| |platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.| |deviceMode|[deviceManagementConfigurationDeviceMode](../resources/intune-deviceconfigv2-devicemanagementconfigurationdevicemode.md)|Device Mode that setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `kiosk`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
## Relationships None
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationpolicy.md
Device Management Configuration Policy
|id|String|Key of the policy document. Automatically generated.| |name|String|Policy name| |description|String|Policy description|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time| |settingCount|Int32|Number of settings|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicytemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationpolicytemplate.md
Device Management Configuration Policy Template
|description|String|Template description| |displayVersion|String|Description of template version| |lifecycleState|[deviceManagementTemplateLifecycleState](../resources/intune-deviceconfigv2-devicemanagementtemplatelifecyclestate.md)|Indicate current lifecycle state of template. Possible values are: `invalid`, `draft`, `active`, `superseded`, `deprecated`, `retired`.|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-shared-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-shared-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|templateFamily|[deviceManagementConfigurationTemplateFamily](../resources/intune-deviceconfigv2-devicemanagementconfigurationtemplatefamily.md)|TemplateFamily for this template. Possible values are: `none`, `endpointSecurityAntivirus`, `endpointSecurityDiskEncryption`, `endpointSecurityFirewall`, `endpointSecurityEndpointDetectionAndResponse`, `endpointSecurityAttackSurfaceReduction`, `endpointSecurityAccountProtection`, `endpointSecurityApplicationControl`, `endpointSecurityEndpointPrivilegeManagement`, `enrollmentConfiguration`, `appQuietTime`, `baseline`, `unknownFutureValue`, `deviceConfigurationScripts`.| |allowUnmanagedSettings|Boolean|Allow unmanaged setting templates| |settingTemplateCount|Int32|Number of setting templates. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsetting.md
Setting instance within policy
|Property|Type|Description| |:|:|:| |id|String|Key of this setting within the policy which contains it. Automatically generated.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
+|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
## Relationships |Relationship|Type|Description| |:|:|:|
-|settingDefinitions|[deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) collection|List of related Setting Definitions. This property is read-only.|
+|settingDefinitions|[deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) collection|List of related Setting Definitions. This property is read-only.|
## JSON Representation Here is a JSON representation of the resource.
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingapplicability https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md
Not yet documented
|description|String|description of the setting| |platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.| |deviceMode|[deviceManagementConfigurationDeviceMode](../resources/intune-deviceconfigv2-devicemanagementconfigurationdevicemode.md)|Device Mode that setting can be applied on. Possible values are: `none`, `kiosk`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
## Relationships None
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupcollectiondefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupcollectiondefinition.md
Namespace: microsoft.graph
Not yet documented
-Inherits from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)
+Inherits from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)
## Methods |Method|Return Type|Description|
Inherits from [deviceManagementConfigurationSettingGroupDefinition](../resources
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-shared-devicemanagementconfigurationsettinggroupdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
|maximumCount|Int32|Maximum number of setting group count in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of setting group count in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingtemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettingtemplate.md
Setting Template
## Relationships |Relationship|Type|Description| |:|:|:|
-|settingDefinitions|[deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) collection|List of related Setting Definitions|
+|settingDefinitions|[deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md) collection|List of related Setting Definitions|
## JSON Representation Here is a JSON representation of the resource.
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingcollectiondefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingcollectiondefinition.md
Namespace: microsoft.graph
Not yet documented
-Inherits from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)
+Inherits from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)
## Methods |Method|Return Type|Description|
Inherits from [deviceManagementConfigurationSimpleSettingDefinition](../resource
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-shared-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-shared-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
-|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-shared-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-shared-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-shared-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-shared-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
-|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-shared-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-shared-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-shared-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-shared-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-shared-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsimplesettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.|
+|keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
|maximumCount|Int32|Maximum number of simple settings in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of simple settings in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationstringsettingvaluedefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationstringsettingvaluedefinition.md
Namespace: microsoft.graph
String constraints
-Inherits from [deviceManagementConfigurationSettingValueDefinition](../resources/intune-shared-devicemanagementconfigurationsettingvaluedefinition.md)
+Inherits from [deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)
## Properties |Property|Type|Description|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationtechnologies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md
Describes which technology this setting can be deployed with
|appleRemoteManagement|64|Setting can be deployed through the AppleRemoteManagement channel| |microsoftSense|128|Setting can be deployed through the SENSE agent channel| |exchangeOnline|256|Setting can be deployed through the Exchange Online agent channel|
+|edgeMAM|512|Setting can be deployed through the Edge MAM agent channel|
|linuxMdm|1024|Setting can be deployed through the Linux Mdm channel| |enrollment|4096|Setting can be deployed through device enrollment.| |endpointPrivilegeManagement|8192|Setting can be deployed using the Endpoint privilege management channel|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationwindowssettingapplicability https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationwindowssettingapplicability.md
Inherits from [deviceManagementConfigurationSettingApplicability](../resources/i
|description|String|description of the setting Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)| |platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.| |deviceMode|[deviceManagementConfigurationDeviceMode](../resources/intune-deviceconfigv2-devicemanagementconfigurationdevicemode.md)|Device Mode that setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `kiosk`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|configurationServiceProviderVersion|String|Version of CSP setting is a part of| |maximumSupportedVersion|String|Maximum supported version of Windows| |minimumSupportedVersion|String|Minimum supported version of Windows|
v1.0 Intune Deviceconfigv2 Devicemanagementreusablepolicysetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementreusablepolicysetting.md
Graph model for a reusable setting
|displayName|String|reusable setting display name supplied by user.| |description|String|reusable setting description supplied by user.| |settingDefinitionId|String|setting definition id associated with this reusable setting.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|reusable setting configuration instance|
+|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinginstance.md)|reusable setting configuration instance|
|createdDateTime|DateTimeOffset|reusable setting creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|date and time when reusable setting was last modified. This property is read-only.| |version|Int32|version number for reusable setting. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceintent Devicemanagementintent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceintent-devicemanagementintent.md
Entity that represents an intent to apply settings to a device
|displayName|String|The user given display name| |description|String|The user given description| |isAssigned|Boolean|Signifies whether or not the intent is assigned to users|
+|isMigratingToConfigurationPolicy|Boolean|Signifies whether or not the intent is being migrated to the configurationPolicies endpoint|
|lastModifiedDateTime|DateTimeOffset|When the intent was last modified| |templateId|String|The ID of the template this intent was created from (if any)| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance.|
Here is a JSON representation of the resource.
"displayName": "String", "description": "String", "isAssigned": true,
+ "isMigratingToConfigurationPolicy": true,
"lastModifiedDateTime": "String (timestamp)", "templateId": "String", "roleScopeTagIds": [
v1.0 Intune Enrollment Depenrollmentbaseprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-enrollment-depenrollmentbaseprofile.md
Inherits from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofi
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See hhttps://learn.microsoft.com/mem/intune/enrollment/device-enrollment for additional information.|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information.|
|supportDepartment|String|Support department information| |isMandatory|Boolean|Indicates if the profile is mandatory| |locationDisabled|Boolean|Indicates if Location service setup pane is disabled|
v1.0 Intune Enrollment Importedappledeviceidentity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-enrollment-importedappledeviceidentity.md
The importedAppleDeviceIdentity resource represents the imported device identity
|serialNumber|String|Device serial number| |requestedEnrollmentProfileId|String|Enrollment profile Id admin intends to apply to the device during next enrollment| |requestedEnrollmentProfileAssignmentDateTime|DateTimeOffset|The time enrollment profile was assigned to the device|
-|isSupervised|Boolean|Indicates if the Apple device is supervised. More information is at: https://support.apple.com/en-us/HT202837 |
+|isSupervised|Boolean|Indicates if the Apple device is supervised. More information is at: https://support.apple.com/en-us/HT202837|
|discoverySource|[discoverySource](../resources/intune-enrollment-discoverysource.md)|Apple device discovery source. Possible values are: `unknown`, `adminImport`, `deviceEnrollmentProgram`.| |isDeleted|Boolean|Indicates if the device is deleted from Apple Business Manager| |createdDateTime|DateTimeOffset|Created Date Time of the device|
v1.0 Intune Mam Devicemanagementconfigurationsetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mam-devicemanagementconfigurationsetting.md
Title: "deviceManagementConfigurationSetting resource type"
-description: "Setting instance within policy"
+description: "Not yet documented"
localization_priority: Normal ms.prod: "intune"
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Setting instance within policy
+Not yet documented
## Methods |Method|Return Type|Description|
Setting instance within policy
## Properties |Property|Type|Description| |:|:|:|
-|id|String|Key of this setting within the policy which contains it. Automatically generated.|
-|settingInstance|[deviceManagementConfigurationSettingInstance](../resources/intune-shared-devicemanagementconfigurationsettinginstance.md)|Setting Instance|
## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|settingDefinitions|[deviceManagementConfigurationSettingDefinition](../resources/intune-shared-devicemanagementconfigurationsettingdefinition.md) collection|List of related Setting Definitions|
+None
## JSON Representation Here is a JSON representation of the resource.
Here is a JSON representation of the resource.
--> ``` json {
- "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
- "id": "String (identifier)",
- "settingInstance": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": "String",
- "settingInstanceTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference",
- "settingInstanceTemplateId": "String"
- },
- "choiceSettingValue": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
- "settingValueTemplateReference": {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference",
- "settingValueTemplateId": "String",
- "useTemplateDefault": true
- },
- "value": "String",
- "children": [
- {
- "@odata.type": "microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
- "settingDefinitionId": null,
- "settingInstanceTemplateReference": null,
- "choiceSettingValue": null
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
+ "@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting"
} ```
v1.0 Intune Policyset Assignmentfilterevaluaterequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfilterevaluaterequest.md
Request for assignment filter evaluation for devices.
## Properties |Property|Type|Description| |:|:|:|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|rule|String|Rule definition of the Assignment Filter.| |top|Int32|Limit of records per request. Default value is 100, if provided less than 0 or greater than 100| |skip|Int32|Number of records to skip. Default value is 0|
v1.0 Intune Policyset Assignmentfilterevaluationsummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfilterevaluationsummary.md
Represent result summary for assignment filter evaluation
|assignmentFilterId|String|Unique identifier for the assignment filter object| |assignmentFilterLastModifiedDateTime|DateTimeOffset|The time the assignment filter was last modified.| |assignmentFilterDisplayName|String|The admin defined name for assignment filter.|
-|assignmentFilterPlatform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|The platform for which this assignment filter is created. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|assignmentFilterPlatform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|The platform for which this assignment filter is created. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|evaluationResult|[assignmentFilterEvaluationResult](../resources/intune-policyset-assignmentfilterevaluationresult.md)|Assignment filter evaluation result. Possible values are: `unknown`, `match`, `notMatch`, `inconclusive`, `failure`, `notEvaluated`.| |evaluationDateTime|DateTimeOffset|The time assignment filter was evaluated.| |assignmentFilterType|[deviceAndAppManagementAssignmentFilterType](../resources/intune-shared-deviceandappmanagementassignmentfiltertype.md)|Indicate filter type either include or exclude. Possible values are: `none`, `include`, `exclude`.|
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-deviceandappmanagementassignmentfilter.md
A class containing the properties used for Assignment Filter.
|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter.| |displayName|String|DisplayName of the Assignment Filter.| |description|String|Description of the Assignment Filter.|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|rule|String|Rule definition of the Assignment Filter.| |roleScopeTags|String collection|RoleScopeTags of the Assignment Filter.| |payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter|
v1.0 Intune Policyset Deviceplatformtype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-deviceplatformtype.md
Supported platform types.
|windows10AndLater|6|Windows 10 and later.| |androidWorkProfile|7|Android Work Profile.| |unknown|8|Unknown.|
+|androidAOSP|9|Android AOSP.|
v1.0 Intune Policyset Macosvppappassignmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-macosvppappassignmentsettings.md
+
+ Title: "macOsVppAppAssignmentSettings resource type"
+description: "Contains properties used to assign an Mac VPP mobile app to a group."
+
+localization_priority: Normal
++
+# macOsVppAppAssignmentSettings resource type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Contains properties used to assign an Mac VPP mobile app to a group.
++
+Inherits from [mobileAppAssignmentSettings](../resources/intune-shared-mobileappassignmentsettings.md)
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|useDeviceLicensing|Boolean|Whether or not to use device licensing.|
+|uninstallOnDeviceRemoval|Boolean|Whether or not to uninstall the app when device is removed from Intune.|
+
+## Relationships
+None
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.macOsVppAppAssignmentSettings"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.macOsVppAppAssignmentSettings",
+ "useDeviceLicensing": true,
+ "uninstallOnDeviceRemoval": true
+}
+```
v1.0 Intune Policyset Payloadcompatibleassignmentfilter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-payloadcompatibleassignmentfilter.md
Inherits from [deviceAndAppManagementAssignmentFilter](../resources/intune-polic
|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |displayName|String|DisplayName of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |description|String|Description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
|rule|String|Rule definition of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |roleScopeTags|String collection|RoleScopeTags of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)| |payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
v1.0 Intune Policyset Windowsappxappassignmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-windowsappxappassignmentsettings.md
+
+ Title: "windowsAppXAppAssignmentSettings resource type"
+description: "Contains properties used when assigning a Windows AppX mobile app to a group."
+
+localization_priority: Normal
++
+# windowsAppXAppAssignmentSettings resource type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Contains properties used when assigning a Windows AppX mobile app to a group.
++
+Inherits from [mobileAppAssignmentSettings](../resources/intune-shared-mobileappassignmentsettings.md)
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|useDeviceContext|Boolean|Whether or not to use device execution context for Windows AppX mobile app.|
+
+## Relationships
+None
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.windowsAppXAppAssignmentSettings"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.windowsAppXAppAssignmentSettings",
+ "useDeviceContext": true
+}
+```
v1.0 Intune Remoteassistance Remoteassistancereporting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-remoteassistance-remoteassistancereporting.md
RemoteAssistanceReporting resources represents the metadata of a given Remote As
|remoteAssistanceSessionType|[remoteAssistanceSessionType](../resources/intune-remoteassistance-remoteassistancesessiontype.md)|Type of the remote assistance session that was held. Possible values are: `viewOnly`, `fullControl`, `elevation`. Possible values are: `viewOnly`, `fullControl`, `elevation`, `unattended`.| |helperEmail|String|Login email used by the helper to establish the session| |helperTenantId|String|Tenant id for the helper|
+|helperUserId|String|Helper's id|
|helperFirstName|String|Helper's first name| |helperLastName|String|Helper's last name| |helperOs|String|Helper's operating system|
+|deviceId|String|Intune Device ID|
|helperDeviceAadId|String|Helper's device AAD Id| |helperDeviceName|String|Helper's device name| |helperEnrollmentState|[enrollmentState](../resources/intune-shared-enrollmentstate.md)|Intune enrollment state of the helper's device. Possible values are: `unknown`, `enrolled`, `pendingReset`, `failed`, `notContacted`, `blocked`. Possible values are: `unknown`, `enrolled`, `pendingReset`, `failed`, `notContacted`, `blocked`.|
Here is a JSON representation of the resource.
"remoteAssistanceSessionType": "String", "helperEmail": "String", "helperTenantId": "String",
+ "helperUserId": "String",
"helperFirstName": "String", "helperLastName": "String", "helperOs": "String",
+ "deviceId": "String",
"helperDeviceAadId": "String", "helperDeviceName": "String", "helperEnrollmentState": "String",
v1.0 Intune Reporting Devicemanagementreports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-reporting-devicemanagementreports.md
Singleton entity that acts as a container for all reports functionality.
|[Update deviceManagementReports](../api/intune-reporting-devicemanagementreports-update.md)|[deviceManagementReports](../resources/intune-reporting-devicemanagementreports.md)|Update the properties of a [deviceManagementReports](../resources/intune-reporting-devicemanagementreports.md) object.| |[getDeviceNonComplianceReport action](../api/intune-reporting-devicemanagementreports-getdevicenoncompliancereport.md)|Stream|Not yet documented| |[getNoncompliantDevicesAndSettingsReport action](../api/intune-reporting-devicemanagementreports-getnoncompliantdevicesandsettingsreport.md)|Stream|Not yet documented|
-|[getSettingComplianceAggReport action](../api/intune-reporting-devicemanagementreports-getsettingcomplianceaggreport.md)|Stream|Not yet documented|
+|[getDeviceStatusSummaryByCompliacePolicyReport action](../api/intune-reporting-devicemanagementreports-getdevicestatussummarybycompliacepolicyreport.md)|Stream|Not yet documented|
+|[getDeviceStatusByCompliacePolicyReport action](../api/intune-reporting-devicemanagementreports-getdevicestatusbycompliacepolicyreport.md)|Stream|Not yet documented|
+|[getDeviceStatusSummaryByCompliancePolicySettingsReport action](../api/intune-reporting-devicemanagementreports-getdevicestatussummarybycompliancepolicysettingsreport.md)|Stream|Not yet documented|
+|[getDeviceStatusByCompliancePolicySettingReport action](../api/intune-reporting-devicemanagementreports-getdevicestatusbycompliancepolicysettingreport.md)|Stream|Not yet documented|
+|[getDevicesStatusByPolicyPlatformComplianceReport action](../api/intune-reporting-devicemanagementreports-getdevicesstatusbypolicyplatformcompliancereport.md)|Stream|Not yet documented|
|[getDevicesStatusBySettingReport action](../api/intune-reporting-devicemanagementreports-getdevicesstatusbysettingreport.md)|Stream|Not yet documented| |[getDevicePoliciesComplianceReport action](../api/intune-reporting-devicemanagementreports-getdevicepoliciescompliancereport.md)|Stream|Not yet documented| |[getDevicePolicySettingsComplianceReport action](../api/intune-reporting-devicemanagementreports-getdevicepolicysettingscompliancereport.md)|Stream|Not yet documented|
v1.0 Intune Shared Windowsuniversalappxappassignmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-shared-windowsuniversalappxappassignmentsettings.md
Inherits from [mobileAppAssignmentSettings](../resources/intune-shared-mobileapp
## Properties |Property|Type|Description| |:|:|:|
-|useDeviceContext|Boolean|Whether or not to use device execution context for Windows Universal AppX mobile app.|
+|useDeviceContext|Boolean|If true, uses device execution context for Windows Universal AppX mobile app. Device-context install is not allowed when this type of app is targeted with Available intent. Defaults to false.|
## Relationships None
v1.0 Invitedusermessageinfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/invitedusermessageinfo.md
Title: "Configuring the invitation message"
+ Title: "invitedUserMessageInfo resource type"
description: "The invitedUserMessageInfo object allows you to configure the invitation message." ms.localizationpriority: medium doc_type: resourcePageType
ms.prod: "identity-and-sign-in"
-# Configuring the invitation message
+# invitedUserMessageInfo resource type
Namespace: microsoft.graph
v1.0 Keycredential https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/keycredential.md
Title: "keyCredential resource type"
-description: "Contains a key credential associated with an application or a service principal. The **keyCredentials** property of the application and servicePrincipal entities is a collection of **keyCredential**."
+description: "Contains a key credential associated with an application or a service principal. The keyCredentials property of the application and servicePrincipal entities is a collection of keyCredential."
ms.localizationpriority: medium doc_type: resourcePageType ms.prod: "applications"
Namespace: microsoft.graph
Contains a key credential associated with an application or a service principal. The **keyCredentials** property of the [application](application.md) and [servicePrincipal](serviceprincipal.md) entities is a collection of **keyCredential**.
+To add a keyCredential using Microsoft Graph, see [Add a certificate to an app using Microsoft Graph](/graph/applications-how-to-add-certificate).
+ ## Properties | Property | Type |Description| |:|:--|:-|
v1.0 Linkedresource https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/linkedresource.md
Title: "linkedResource resource type"
-description: "Represents the source of the todoTask"
+description: "Represents an item in a partner application related to a todoTask."
ms.localizationpriority: medium ms.prod: "outlook"
Represents an item in a partner application related to a [todoTask](./todotask.m
![Linked resource in task details pane](/graph/images/todo-linkedresource-taskdetail.png)
-Some **linkedResource** objects are not associated with any web URLs, in which case, the **webUrl** property is not required. For example, the linked item can be from a custom business app or native platform app, such as an SMS app on a mobile phone. Here is how a **linkedResource** appears with and without a URL.
+Some **linkedResource** objects are not associated with any web URLs, in which case, the **webUrl** property is not required. For example, the linked item can be from a custom business app or native platform app, such as an SMS app on a mobile phone. The following is how a **linkedResource** appears with and without a URL.
![Linked resource with and without URL](/graph/images/todo-linkedresource.png) ## Methods |Method|Return type|Description| |:|:|:|
-|[List linkedResources](../api/todotask-list-linkedresources.md)|[linkedResource](../resources/linkedresource.md) collection|Get the linkedResources from the linkedResources navigation property.|
-|[Create linkedResource](../api/todotask-post-linkedresources.md)|[linkedResource](../resources/linkedresource.md)|Create a new linkedResources object.|
+|[List linkedResources](../api/todotask-list-linkedresources.md)|[linkedResource](../resources/linkedresource.md) collection|Get the **linkedResources** from the **linkedResources** navigation property.|
+|[Create linkedResource](../api/todotask-post-linkedresources.md)|[linkedResource](../resources/linkedresource.md)|Create a new **linkedResources** object.|
|[Get linkedResource](../api/linkedresource-get.md)|[linkedResource](../resources/linkedresource.md)|Read the properties and relationships of a [linkedResource](../resources/linkedresource.md) object.| |[Update linkedResource](../api/linkedresource-update.md)|[linkedResource](../resources/linkedresource.md)|Update the properties of a [linkedResource](../resources/linkedresource.md) object.|
-|[Delete linkedResource](../api/linkedresource-delete.md)|None|Deletes a [linkedResource](../resources/linkedresource.md) object.|
+|[Delete linkedResource](../api/linkedresource-delete.md)|None|Delete a [linkedResource](../resources/linkedresource.md) object.|
## Properties |Property|Type|Description| |:|:|:|
-|applicationName|String|Field indicating the app name of the source that is sending the **linkedResource**.|
-|displayName|String|Field indicating the title of the **linkedResource**.|
-|externalId|String|Id of the object that is associated with this task on the third-party/partner system.|
+|applicationName|String|The app name of the source that sends the **linkedResource**.|
+|displayName|String|The title of the **linkedResource**.|
+|externalId|String|ID of the object that is associated with this task on the third-party/partner system.|
|id|String|Server generated ID for the **linkedResource**. Inherited from [entity](../resources/entity.md).| |webUrl|String|Deep link to the **linkedResource**.|
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.linkedResource",
- "id": "String (identifier)",
- "webUrl": "String",
"applicationName": "String", "displayName": "String",
- "externalId": "String"
+ "externalId": "String",
+ "id": "String (identifier)",
+ "webUrl": "String"
} ```---
v1.0 Logicapptriggerendpointconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/logicapptriggerendpointconfiguration.md
Title: "logicAppTriggerEndpointConfiguration resource type" description: "The configuration details for the logic app's endpoint that is associated with a custom access package workflow extension."-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
The configuration details for the logic app's endpoint that is associated with a
|logicAppWorkflowName|String|The name of the logic app.| |resourceGroupName|String|The Azure resource group name for the logic app.| |subscriptionId|String|Identifier of the Azure subscription for the logic app.|
+|url|String| The URL to the logic app endpoint that will be triggered. Only required for app-only token scenarios where app is creating a [customCalloutExtension](../resources/customcalloutextension.md) without a signed-in user.|
## JSON representation
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration", "subscriptionId": "String", "resourceGroupName": "String",
- "logicAppWorkflowName": "String"
+ "logicAppWorkflowName": "String",
+ "url": "String"
} ```
v1.0 Managedidentity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/managedidentity.md
+
+ Title: "managedIdentity resource type"
+description: "Represents details of the managed identity that was used to sign into the target resource."
+
+ms.localizationpriority: medium
++
+# managedIdentity resource type
+
+Namespace: microsoft.graph
++
+Represents details of the managed identity that was used to sign into the target resource.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|associatedResourceId|String|The ARM resource ID of the Azure resource associated with the managed identity used for sign in.|
+|msiType|msiType|The possible values are: `none`, `userAssigned`, `systemAssigned`, `unknownFutureValue`.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.managedIdentity"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.managedIdentity",
+ "msiType": "String",
+ "associatedResourceId": "String"
+}
+```
v1.0 Microsoft Teams Team Usage Reports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/microsoft-teams-team-usage-reports.md
Use the Microsoft Teams team activity reports to get insights into the usage of
| Function | CSV return type | JSON return type | Description | | : | | - | - | | [Get team detail](../api/reportroot-getteamsteamactivitydetail.md) | Stream | Stream | Get details about Teams activity by team. The numbers include activities for both licensed and non-licensed users. |
-| [Get team counts](../api/reportroot-getteamsteamactivitycounts.md) | Stream | Stream | Get the number of team activities across Microsoft Teams. The activity types are related to meetings and messages. |
+| [Get team activity counts](../api/reportroot-getteamsteamactivitycounts.md) | Stream | Stream | Get the number of team activities across Microsoft Teams. The activity types are related to meetings and messages. |
+| [Get team counts](../api/reportroot-getteamsteamcounts.md) | Stream | Stream | Get the number of teams by type across Microsoft Teams. |
| [Get distribution team counts](../api/reportroot-getteamsteamactivitydistributioncounts.md) | Stream | Stream | Get the number of team activities across Microsoft Teams over a selected period. |
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/microsoftauthenticatorauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Microsoft Authenticator authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
v1.0 Organization https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/organization.md
This resource lets you add your own data to custom properties using [extensions]
|[Get open extension](../api/opentypeextension-get.md) |[openTypeExtension](opentypeextension.md) collection| Get an open extension identified by the extension name.| |**Schema extensions**| | | |[Add schema extension values](../api/schemaextension-post-schemaextensions.md) | [schemaExtension](schemaextension.md) | Create a schema extension definition and then use it to add custom typed data to a resource.|
-|**Organization licenses**| | |
-|[activateService](../api/organization-activateservice.md) (deprecated) | None | Activate a service for an organization. |
|**Organizational branding**| | | |[Get organizationalBranding](../api/organizationalbranding-get.md) | [organizationalBranding](organizationalbranding.md) | Get the default organizational branding object. | |[Update organizationalBranding](../api/organizationalbranding-update.md) | [organizationalBranding](organizationalbranding.md) | Update the default organizational branding object. |
v1.0 Outboundshareduserprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/outboundshareduserprofile.md
+
+ Title: "outboundSharedUserProfile resource type"
+description: "Represents an Azure AD user that has shared their profile data with an external Azure AD tenant using B2B direct connect."
+
+ms.localizationpriority: medium
++
+# outboundSharedUserProfile resource type
+
+Namespace: microsoft.graph
++
+Represents an Azure AD user that has shared their profile data with an external Azure AD tenant using B2B direct connect.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List outboundSharedUserProfiles](../api/directory-list-outboundshareduserprofiles.md)|[outboundSharedUserProfile](../resources/outboundshareduserprofile.md) collection|Retrieve all outboundSharedUserProfiles in the directory.|
+|[Get outboundSharedUserProfile](../api/outboundshareduserprofile-get.md)|[outboundSharedUserProfile](../resources/outboundshareduserprofile.md) collection|Retrieve a specific outboundSharedUserProfile from the directory.|
+|[List tenantReferences](../api/outboundshareduserprofile-list-tenants.md)|[tenantReferences](../resources/tenantreference.md) collection| Get all Azure AD tenants that a user has shared their data with as an Azure AD B2B direct connect user.|
+|[Remove personal data](../api/tenantreference-removepersonaldata.md)|None| Create a request to remove all personal data associated with a remote user in an external Azure AD tenant.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+| userId | String | The object id of the external user. Read-only. |
+
+## Relationships
+
+|Property|Type|Description|
+|:|:|:|
+| tenants | [tenantReference](../resources/tenantreference.md) collection | The collection of external Azure AD tenants that the user has shared profile data with. Read-only. |
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "userId",
+ "@odata.type": "microsoft.graph.outboundSharedUserProfile",
+ "openType": false
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.inboundSharedUserProfile",
+ "userId": "String"
+}
+```
v1.0 Plannerbucket https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannerbucket.md
Represents a bucket (or "custom column") for tasks in a plan in Microsoft 365. I
|[Create](../api/planner-post-buckets.md) | [plannerBucket](plannerbucket.md) | Create a new **plannerBucket** object. | |[Update](../api/plannerbucket-update.md) | [plannerBucket](plannerbucket.md) |Update **plannerBucket** object. | |[Delete](../api/plannerbucket-delete.md) | None |Delete **plannerBucket** object. |
+|[Get delta](../api/plannerbucket-delta.md)|[plannerBucket](../resources/plannerbucket.md) collection| Get newly created, updated, or deleted **plannerBucket** objects in a Planner plan without having to perform a full read of the entire resource collection.|
## Properties | Property | Type |Description|
v1.0 Plannerplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannerplan.md
Represents a plan in Microsoft 365. A plan can be owned by a [group](group.md) a
|[List tasks](../api/plannerplan-list-tasks.md) |[plannerTask](plannertask.md) collection| Get a **plannerTask** object collection.| |[Update](../api/plannerplan-update.md) | [plannerPlan](plannerplan.md) |Update **plannerPlan** object. | |[Delete](../api/plannerplan-delete.md) | None | Delete **plannerPlan** object. |
+|[Get delta](../api/plannerplan-delta.md) | [plannerPlan](../resources/plannerplan.md) collection | Get newly created, updated, or deleted **plannerPlan** objects in either a **group** or a [plannerRoster](plannerroster.md) type container without having to perform a full read of the entire resource collection. |
## Properties | Property | Type |Description|
The following is a JSON representation of the resource.
"suppressions": [] } -->--
v1.0 Plannerrecurrenceschedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannerrecurrenceschedule.md
+
+ Title: "plannerRecurrenceSchedule resource type"
+description: "Represents the schedule for recurrence of a Planner task in Microsoft 365."
+
+ms.localizationpriority: medium
++
+# plannerRecurrenceSchedule resource type
+
+Namespace: microsoft.graph
++
+Represents the schedule for recurrence of a [Planner task](plannertask.md) in Microsoft 365. Currently, **plannerRecurrenceSchedule** includes a recurrence pattern definition (**pattern**), a start date for that pattern (**patternStartDateTime**), and a system-generated property that indicates the next occurrence date (**nextOccurrenceDateTime**). To define a recurrence schedule, clients must specify the **pattern** and **patternStartDateTime**; the service calculates the **nextOccurrenceDateTime**.
+
+For more details, see [Configuring task recurrence in Planner](/graph/planner-task-recurrence-overview).
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|nextOccurrenceDateTime|DateTimeOffset|The next date for this **schedule**. When a new task is instantiated to continue the recurrence series, this date is used for the **dueDateTime** of the new **plannerTask**. Auto-generated by the service. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
+|pattern|[recurrencePattern](../resources/recurrencepattern.md)|The pattern for recurrence. Required.|
+|patternStartDateTime|DateTimeOffset|The start date for the recurrence pattern. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Required.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource. For real-looking examples that include this resource, see [Configuring task recurrence in Planner](/graph/planner-task-recurrence-overview).
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.plannerRecurrenceSchedule"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.plannerRecurrenceSchedule",
+ "nextOccurrenceDateTime": "String (timestamp)",
+ "pattern": { "@odata.type": "#microsoft.graph.recurrencePattern" },
+ "patternStartDateTime": "String (timestamp)"
+}
+```
v1.0 Plannertask https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannertask.md
Represents a Planner task in Microsoft 365. A Planner task is contained in a [pl
|[Get plannerTask](../api/plannertask-get.md) | [plannerTask](plannertask.md) |Read properties and relationships of **plannerTask** object.| |[Update](../api/plannertask-update.md) | [plannerTask](plannertask.md) |Update **plannerTask** object. | |[Delete](../api/plannertask-delete.md) | None |Delete **plannerTask** object. |
+|[Get delta](../api/plannertask-delta.md)|[plannerTask](../resources/plannertask.md) collection| Get newly created, updated, or deleted **plannerTask** objects in either a **plannerPlan** or assigned to the signed-in user without having to perform a full read of the entire resource collection. |
## Properties | Property | Type |Description|
Represents a Planner task in Microsoft 365. A Planner task is contained in a [pl
|priority|Int32|Priority of the task. Valid range of values is between `0` and `10` (inclusive), with increasing value being lower priority (`0` has the highest priority and `10` has the lowest priority). Currently, Planner interprets values `0` and `1` as "urgent", `2` and `3` and `4` as "important", `5`, `6`, and `7` as "medium", and `8`, `9`, and `10` as "low". Currently, Planner sets the value `1` for "urgent", `3` for "important", `5` for "medium", and `9` for "low".| |planId|String|Plan ID to which the task belongs.| |previewType|String|This sets the type of preview that shows up on the task. Possible values are: `automatic`, `noPreview`, `checklist`, `description`, `reference`.|
+|recurrence|[plannerTaskRecurrence](../resources/plannertaskrecurrence.md)|Defines active or inactive recurrence for the task. `null` when the recurrence has never been defined for the task.|
|referenceCount|Int32|Number of external references that exist on the task.| |startDateTime|DateTimeOffset|Date and time at which the task starts. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |title|String|Title of the task.|
The following is a JSON representation of the resource.
"priority": "Int32", "planId": "String", "previewType": "String",
+ "recurrence": {"@odata.type": "microsoft.graph.plannerTaskRecurrence"},
"referenceCount": "Int32", "startDateTime": "String (timestamp)", "title": "String"
The following is a JSON representation of the resource.
"suppressions": [] } -->--
v1.0 Plannertaskrecurrence https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannertaskrecurrence.md
+
+ Title: "plannerTaskRecurrence resource type"
+description: "Represents recurrence for a Planner task in Microsoft 365."
+
+ms.localizationpriority: medium
++
+# plannerTaskRecurrence resource type
+
+Namespace: microsoft.graph
++
+Represents recurrence for a [Planner task](plannertask.md) in Microsoft 365, allowing clients to define and edit recurrence for a Planner task. To add or edit recurrence, clients specify the **schedule**. For details, see [plannerRecurrenceSchedule](../resources/plannerrecurrenceschedule.md). To cancel recurrence, clients set the same **schedule** to `null`. The **plannerTaskRecurrence** resource also provides system-generated and read-only properties that are useful for tracking and understanding recurrence. For a Planner task, after recurrence has been defined, it can't be set to `null`. For tasks that have never had recurrence defined, recurrence is `null`.
+
+Given a non-recurring task, a client can make it into a recurring task by specifying **schedule**. When the schedule is added, Planner populates the **seriesId** and **occurrenceId** properties, as well as other properties. An **occurrenceId** of `1` indicates that this is the first task in the series. The second task in the series has an **occurrenceId** of `2`. The **seriesId** is a unique new string, created for the first task. The second task and all future tasks in the series inherit the **seriesId** from the first task, indicating that they are part of the same _recurring series_.
+
+When a _task with active recurrence_ is marked complete (**percentComplete** set to `100`), a new task is created to continue the series. Alternately, if a _task with active recurrence_ is deleted without cancelling recurrence, a new task is also created to continue the series. If the series should be discontinued, the **schedule** should first be set to `null`, then the task can be deleted and recurrence stops.
+
+For more details, see [Configuring task recurrence in Planner](/graph/planner-task-recurrence-overview).
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|nextInSeriesTaskId|String|The **taskId** of the next task in this series. This value is assigned at the time the next task in the series is created, and is `null` prior to that time.|
+|occurrenceId|Int32|The 1-based index of this task within the recurrence series. The first task in a series has the value `1`, the next task in the series has the value `2`, and so on.|
+|previousInSeriesTaskId|String|The **taskId** of the previous task in this series. `null` for the first task in a series since it has no predecessor. All subsequent tasks in the series have a value that corresponds to their predecessors.|
+|recurrenceStartDateTime|DateTimeOffset|The date and time when this recurrence series begin. For the first task in a series (**occurrenceId** = `1`) this value is copied from **schedule.patternStartDateTime**. For subsequent tasks in the series (**occurrenceId** >= `2`) this value is copied from the previous task and never changes; it preserves the start date of the recurring series. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|schedule|[plannerRecurrenceSchedule](../resources/plannerrecurrenceschedule.md)|The schedule for recurrence. Clients define and edit recurrence by specifying the schedule. If **nextInSeriesTaskId** isn't assigned, clients may terminate the series by assigning `null` to this property.|
+|seriesId|String|The recurrence series this task belongs to. A GUID-based value that serves as the unique identifier for a series.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource. For real-looking examples that include this resource, see [Configuring task recurrence in Planner](/graph/planner-task-recurrence-overview).
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.plannerTaskRecurrence"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.plannerTaskRecurrence",
+ "nextInSeriesTaskId": "String",
+ "occurrenceId": "Int32",
+ "previousInSeriesTaskId": "String",
+ "recurrenceStartDateTime": "String (timestamp)",
+ "schedule": { "@odata.type": "#microsoft.graph.plannerRecurrenceSchedule" },
+ "seriesId": "String"
+}
+```
v1.0 Quota https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/quota.md
-description: The quota resource provides details about space constrains on a drive resource.
+description: The quota resource provides details about space constraints on a drive resource.
Last updated 09/10/2017 Title: Quota ms.localizationpriority: medium
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-The **quota** resource provides details about space constrains on a [drive](drive.md) resource.
+The **quota** resource provides details about space constraints on a [drive](drive.md) resource. In OneDrive Personal, the values reflect the total/used unified storage quota across multiple Microsoft services.
## JSON representation
v1.0 Report https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/report.md
The following table shows the availability for each API across all cloud deploym
| [Admin Report Settings](/graph/api/resources/adminreportsettings?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö | | [Microsoft 365 activations](/graph/api/resources/office-365-activations-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ₧û | | [Microsoft 365 active users](/graph/api/resources/office-365-active-users-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ£ö | Γ₧û | Γ₧û |
-| [Microsoft 365 Apps usage](/graph/api/resources/microsoft-365-apps-usage-report?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ£ö | Γ₧û | Γ₧û |
+| [Microsoft 365 Apps usage](/graph/api/resources/microsoft-365-apps-usage-report?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ₧û |
| [Microsoft 365 browser usage](/graph/api/resources/microsoft-365-browser-usage-report?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | Γ₧û | | [Microsoft 365 groups activity](/graph/api/resources/office-365-groups-activity-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ£ö | Γ₧û | Γ₧û | | [Microsoft Teams device usage](/graph/api/resources/microsoft-teams-device-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ₧û | Γ₧û | Γ£ö |
v1.0 Security Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-api-overview.md
Alerts from the following security providers are available via this legacy **ale
| Security provider | <p align="center">GET alert</p>| <p align="center">PATCH alert</p>| <p align="center">Subscribe to alert</p>| |:|:|:--|:|
-|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) **** | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
+|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
|[Azure Security Center](/azure/security-center/security-center-alerts-type)| <p align="center">&#x2713;</p> | <p align="center">&#x2713;</p> | <p align="center">&#x2713;</p> | |Microsoft 365 <ul><li> [Default](/office365/securitycompliance/alert-policies#default-alert-policies)</li> <li>[Cloud App Security](/office365/securitycompliance/anomaly-detection-policies-in-ocas)</li><li>Custom Alert</li></ul> | <p align="center">&#x2713;</p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | | [Microsoft Defender for Cloud Apps](/cloud-app-security/monitor-alerts) (formerly Microsoft Cloud App Security) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
Alerts from the following security providers are available via this legacy **ale
\*\*\* Microsoft Defender for Identity alerts are available via the Microsoft Defender for Cloud Apps integration. This means you will get Microsoft Defender for Identity alerts only if you have joined Unified SecOps and connected Microsoft Defender for Identity into Microsoft Defender for Cloud Apps. Learn more about [how to integrate Microsoft Defender for Identity and Microsoft Defender for Cloud Apps](/azure-advanced-threat-protection/atp-mcas-integration).
-\*\*\*\* Azure AD Identity Protection alerts only include user object IDs. The **userPrincipalName** (UPN) property is not included in GET request responses. This issue does not impact any of the other providers. For details and a workaround, see [Known issues](/graph/known-issues#upn-missing-in-identity-protection-security-alerts).
- ## Attack simulation and training [Attack simulation and training](/microsoft-365/security/office-365-security/attack-simulation-training) is part of [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-worldwide&preserve-view=true). This service lets users in a tenant experience a realistic benign phishing attack and learn from it. Social engineering simulation and training experiences for end users help reduce the risk of users being breached via those attack techniques. The attack simulation and training API enables tenant administrators to view launched [simulation](simulation.md) exercises and trainings, and get [reports](report-m365defender-reports-overview.md) on derived insights into online behaviors of users in the phishing simulations.
TheΓÇ» [incident](security-incident.md) resource and its APIs allow you to sort
[Microsoft Secure Score](https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Office-365-Secure-Score-is-now-Microsoft-Secure-Score/ba-p/182358) is a security analytics solution that gives you visibility into your security portfolio and how to improve it. With a single score, you can better understand what you have done to reduce your risk in Microsoft solutions. You can also compare your score with other organizations and see how your score has been trending over time. The [secureScore](securescores.md) and [secureScoreControlProfile](securescorecontrolprofiles.md) entities help you balance your organization's security and productivity needs while enabling the appropriate mix of security features. You can also project what your score would be after you adopt security features.
+## Threat intelligence (preview)
+
+Microsoft Defender Threat Intelligence delivers world-class threat intelligence to help protect your organization from modern cyber threats. You can use Threat Intelligence to identify adversaries and their operations, accelerate detection and remediation, and enhance your security investments and workflows.
+
+The threat intelligence APIs (preview) allow you to operationalize intelligence found within the user interface. This includes finished intelligence in the forms of articles and intel profiles, machine intelligence including IoCs and reputation verdicts, and finally, enrichment data including passive DNS, cookies, components, and trackers.
+ ## Threat intelligence indicators (preview) Threat indicators, also referred to as indicators of compromise (IoCs), represent data about known threats, such as malicious files, URLs, domains, and IP addresses. Customers can generate indicators through internal threat intelligence gathering or acquire indicators from threat intelligence communities, licensed feeds, and other sources. These indicators are then used in various security tools to defend against related threats.
Support in other Microsoft security services will be available soon.
The Microsoft Graph threat submission API helps organizations to submit a threat received by any user in a tenant. This empowers customers to report spam or suspicious emails, phishing URLs, or malware attachments they receive to Microsoft. Microsoft checks the submission against the organizational policies in effect and sends it to human graders for analysis. The result then helps tenant administrators understand the threat scanning verdict and adjust their organizational policy. Admins can also use the results to report legitimate emails to prevent them from getting blocked.
-> **Note: ** We recommend that you use this API instead of the deprecated Information Protection threat assessment API. The threat submission API provides unified security threat submission functionality and adds unified result support, user submission query support, tenant allow block list support, admin review support and app-only mode support.
+> **Note:** We recommend that you use this API instead of the deprecated Information Protection threat assessment API. The threat submission API provides unified security threat submission functionality and adds unified result support, user submission query support, tenant allow block list support, admin review support and app-only mode support.
## Common use cases
v1.0 Security Article https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-article.md
+
+ Title: "article resource type"
+description: "Articles are narratives by Microsoft that provide insight into threat actors, tooling, attacks, and vulnerabilities."
+
+ms.localizationpriority: medium
++
+# article resource type
+
+Namespace: microsoft.graph.security
++
+Represents an article, which is a narrative that provides insight into threat actors, tooling, attacks, and vulnerabilities. Articles are not blog posts about threat intelligence; while they summarize different threats, they also link to actionable content and key indicators of compromise to help users take action.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List articles](../api/security-article-list.md)|[article](../resources/security-article.md) collection|Get a list of the [microsoft.graph.security.article](../resources/security-article.md) objects and their properties.|
+|[Get article](../api/security-article-get.md)|[article](../resources/security-article.md)|Read the properties and relationships of a [microsoft.graph.security.article](../resources/security-article.md) object.|
+|[List indicators](../api/security-article-list-indicators.md)|[articleIndicator](../resources/security-articleindicator.md) collection|Get the articleIndicator resources from the indicators navigation property.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|body|[microsoft.graph.security.formattedContent](../resources/security-formattedcontent.md)|Formatted article contents.|
+|createdDateTime|DateTimeOffset|The date and time when this **article** was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|isFeatured|Boolean|Indicates whether this **article** is currently featured by Microsoft.|
+|id|String|The system-generated ID for this **article**.|
+|imageUrl|String|URL of the header image for this **article**, used for display purposes.|
+|lastUpdatedDateTime|DateTimeOffset|The most recent date and time when this **article** was updated. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|summary|[microsoft.graph.security.formattedContent](../resources/security-formattedcontent.md)|A quick summary of this **article**.|
+|tags|String collection|Tags for this **article**, communicating keywords, or key concepts.|
+|title|String|The title of this **article**.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|indicators|[microsoft.graph.security.articleIndicator](../resources/security-articleindicator.md) collection|Indicators related to this **article**.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.article",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.article",
+ "body": {
+ "@odata.type": "microsoft.graph.security.formattedContent"
+ },
+ "createdDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "imageUrl": "String",
+ "isFeatured": "Boolean",
+ "lastUpdatedDateTime": "String (timestamp)",
+ "summary": {
+ "@odata.type": "microsoft.graph.security.formattedContent"
+ },
+ "tags": [
+ "String"
+ ],
+ "title": "String"
+}
+```
v1.0 Security Articleindicator https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-articleindicator.md
+
+ Title: "articleIndicator resource type"
+description: "Represents a resource that communicates indicators of threat or compromise related to the contents of an article."
+
+ms.localizationpriority: medium
++
+# articleIndicator resource type
+
+Namespace: microsoft.graph.security
++
+Represents a resource that communicates indicators of threat or compromise related to the contents of an [article](../resources/security-article.md).
+
+The relationship from an **articleIndicator** to an [artifact](../resources/security-artifact.md) provides the means for threat intelligence API users to further evaluate details about reported indicator.
+
+Inherits from [indicator](../resources/security-indicator.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get articleIndicator](../api/security-articleindicator-get.md)|[microsoft.graph.security.articleIndicator](../resources/security-articleindicator.md)|Read the properties and relationships of a [articleIndicator](../resources/security-articleindicator.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|The system-generated ID for the **articleIndicator**. Inherited from [microsoft.graph.security.indicator](../resources/security-indicator.md).|
+|source|microsoft.graph.security.indicatorSource|Communicates where this **articleIndicator** originated. The possible values are: `microsoftDefenderThreatIntelligence`, `openSourceIntelligence`, `public`, `unknownFutureValue`. Inherited from [microsoft.graph.security.indicator](../resources/security-indicator.md).|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|artifact|[microsoft.graph.security.artifact](../resources/security-artifact.md)|The [artifact](../resources/security-artifact.md) that is reported in this **articleIndicator**. Inherited from [microsoft.graph.security.indicator](../resources/security-indicator.md). |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.articleIndicator",
+ "baseType": "microsoft.graph.security.indicator",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.articleIndicator",
+ "id": "String (identifier)",
+ "source": "String"
+}
+```
v1.0 Security Artifact https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-artifact.md
+
+ Title: "artifact resource type"
+description: "Represents an abstract entity found online by Microsoft security services."
+
+ms.localizationpriority: medium
++
+# artifact resource type
+
+Namespace: microsoft.graph.security
++
+Represents an abstract entity found online by Microsoft security services.
+
+Current types of artifacts include:
+
+* [host](../resources/security-host.md)
+ * [hostname](../resources/security-hostname.md)
+ * [ipAddresss](../resources/security-ipaddress.md)
+* [hostComponent](../resources/security-hostcomponent.md)
+* [hostCookie](../resources/security-hostcookie.md)
+* [hostTracker](../resources/security-hosttracker.md)
+* [passiveDnsRecord](../resources/security-passivednsrecord.md)
+* [unclassifiedArtifact](../resources/security-unclassifiedartifact.md)
+
+Instances of **artifact** identified in the following Microsoft Security API groups should handle the possible implementations. Microsoft Security APIs that currently support the **artifact** type:
+
+* [Threat intelligence](../resources/security-threatintelligence.md)
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|Unique identifier for the **artifact**.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.artifact",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.artifact",
+ "id": "String (identifier)"
+}
+```
v1.0 Security Autonomoussystem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-autonomoussystem.md
+
+ Title: "autonomousSystem resource type"
+description: "Represents data assigned in an autonomous system."
+
+ms.localizationpriority: medium
++
+# autonomousSystem resource type
+
+Namespace: microsoft.graph.security
++
+Represents data assigned in an autonomous system.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|name|String|The name of the autonomous system.|
+|number|Int32|The autonomous system number, assigned by IANA.|
+|organization|String|The name of the autonomous system organization. |
+|value|String|A displayable value for these autonomous system details.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.autonomousSystem"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.autonomousSystem",
+ "name": "String",
+ "number": "Int32",
+ "organization": "String",
+ "value": "String"
+}
+```
v1.0 Security Cvsssummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-cvsssummary.md
+
+ Title: "cvssSummary resource type"
+description: "Represents a common vulnerability scoring system (CVSS) evaluation of a vulnerability."
+
+ms.localizationpriority: medium
++
+# cvssSummary resource type
+
+Namespace: microsoft.graph.security
++
+Represents a common vulnerability scoring system (CVSS) evaluation of a vulnerability.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|score|Edm.Double|The CVSS score about this vulnerability.|
+|severity|microsoft.graph.security.vulnerabilitySeverity|The CVSS severity rating for this vulnerability. The possible values are: `none`, `low`, `medium`, `high`, `critical`, `unknownFutureValue`.|
+|vectorString|String|The CVSS vector string for this vulnerability.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.cvssSummary"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.cvssSummary",
+ "score": "Double",
+ "severity": "String",
+ "vectorString": "String"
+}
+```
v1.0 Security Ediscoveryexportfilemetadata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-ediscoveryexportfilemetadata.md
+
+ Title: "ediscoveryExportFileMetadata resource type"
+description: "Represents the file metadata for an export in eDiscovery."
+
+ms.localizationpriority: medium
++
+# ediscoveryExportFileMetadata resource type
+
+Namespace: microsoft.graph.security
++
+Represents the file metadata for an export in eDiscovery.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|downloadUrl| String |The URL to download the export. |
+|fileName | String | The name of the file. |
+|size| Int64 | The size of the file. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.ediscoveryExportFileMetadata",
+ "openType": false
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.ediscoveryExportFileMetadata",
+ "downloadUrl": "String",
+ "fileName": "String",
+ "size": "Int64"
+}
+```
v1.0 Security Ediscoveryexportoperation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-ediscoveryexportoperation.md
Inherits from [caseOperation](../resources/security-caseoperation.md).
## Methods |Method|Return type|Description| |:|:|:|
-|[getDownloadUrl](../api/security-ediscoveryexportoperation-getdownloadurl.md)|String| Returns the URL for the export.|
+|[getDownloadUrl](../api/security-ediscoveryexportoperation-getdownloadurl.md) (deprecated) |String| Return the URL for the export. The **getDownloadUrl** function is deprecated and will stop returning data on April 30th, 2023. Please use the new **exportFileMetadata** property returned by the [Get caseOperation](../api/security-caseoperation-get.md) API instead.|
## Properties |Property|Type|Description| |:|:|:| |action|[microsoft.graph.security.caseAction](../resources/security-caseoperation.md#caseaction-values)| The type of action the operation represents. Possible values are: `addToReviewSet`,`applyTags`,`contentExport`,`convertToPdf`,`estimateStatistics`, `purgeData`|
-|azureBlobContainer|String| The name of the Azure storage location where the export will be stored. This only applies to exports stored in your own Azure storage location. |
-|azureBlobToken|String| The SAS token for the Azure storage location. This only applies to exports stored in your own Azure storage location. |
|completedDateTime|DateTimeOffset| The date and time the export was completed.| |createdBy|[identitySet](../resources/identityset.md)| The user who initiated the export operation.| |createdDateTime|DateTimeOffset| The date and time the export was created.| |description|String| The description provided for the export.|
-|exportOptions|microsoft.graph.security.exportOptions| The options provided for the export. For more details, see [reviewSet: export](../api/security-ediscoveryreviewset-export.md). Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`.|
+|exportFileMetaData | [microsoft.graph.security.ediscoveryExportFileMetadata](../resources/security-ediscoveryexportfilemetadata.md)| Contains the properties for an export file metadata, including **downloadUrl**, **fileName**, and **size**. If you export to an Azure storage location, this property returns empty. |
+|exportOptions|microsoft.graph.security.exportOptions| The options provided for the export. For more details, see [reviewSet: export](../api/security-ediscoveryreviewset-export.md). Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included. |
|exportStructure|microsoft.graph.security.exportFileStructure|The options provided that specify the structure of the export. For more details, see [reviewSet: export](../api/security-ediscoveryreviewset-export.md). Possible values are: `none`, `directory`, `pst`.| |id|String| The ID for the operation. Read-only. | |outputName|String| The name provided for the export.| |percentProgress|Int32| The progress of the operation.| |resultInfo|[resultInfo](../resources/resultinfo.md)|Contains success and failure-specific result information. Inherited from [caseOperation](../resources/ediscovery-caseoperation.md).| |status|[microsoft.graph.security.caseOperationStatus](../resources/security-caseoperation.md#caseoperationstatus-values)| The status of the case operation. Possible values are: `notStarted`, `submissionFailed`, `running`, `succeeded`, `partiallySucceeded`, `failed`.|
+|azureBlobContainer (deprecated)|String| The name of the Azure storage location where the export is stored. This only applies to exports stored in your own Azure storage location. The **azureBlobContainer** property is deprecated and will stop returning data on April 30th, 2023. |
+|azureBlobToken (deprecated)|String| The SAS token for the Azure storage location. This only applies to exports stored in your own Azure storage location. The **azureBlobToken** property is deprecated and will stop returning data on April 30th, 2023. |
+|outputFolderId (deprecated) | String | The output folder ID. The **outputFolderId** property is deprecated and will stop returning data on April 30th, 2023.
### exportOptions values
Inherits from [caseOperation](../resources/security-caseoperation.md).
|originalFiles|Include original files in native format. For example: docx, xlsx, pptx, doc, xlst, pptm, etc.| |text|Include extracted text from the original files.| |pdfReplacement|Replace original file with PDF version when available.|
-|fileInfo|Include metadata of original files in a load file.|
|tags|Include tag information in fileInfo.|
+|fileInfo (deprecated) |Include metadata of original files in a load file. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included. |
### exportFileStructure values
Inherits from [caseOperation](../resources/security-caseoperation.md).
|reviewSet|[microsoft.graph.security.ediscoveryReviewSet](../resources/security-ediscoveryreviewset.md)| Review set from where documents are exported.| |reviewSetQuery|[microsoft.graph.security.ediscoveryReviewSetQuery](../resources/security-ediscoveryreviewsetquery.md)|The review set query which is used to filter the documents for export.| + ## JSON representation The following is a JSON representation of the resource. <!-- {
The following is a JSON representation of the resource.
"openType": false } -->+ ``` json { "@odata.type": "#microsoft.graph.security.ediscoveryExportOperation",
- "id": "String (identifier)",
- "createdDateTime": "String (timestamp)",
- "completedDateTime": "String (timestamp)",
"action": "String",
+ "azureBlobContainer": "String",
+ "azureBlobToken": "String",
+ "completedDateTime": "String (timestamp)",
"createdBy": { "@odata.type": "microsoft.graph.identitySet" },
- "percentProgress": "Integer",
- "status": "String",
+ "createdDateTime": "String (timestamp)",
+ "description": "String",
+ "exportFileMetadata": {
+ "@odata.type": "microsoft.graph.security.ediscoveryExportFileMetadata"
+ },
+ "exportOptions": "String",
+ "exportStructure": "String",
+ "id": "String (identifier)",
+ "outputFolderId": "String",
+ "outputName": "String",
+ "percentProgress": "Int32",
"resultInfo": { "@odata.type": "microsoft.graph.resultInfo" },
- "outputName": "String",
- "description": "String",
- "outputFolderId": "String",
- "azureBlobContainer": "String",
- "azureBlobToken": "String",
- "exportOptions": "String",
- "exportStructure": "String"
+ "status": "String"
} ```-
v1.0 Security Formattedcontent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-formattedcontent.md
+
+ Title: "formattedContent resource type"
+description: "Represents formatted data content, and indicates both the content and format of that data."
+
+ms.localizationpriority: medium
++
+# formattedContent resource type
+
+Namespace: microsoft.graph.security
++
+Represents formatted data content, and indicates both the content and format of that data. This resource doesn't represent large binary contents.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|content|String|The content of this **formattedContent**. |
+|format|microsoft.graph.security.contentFormat|The format of the content. The possible values are: `text`, `html`, `markdown`, `unknownFutureValue`.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.formattedContent"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.formattedContent",
+ "content": "String",
+ "format": "String"
+}
+```
v1.0 Security Host https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-host.md
+
+ Title: "host resource type"
+description: "Represents a hostname or IP address that is currently or was previously available on the Internet and Microsoft Defender Threat Intelligence has detected."
+
+ms.localizationpriority: medium
++
+# host resource type
+
+Namespace: microsoft.graph.security
++
+Represents a [hostname](../resources/security-hostname.md) or [IP address](../resources/security-ipaddress.md) that is currently or was previously available on the Internet and Microsoft Defender Threat Intelligence has detected.
+
+This is an abstract type. Implementations of this type include:
+
+* [hostname](../resources/security-hostname.md)
+* [ipAddress](../resources/security-ipaddress.md)
+
+Inherits from [artifact](../resources/security-artifact.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get host](../api/security-host-get.md)|[microsoft.graph.security.host](../resources/security-host.md)|Read the properties and relationships of a [microsoft.graph.security.host](../resources/security-host.md) object.|
+|[List components](../api/security-host-list-components.md)|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) collection|Get a list of **hostComponent** resources.|
+|[List cookies](../api/security-host-list-cookies.md)|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) collection|Get a list of **hostCookie** resources.|
+|[List passiveDns](../api/security-host-list-passivedns.md)|[microsoft.graph.security.passivednsrecord](../resources/security-passivednsrecord.md) collection|Get a list of **passiveDnsRecord** resources.|
+|[List passiveDnsReverse](../api/security-host-list-passivednsreverse.md)|[microsoft.graph.security.passivednsrecord](../resources/security-passivednsrecord.md) collection|Get a list of **passiveDnsRecord** resources.|
+|[Get reputation](../api/security-host-get-reputation.md)|[microsoft.graph.security.hostReputation](../resources/security-hostreputation.md) |Get the properties and relationships of a **hostReputation** object.|
+|[List trackers](../api/security-host-list-trackers.md)|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) collection|Get a list of **hostTracker** resources.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|firstSeenDateTime|DateTimeOffset|The first date and time when this host was observed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|id|String| Unique identifier for the host. Read-only. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|lastSeenDateTime|DateTimeOffset|The most recent date and time when this host was observed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|components|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) collection|The **hostComponents** that are associated with this host.|
+|cookies|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) collection|The **hostCookies** that are associated with this host.|
+|passiveDns|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Passive DNS retrieval about this host.|
+|passiveDnsReverse|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection| Reverse passive DNS retrieval about this host.|
+|reputation|[microsoft.graph.security.hostReputation](../resources/security-hostreputation.md)|Represents a calculated reputation of this host.|
+|trackers|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) collection|The **hostTrackers** that are associated with this host.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.host",
+ "baseType": "microsoft.graph.security.artifact",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.host",
+ "firstSeenDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastSeenDateTime": "String (timestamp)"
+}
+```
v1.0 Security Hostcomponent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-hostcomponent.md
+
+ Title: "hostComponent resource type"
+description: "Represents a web component that provides details about a web page or server infrastructure gleaned from a web crawl or scan."
+
+ms.localizationpriority: medium
++
+# hostComponent resource type
+
+Namespace: microsoft.graph.security
++
+Represents a web component that provides details about a web page or server infrastructure gleaned from a web crawl or scan. This information can be used to detect bad actors or sites that are compromised. It can also help users understand whether a site is vulnerable to a specific attack or compromise.
+
+A host component is associated with a [host](../resources/security-host.md) resource.
+
+Inherits from [artifact](../resources/security-artifact.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get hostComponent](../api/security-hostcomponent-get.md)|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md)|Read the properties and relationships of a [microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|category|String| The type of component that was detected (for example, `Operating System`, `Framework`, `Remote Access`, or `Server`).|
+|firstSeenDateTime|DateTimeOffset|The first date and time when this web component was observed by Microsoft Defender Threat Intelligence. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|id|String|A system-generated ID for this **hostComponent**. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|lastSeenDateTime|DateTimeOffset|The most recent date and time when this web component was observed by Microsoft Defender Threat Intelligence. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|name|String|A name running on the artifact, for example, `Microsoft IIS`.|
+|version|String|The component version running on the artifact, for example, `v8.5`. This should not be assumed to be strictly numerical.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|host|[microsoft.graph.security.host](../resources/security-host.md)|The **host** related to this component. This is a reverse navigation property. When navigating to components from a **host**, this should be assumed to be a return reference.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.hostComponent",
+ "baseType": "microsoft.graph.security.artifact",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.hostComponent",
+ "category": "String",
+ "firstSeenDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastSeenDateTime": "String (timestamp)",
+ "name": "String",
+ "version": "String"
+}
+```
v1.0 Security Hostcookie https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-hostcookie.md
+
+ Title: "hostCookie resource type"
+description: "Cookies are small pieces of data sent from a server to a client as the user browses the internet."
+
+ms.localizationpriority: medium
++
+# hostCookie resource type
+
+Namespace: microsoft.graph.security
++
+Represents a cookie, which is a small piece of data sent from a server to a client as the user browses the internet. These values sometimes contain a state for the application or little bits of tracking data. When Microsoft Defender Threat Intelligence crawls a website, it indexes cookie names so users can search them. Cookies are also used by malicious actors to keep track of infected victims or to store data to be used later.
+
+The **hostCookie** is associated with a [host](../resources/security-host.md) resource.
+
+Inherits from [artifact](../resources/security-artifact.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get hostCookie](../api/security-hostcookie-get.md)|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md)|Read the properties and relationships of a [microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|domain|String|The URI for which the cookie is valid.|
+|firstSeenDateTime|DateTimeOffset|The first date and time when this **hostCookie** was observed by Microsoft Defender Threat Intelligence. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|id|String|A system-generated ID for this **hostCookie**. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|lastSeenDateTime|DateTimeOffset|The most recent date and time when this **hostCookie** was observed by Microsoft Defender Threat Intelligence. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|name|String|The name of the cookie, for example, `JSESSIONID` or `SEARCH_NAMESITE`.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|host|[microsoft.graph.security.host](../resources/security-host.md)|Indicates that a cookie of this name and domain was found related to this host.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.hostCookie",
+ "baseType": "microsoft.graph.security.artifact",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.hostCookie",
+ "domain": "String",
+ "firstSeenDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastSeenDateTime": "String (timestamp)",
+ "name": "String"
+}
+```
v1.0 Security Hostname https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-hostname.md
+
+ Title: "hostname resource type"
+description: "Represents a named host that is (or has been) addressable over the internet"
+
+ms.localizationpriority: medium
++
+# hostname resource type
+
+Namespace: microsoft.graph.security
++
+Represents a named host that is (or has been) addressable over the internet. This entity acts as a grouping mechanism for related details about the host, such as the reputation, any related trackers or cookies, and so on.
+
+You cannot retrieve this type directly. To access it, retrieve the [host](../resources/security-host.md) resource.
+
+Inherits from [host](../resources/security-host.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List components](../api/security-host-list-components.md)|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) collection|Get a list of **hostComponent** resources.|
+|[List cookies](../api/security-host-list-cookies.md)|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) collection|Get a list of **hostCookie** resources.|
+|[List passiveDns](../api/security-host-list-passivedns.md)|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Get a list of **passiveDnsRecord** resources.|
+|[List passiveDnsReverse](../api/security-host-list-passivednsreverse.md)|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Get a list of **passiveDnsRecord** resources.|
+|[Get reputation](../api/security-host-get-reputation.md)|[microsoft.graph.security.hostReputation](../resources/security-hostreputation.md) |Get the properties and relationships of a **hostReputation** object.|
+|[List trackers](../api/security-host-list-trackers.md)|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) collection|Get a list of **hostTracker** resources.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|firstSeenDateTime|DateTimeOffset|The first date and time that this [host](../resources/security-host.md) was observed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|id|String| Unique identifier for the **hostname**. Read-only. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|lastSeenDateTime|DateTimeOffset|The most recent date and time that this [host](../resources/security-host.md) was observed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|registrant|String|The company or individual who registered this hostname, from WHOIS data.|
+|registrar|String|The registrar for this hostname, from WHOIS data. |
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|components|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) collection|The **hostComponents** that are associated with this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|cookies|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) collection|The **hostCookies** that are associated with this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|passiveDns|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Passive DNS retrieval about this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|passiveDnsReverse|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection| Reverse passive DNS retrieval about this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|reputation|[microsoft.graph.security.hostReputation](../resources/security-hostreputation.md)|Represents a calculated reputation of this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|trackers|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) collection|The **hostTrackers** that are associated with this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.hostname",
+ "baseType": "microsoft.graph.security.host",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.hostname",
+ "firstSeenDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastSeenDateTime": "String (timestamp)",
+ "registrar": "String",
+ "registrant": "String"
+}
+```
+
v1.0 Security Hostreputation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-hostreputation.md
+
+ Title: "hostReputation resource type"
+description: "Represents the reputation of a host based on a series of rules."
+
+ms.localizationpriority: medium
++
+# hostReputation resource type
+
+Namespace: microsoft.graph.security
++
+Represents the reputation of a host based on a series of rules. This score helps users quickly understand any detected ties to malicious or suspicious infrastructure when validating the reputation of a known or unknown entity. The platform provides quick information about the activity of these entities (such as first and last seen timestamps or [autonomous system](../resources/security-autonomoussystem.md) details) and a list of rules that affect the reputation score when applicable.
+
+Reputation data is important to understanding the trustworthiness of an attack surface and is also useful when assessing unknown [hostnames](../resources/security-hostname.md) or [IP addresses](../resources/security-ipaddress.md) that appear in investigations. These scores uncover any prior malicious or suspicious activity that affected the entity, or other known indicators of compromise to consider.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get hostReputation](../api/security-host-get-reputation.md)|[microsoft.graph.security.hostReputation](../resources/security-hostreputation.md)|Read the properties and relationships of a [microsoft.graph.security.hostReputation](../resources/security-hostreputation.md) object, for a given [microsoft.graph.security.host](../resources/security-host.md).|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|classification|microsoft.graph.security.hostReputationClassification|The calculated reputation of the host. The possible values are: `unknown`, `neutral`, `suspicious`, `malicious`, `unknownFutureValue`.|
+|id|String|A system-generated ID for this **hostReputation**.|
+|rules|[microsoft.graph.security.hostReputationRule](../resources/security-hostreputationrule.md) collection|A collection of rules that have been used to calculate the classification and score.|
+|score|Int32|The calculated score (0-100) of the requested host. A higher value indicates that this [host](../resources/security-host.md) is more likely to be suspicious or malicious.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.hostReputation",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.hostReputation",
+ "classification": "String",
+ "id": "String (identifier)",
+ "rules": [
+ {
+ "@odata.type": "microsoft.graph.security.hostReputationRule"
+ }
+ ],
+ "score": "Int32"
+}
+```
v1.0 Security Hostreputationrule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-hostreputationrule.md
+
+ Title: "hostReputationRule resource type"
+description: "Represents a rule that is used (in combination with other rules) to determine the reputation of a hostname or IP address."
+
+ms.localizationpriority: medium
++
+# hostReputationRule resource type
+
+Namespace: microsoft.graph.security
++
+Represents a rule that is used (in combination with other rules) to determine the reputation of a [hostname](../resources/security-hostname.md) or [IP address](../resources/security-ipaddress.md). Each **hostReputationRule** only applies within the parent [hostReputation](../resources/security-hostreputation.md).
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|description|String|The description of the rule that gives more context.|
+|relatedDetailsUrl|String| Link to a web page with details related to this rule.|
+|name|String|The name of the rule.|
+|severity|microsoft.graph.security.hostReputationRuleSeverity|Indicates the severity that this rule has against the reputation score. The possible values are: `unknown`, `low`, `medium`, `high`, `unknownFutureValue`.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.hostReputationRule"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.hostReputationRule",
+ "description": "String",
+ "name": "String",
+ "relatedDetailsUrl": "String",
+ "severity": "String"
+}
+```
v1.0 Security Hosttracker https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-hosttracker.md
+
+ Title: "hostTracker resource type"
+description: "Represents a unique code or value found within web pages and often used to track user interaction."
+
+ms.localizationpriority: medium
++
+# hostTracker resource type
+
+Namespace: microsoft.graph.security
++
+Represents a unique code or value found within web pages and often used to track user interaction. These codes can be used to correlate a disparate group of websites to a central entity. Often, actors copy the source code of a victimΓÇÖs website they want to impersonate for a phishing campaign. Seldomly, actors take the time to remove these IDs. Actors might also deploy tracker IDs to see how successful their cyberattack campaigns are. This is similar to marketers using SEO IDs, such as a Google Analytics Tracker ID, to track the success of their marketing campaign.
+
+The **hostTracker** is associated with a [host](../resources/security-host.md) resource.
+
+Inherits from [artifact](../resources/security-artifact.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get hostTracker](../api/security-hosttracker-get.md)|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md)|Read the properties and relationships of a [microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|firstSeenDateTime|DateTimeOffset|The first date and time when this **hostTracker** was observed by Microsoft Defender Threat Intelligence. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|id|String| A system-generated ID for this **hostTracker**. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|kind|String|The kind of **hostTracker** that was detected. For example, `GoogleAnalyticsID` or `JarmHash`.|
+|lastSeenDateTime|DateTimeOffset|The most recent date and time when this **hostTracker** was observed by Microsoft Defender Threat Intelligence. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|value|String|The identification value for the **hostTracker**.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|host|[microsoft.graph.security.host](../resources/security-host.md)|The [host](../resources/security-host.md) related to this **hostTracker**. When navigating to a **hostTracker** from a [host](../resources/security-host.md), this should be assumed to be a return reference.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.hostTracker",
+ "baseType": "microsoft.graph.security.artifact",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.hostTracker",
+ "firstSeenDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "kind": "String",
+ "lastSeenDateTime": "String (timestamp)",
+ "value": "String"
+}
+```
v1.0 Security Hyperlink https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-hyperlink.md
+
+ Title: "hyperlink resource type"
+description: "Represents the data used to create a hyperlink."
+
+ms.localizationpriority: medium
++
+# hyperlink resource type
+
+Namespace: microsoft.graph.security
++
+Represents the data used to create a hyperlink.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|name|String| The name for this **hyperlink**.|
+|url|String|The URL for this **hyperlink**.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.hyperlink"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.hyperlink",
+ "name": "String",
+ "url": "String"
+}
+```
v1.0 Security Indicator https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-indicator.md
+
+ Title: "indicator resource type"
+description: "An abstract type that represents an indicator of compromise or increased risk."
+
+ms.localizationpriority: medium
++
+# indicator resource type
+
+Namespace: microsoft.graph.security
++
+An abstract type that represents an indicator of compromise or increased risk. Indicators communicate artifacts that indicate that an asset was affected by or related to an attack vector or malicious actor.
+
+This resource is not directly addressable. You can interact with this resource through one of the following subtypes:
+
+* [articleIndicator](../resources/security-articleindicator.md)
+* [intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md)
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|The system-generated ID for the **indicator**.|
+|source|microsoft.graph.security.indicatorSource|The source that provides this **indicator**. The possible values are: `microsoftDefenderThreatIntelligence`, `openSourceIntelligence`, `public`, `unknownFutureValue`.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|artifact|[microsoft.graph.security.artifact](../resources/security-artifact.md)|The artifact related to this **indicator**.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.indicator",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.indicator",
+ "id": "String (identifier)",
+ "source": "String"
+}
+```
v1.0 Security Intelligenceprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-intelligenceprofile.md
+
+ Title: "intelligenceProfile resource type"
+description: "Provides up-to-date threat actor infrastructure visibility."
+
+ms.localizationpriority: medium
++
+# intelligenceProfile resource type
+
+Namespace: microsoft.graph.security
++
+The Microsoft Defender Threat Intelligence Profiles (Intel Profile) API provides the most up-to-date threat actor infrastructure visibility in the industry today, enabling threat intelligence and security operations (SecOps) teams to streamline their advanced threat hunting and analysis workflows. These teams have historically struggled to obtain visibility into the full extent of nation state and cybercriminal adversary infrastructures, creating blind spots in detection and response automation, hunting, and analytics. Sophisticated security professionals can use Microsoft Intelligence Profile APIs, along with the [indicators](../resources/security-intelligenceprofileindicator.md) and other associated markers, to automate defense of their organizations and track potentially malicious activity targeting their organization or industry. Users of the Microsoft Defender Threat Intelligence Profiles APIs have access to detailed threat actor intel profiles, including background information and interpretation guidance.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List intelligenceProfiles](../api/security-intelligenceprofile-list.md)|[microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md) collection|Get a list of the [microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md) objects and their properties.|
+|[Get intelligenceProfile](../api/security-intelligenceprofile-get.md)|[microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md)|Read the properties and relationships of a [microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md) object.|
+|[List indicators](../api/security-intelligenceprofile-list-indicators.md)|[microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) collection|Get a list of **intelligenceProfileIndicator** resources.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|aliases|String collection|A list of commonly-known aliases for the threat intelligence included in the **intelligenceProfile**.|
+|description|[microsoft.graph.security.formattedContent](../resources/security-formattedcontent.md)|A synopsis of the threat actor. This property places the threat actor in wider context, tracing its discovery, history, significant campaigns, targeting, techniques of note, affiliations with governments, law enforcement countermeasures, and any areas of dispute among the security community regarding attribution.|
+|firstActiveDateTime|DateTimeOffset|The date and time when this **intelligenceProfile** was first active. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|id|String|The system generated ID for this **intelligenceProfile**.|
+|kind|microsoft.graph.security.intelligenceProfileKind|A categorization of the type of this **intelligenceProfile**. The possible values are: `actor`, `tool`, `unknownFutureValue`.|
+|sponsorStates|[microsoft.graph.security.intelligenceProfileSponsorState](../resources/security-intelligenceprofilesponsorstate.md) collection|Known states (such as a country or government) who have sponsored threat actors associated with this **intelligenceProfile**. This is also known as the country/region of origin for the given actor or threat.|
+|summary|[microsoft.graph.security.formattedContent](../resources/security-formattedcontent.md)|A short summary of this **intelligenceProfile**.|
+|targets|String collection|Known targets related to this **intelligenceProfile**.|
+|title|String|The title of this **intelligenceProfile**.|
+|tradecraft|[microsoft.graph.security.formattedContent](../resources/security-formattedcontent.md)|Formatted information featuring a description of the distinctive tactics, techniques, and procedures (TTP) of the group, followed by a list of all known custom, commodity, and publicly available implants used by the group.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|indicators|[microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) collection|Includes an assemblage of high-fidelity network indicators of compromise.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.intelligenceProfile",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.intelligenceProfile",
+ "aliases": [
+ "String"
+ ],
+ "description": {
+ "@odata.type": "microsoft.graph.security.formattedContent"
+ },
+ "firstActiveDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "kind": "String",
+ "sponsorStates": [
+ {
+ "@odata.type": "microsoft.graph.security.intelligenceProfileSponsorState"
+ }
+ ],
+ "summary": {
+ "@odata.type": "microsoft.graph.security.formattedContent"
+ },
+ "targets": [
+ "String"
+ ],
+ "title": "String",
+ "tradecraft": {
+ "@odata.type": "microsoft.graph.security.formattedContent"
+ }
+}
+```
v1.0 Security Intelligenceprofileindicator https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-intelligenceprofileindicator.md
+
+ Title: "intelligenceProfileIndicator resource type"
+description: "Represents an indicator of threat or compromise related to the contents of an intelligenceProfile."
+
+ms.localizationpriority: medium
++
+# intelligenceProfileIndicator resource type
+
+Namespace: microsoft.graph.security
++
+Represents an indicator of threat or compromise related to the contents of an [intelligenceProfile](../resources/security-intelligenceprofile.md).
+
+The relationship from an **intelligenceProfileIndicator** to an [artifact](../resources/security-artifact.md) provides the means for threat intelligence API users to further evaluate details about reported indicator.
+
+Inherits from [microsoft.graph.security.indicator](../resources/security-indicator.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get intelligenceProfileIndicator](../api/security-intelligenceprofileindicator-get.md)|[microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md)|Read the properties and relationships of a [microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|firstSeenDateTime|DateTimeOffset| Designate when an artifact was first used actively in an attack, when a particular sample was compiled, or if neither of those could be ascertained when the file was first seen in public repositories (for example, VirusTotal, ANY.RUN, Hybrid Analysis) or reported publicly.|
+|id|String|A system generated ID for this **intelligenceProfileIndicator**. Inherited from [microsoft.graph.security.indicator](../resources/security-indicator.md).|
+|lastSeenDateTime|DateTimeOffset|Designate when an artifact was most recently used actively in an attack, when a particular sample was compiled, or if neither of those could be ascertained when the file was first seen in public repositories (for example, VirusTotal, ANY.RUN, Hybrid Analysis) or reported publicly.|
+|source|microsoft.graph.security.indicatorSource|Communicates the source of this **intelligenceProfileIndicator**. Inherited from [microsoft.graph.security.indicator](../resources/security-indicator.md). The possible values are: `microsoftDefenderThreatIntelligence`, `openSourceIntelligence`, `public`, `unknownFutureValue`.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|artifact|[microsoft.graph.security.artifact](../resources/security-artifact.md)|The [artifact](../resources/security-artifact.md) that is reported in this **intelligenceProfileIndicator**. Inherited from [microsoft.graph.security.indicator](../resources/security-indicator.md).|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.intelligenceProfileIndicator",
+ "baseType": "microsoft.graph.security.indicator",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.intelligenceProfileIndicator",
+ "firstSeenDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastSeenDateTime": "String (timestamp)",
+ "source": "String"
+}
+```
v1.0 Security Intelligenceprofilesponsorstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-intelligenceprofilesponsorstate.md
+
+ Title: "intelligenceProfileSponsorState resource type"
+description: "Represents a known state-sponsor of an actor related to a threat or vulnerability outlined in an intelligence profile."
+
+ms.localizationpriority: medium
++
+# intelligenceProfileSponsorState resource type
+
+Namespace: microsoft.graph.security
++
+Represents a known state-sponsor of an actor related to a threat or vulnerability outlined in an intelligence profile. This is also known as the country/region of origin for the given actor or threat.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|code|String|A codified representation for this sponsor state.|
+|label|String|A display label for this sponsor state.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.intelligenceProfileSponsorState"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.intelligenceProfileSponsorState",
+ "code": "String",
+ "label": "String"
+}
+```
v1.0 Security Ipaddress https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-ipaddress.md
+
+ Title: "ipAddress resource type"
+description: "Represents an IP address which is (or has been) addressable over the internet."
+
+ms.localizationpriority: medium
++
+# ipAddress resource type
+
+Namespace: microsoft.graph.security
++
+Represents an IP address which is (or has been) addressable over the internet. This resource acts as a grouping mechanism for related details about the hostname or IP address, such as the reputation, any related trackers or cookies, and so on.
+
+You cannot retrieve this type directly. To access it, retrieve the [host](../resources/security-host.md) resource.
+
+Inherits from [host](../resources/security-host.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List components](../api/security-host-list-components.md)|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) collection|Get a list of **hostComponent** resources.|
+|[List cookies](../api/security-host-list-cookies.md)|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) collection|Get a list of **hostCookie** resources.|
+|[List passiveDns](../api/security-host-list-passivedns.md)|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Get a list of **passiveDnsRecord** resources.|
+|[List passiveDnsReverse](../api/security-host-list-passivednsreverse.md)|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Get a list of **passiveDnsRecord** resources.|
+|[Get reputation](../api/security-host-get-reputation.md)|[microsoft.graph.security.hostReputation](../resources/security-hostreputation.md) |Get a list of **hostReputation** resources.|
+|[List trackers](../api/security-host-list-trackers.md)|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) collection|Get a list of **hostTracker** resources.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|autonomousSystem|[microsoft.graph.security.autonomousSystem](../resources/security-autonomoussystem.md)|The details about the autonomous system to which this IP address belongs.|
+|countryOrRegion|String|The country or region for this IP address.|
+|firstSeenDateTime|DateTimeOffset|The first date and time when this [host](../resources/security-host.md) was observed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|hostingProvider|String|The hosting company listed for this [host](../resources/security-host.md).|
+|id|String| The IP Address for this [host](../resources/security-host.md). Read-only. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|lastSeenDateTime|DateTimeOffset|The most recent date and time when this [host](../resources/security-host.md) was observed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|netblock|String|The block of IP addresses this IP address belongs to.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|components|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) collection|The **hostComponents** that are associated with this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|cookies|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) collection|The **hostCookies** that are associated with this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|passiveDns|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Passive DNS retrieval about this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|passiveDnsReverse|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection| Reverse passive DNS retrieval about this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|reputation|[microsoft.graph.security.hostReputation](../resources/security-hostreputation.md)|Represents a calculated reputation of this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+|trackers|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) collection|The **hostTrackers** that are associated with this host. Inherited from [microsoft.graph.security.host](../resources/security-host.md).|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.ipAddress",
+ "baseType": "microsoft.graph.security.host",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.ipAddress",
+ "autonomousSystem": {
+ "@odata.type": "microsoft.graph.security.autonomousSystem"
+ },
+ "countryOrRegion": "String",
+ "firstSeenDateTime": "String (timestamp)",
+ "hostingProvider": "String",
+ "id": "String (identifier)",
+ "lastSeenDateTime": "String (timestamp)",
+ "netblock": "String"
+}
+```
v1.0 Security Passivednsrecord https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-passivednsrecord.md
+
+ Title: "passiveDnsRecord resource type"
+description: "Represents a passive DNS record."
+
+ms.localizationpriority: medium
++
+# passiveDnsRecord resource type
+
+Namespace: microsoft.graph.security
++
+Represents a passive DNS record. Passive DNS is a system of record that stores DNS resolution data for a given location, record, and timeframe. This historical resolution data set allows users to view which domains resolved to an IP address and vice versa. This data set allows for time-based correlation based on domain or IP overlap. Passive DNS might enable the identification of previously unknown or newly created threat actor infrastructure.
+
+Inherits from [microsoft.graph.security.artifact](../resources/security-artifact.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get passiveDns](../api/security-passivednsrecord-get.md)|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md)|Read the properties and relationships of a [microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|collectedDateTime|DateTimeOffset|The date and time that this **passiveDnsRecord** entry was collected by Microsoft. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|firstSeenDateTime|DateTimeOffset|The date and time when this **passiveDnsRecord** entry was first seen. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|id|String|The unique identifier for this **passiveDnsRecord** entry. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|lastSeenDateTime|DateTimeOffset|The date and time when this **passiveDnsRecord** entry was most recently seen. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|recordType|String|The DNS record type for this **passiveDnsRecord** entry.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|artifact|[microsoft.graph.security.artifact](../resources/security-artifact.md)|The [artifact](../resources/security-artifact.md) related to this **passiveDnsRecord** entry.|
+|parentHost|[microsoft.graph.security.host](../resources/security-host.md)|The parent [host](../resources/security-host.md) related to this **passiveDnsRecord** entry. Generally, this is the value that you can search to discover this **passiveDnsRecord** value.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.passiveDnsRecord",
+ "baseType": "microsoft.graph.security.artifact",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.passiveDnsRecord",
+ "collectedDateTime": "String (timestamp)",
+ "firstSeenDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastSeenDateTime": "String (timestamp)",
+ "recordType": "String"
+}
+```
v1.0 Security Threatintelligence Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-threatintelligence-overview.md
+
+ Title: "Use the threat intelligence APIs in Microsoft Graph (preview)"
+description: "The threat intelligence APIs in Microsoft Graph lets apps manage administrator tasks for organizations."
+
+ms.localizationpriority: medium
++
+# Use the threat intelligence APIs in Microsoft Graph (preview)
++
+Microsoft Graph threat intelligence APIs deliver world-class threat intelligence to help protect your organization from modern cyber threats. Using threat intelligence APIs, you can identify adversaries and their operations, accelerate detection and remediation, and enhance your security investments and workflows.
+
+Threat intelligence APIs allow you to operationalize intelligence found within the UI. This includes finished intelligence in the forms of articles and intel profiles, machine intelligence including indicators of compromise (IoCs) and reputation verdicts, and finally, enrichment data including passive DNS, cookies, components, and trackers.
+
+## Authorization
+
+To call the threat intelligence APIs in Microsoft Graph, your app needs to acquire an access token. For details about access tokens, see [Get access tokens to call Microsoft Graph](/graph/auth/auth-concepts). Your app also needs the appropriate permissions. For more information, see [Threat intelligence permissions](/graph/permissions-reference#threat-intelligence-permissions).
+
+## Common use cases
+
+The following describes some common use cases for the threat intelligence APIs.
+
+| Use cases | REST resources | See also |
+|:-|:|:|
+| Read information about a host | [host](../resources/security-host.md) | [Methods of host](../resources/security-host.md#methods) |
+| Read articles about threat intelligence | [article](../resources/security-article.md) | [Methods of article](../resources/security-article.md#methods) |
+| Read intelligence profiles | [intelligenceProfile](../resources/security-intelligenceprofile.md) | [Methods of intelligenceProfile](../resources/security-intelligenceprofile.md#methods) |
+| Read details about a vulnerability | [vulnerability](../resources/security-vulnerability.md) | [Methods of vulnerability](../resources/security-vulnerability.md#methods) |
+
+## What's new
+
+Find out about the [latest new features and updates](/graph/whats-new-overview) for this API set.
+
+## Next steps
+
+The threat intelligence APIs in Microsoft Graph can help protect your organization from modern cyber threats. To learn more:
+
+- Drill down on the methods and properties of the resources most helpful to your scenario.
+- Try the API in the [Graph Explorer](https://developer.microsoft.com/graph/graph-explorer).
+
v1.0 Security Threatintelligence https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-threatintelligence.md
+
+ Title: "threatIntelligence resource type"
+description: "Provides APIs to retrieve threat intelligence information, such as about a host or an article on a threat."
+
+ms.localizationpriority: medium
++
+# threatIntelligence resource type
+
+Namespace: microsoft.graph.security
++
+Provides APIs to retrieve threat intelligence information, such as about a host or an article on a threat.
+
+The Microsoft Graph threat intelligence API delivers world-class threat intelligence to help protect your organization from modern cyber threats. Using threat intelligence APIs, you can identify adversaries and their operations, accelerate detection and remediation, and enhance your security investments and workflows.
+
+The threat intelligence API allows you to operationalize intelligence found within the user interface. This includes finished intelligence in the forms of articles and intel profiles, machine intelligence including indicators of compromise (IoCs) and reputation verdicts, and finally, enrichment data including passive DNS, cookies, components, and trackers.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List articles](../api/security-article-list.md)|[microsoft.graph.security.article](../resources/security-article.md) collection|Get a list of **article** objects, including their properties and relationships.|
+|[Get article](../api/security-article-get.md)|[microsoft.graph.security.article](../resources/security-article.md) |Read the properties and relationships of an **article** object.|
+|[Get articleIndicator](../api/security-articleindicator-get.md)|[microsoft.graph.security.articleIndicator](../resources/security-articleindicator.md) |Get the **articleIndicator** resources from the **articleIndicators** navigation property.|
+|[Get host](../api/security-host-get.md)|[microsoft.graph.security.host](../resources/security-host.md) |Get a list of **host** resources.|
+|[Get hostComponent](../api/security-hostcomponent-get.md)|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) |Get the properties and relationships of a **hostComponent** object.|
+|[Get hostCookie](../api/security-hostcookie-get.md)|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) |Get a list of **hostCookie** resources.|
+|[Get hostTracker](../api/security-hosttracker-get.md)|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) |Get a list of **hostTracker** resources.|
+|[Get intelProfileIndicators](../api/security-intelligenceprofileindicator-get.md)|[microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) collection|Get a list of **intelligenceProfileIndicator** resources.|
+|[List intelProfiles](../api/security-intelligenceprofile-list.md)|[microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md) collection|Get a list of **intelligenceProfile** resources.|
+|[Get hostTracker](../api/security-hosttracker-get.md)|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) |Get a list of **hostTracker** resources.|
+|[Get passiveDnsRecord](../api/security-passivednsrecord-get.md)|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) |Get the properties and relationships of a **hostTracker** object.|
+|[Get vulnerabilities](../api/security-vulnerability-get.md)|[microsoft.graph.security.vulnerability](../resources/security-vulnerability.md) |Get the properties and relationships of a **vulnerability** object.|
+
+## Properties
+
+None.
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|articles|[microsoft.graph.security.article](../resources/security-article.md) collection|A list of **article** objects.|
+|articleIndicators|[microsoft.graph.security.articleIndicator](../resources/security-articleindicator.md) collection|Refers to indicators of threat or compromise highlighted in an [microsoft.graph.security.article](../resources/security-article.md).<br/>**Note**: List retrieval is not yet supported.|
+|hosts|[microsoft.graph.security.host](../resources/security-host.md) collection|Refers to [microsoft.graph.security.host](../resources/security-host.md) objects that Microsoft Threat Intelligence has observed.<br/>**Note**: List retrieval is not yet supported.|
+|hostComponents|[microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) collection|Retrieve details about [microsoft.graph.security.hostComponent](../resources/security-hostcomponent.md) objects.<br/>**Note**: List retrieval is not yet supported.|
+|hostCookies|[microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) collection|Retrieve details about [microsoft.graph.security.hostCookie](../resources/security-hostcookie.md) objects.<br/>**Note**: List retrieval is not yet supported.|
+|hostTrackers|[microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) collection|Retrieve details about [microsoft.graph.security.hostTracker](../resources/security-hosttracker.md) objects.<br/>**Note**: List retrieval is not yet supported.|
+|intelProfiles|[microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md) collection|A list of **intelligenceProfile** objects.|
+|intelProfileIndicators|[microsoft.graph.security.intelligenceProfileIndicator](../resources/security-intelligenceprofileindicator.md) collection|Refers to indicators of threat or compromise highlighted in a [microsoft.graph.security.intelligenceProfile](../resources/security-intelligenceprofile.md).<br/>**Note**: List retrieval is not yet supported.|
+|passiveDnsRecords|[microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) collection|Retrieve details about [microsoft.graph.security.passiveDnsRecord](../resources/security-passivednsrecord.md) objects.<br/>**Note**: List retrieval is not yet supported.|
+|vulnerabilities|[microsoft.graph.security.vulnerability](../resources/security-vulnerability.md) collection|Retrieve details about [microsoft.graph.security.vulnerabilities](../resources/security-vulnerability.md).<br/>**Note**: List retrieval is not yet supported.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.threatIntelligence",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.threatIntelligence"
+}
+```
v1.0 Security Unclassifiedartifact https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-unclassifiedartifact.md
+
+ Title: "unclassifiedArtifact resource type"
+description: "Represents artifacts observed by Microsoft Security services that do not have a supporting API."
+
+ms.localizationpriority: medium
++
+# unclassifiedArtifact resource type
+
+Namespace: microsoft.graph.security
++
+Represents artifacts observed by Microsoft Security services that do not have a supporting API. While the threat intelligence APIs provide API support for many types of [artifacts](../resources/security-artifact.md), some data elements either are not yet supported or cannot be supported. The **unclassifiedArtifact** resource extends artifacts, communicating what information has been gathered to allow for information analysis. An API is not currently available to provide for further details.
+
+This resource is not an addressable. The data contained is meant to communicate available information where applicable.
+
+Inherits from [microsoft.graph.security.artifact](../resources/security-artifact.md).
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|The system-generated ID for this **unclassifiedArtifact**. Inherited from [microsoft.graph.security.artifact](../resources/security-artifact.md).|
+|kind|String|The kind for this **unclassifiedArtifact** resource, describing what this value means.|
+|value|String|The value for this **unclassifiedArtifact**.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.unclassifiedArtifact",
+ "baseType": "microsoft.graph.security.artifact",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.unclassifiedArtifact",
+ "id": "String (identifier)",
+ "kind": "String",
+ "value": "String"
+}
+```
v1.0 Security Vulnerability https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-vulnerability.md
+
+ Title: "vulnerability resource type"
+description: "Provides key context behind vulnerabilities of interest."
+
+ms.localizationpriority: medium
++
+# vulnerability resource type
+
+Namespace: microsoft.graph.security
++
+Provides key context behind vulnerabilities of interest. Each article contains a description of the vulnerability, a list of affected components, tailored mitigation procedures and strategies, related intelligence articles, references in deep and dark web chatter, and other key observations. These articles provide deeper context and actionable insights behind each vulnerability, enabling users to more quickly understand these vulnerabilities and quickly mitigate them.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get vulnerability](../api/security-vulnerability-get.md)|[microsoft.graph.security.vulnerability](../resources/security-vulnerability.md)|Read the properties and relationships of a [microsoft.graph.security.vulnerability](../resources/security-vulnerability.md) object.|
+|[List components](../api/security-vulnerability-list-components.md)|[microsoft.graph.security.vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md) collection|Get a list of **vulnerabilityComponent** resources.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|activeExploitsObserved|Boolean|Indicates whether this vulnerability has any known exploits associated to known bad actors.|
+|createdDateTime|DateTimeOffset|The date and time when this vulnerability article was first created.|
+|cvss2Summary|[microsoft.graph.security.cvssSummary](../resources/security-cvsssummary.md)|A summary of the common vulnerability scoring system (v2) findings about this vulnerability.|
+|cvss3Summary|[microsoft.graph.security.cvssSummary](../resources/security-cvsssummary.md)|A summary of the common vulnerability scoring system (v3) findings about this vulnerability.|
+|commonWeaknessEnumerationIds|String collection|Community-defined common weakness enumerations (CWE).|
+|description|[microsoft.graph.security.formattedContent](../resources/security-formattedcontent.md)|The vulnerability article contents, describing the vulnerability.|
+|exploits|[microsoft.graph.security.hyperlink](../resources/security-hyperlink.md) collection|Known exploits for this vulnerability.|
+|exploitsAvailable|Boolean|Indicates whether this vulnerability has exploits in public sources (such as Packetstorm or Exploit-DB) online.|
+|hasChatter|Boolean|Indicates whether chatter about this vulnerability has been discovered online.|
+|id|String|A system-generated ID for the **vulnerability**.|
+|lastModifiedDateTime|DateTimeOffset|The date and time when this vulnerability article was most recently updated.|
+|priorityScore|Int32|A unique algorithm that reflects the priority of a vulnerability based on the CVSS score, exploits, chatter, and linkage to malware. This property also evaluates the recency of these components so users can understand which vulnerability should be remediated first.|
+|publishedDateTime|DateTimeOffset|The date and time when this vulnerability article was published.|
+|references|[microsoft.graph.security.hyperlink](../resources/security-hyperlink.md) collection|Reference links where further information can be learned about this vulnerability.|
+|remediation|[microsoft.graph.security.formattedContent](../resources/security-formattedcontent.md)|Any known remediation steps.|
+|severity|microsoft.graph.security.vulnerabilitySeverity|Indicates the severity of this vulnerability. The possible values are: `none`, `low`, `medium`, `high`, `critical`, `unknownFutureValue`.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|articles|[microsoft.graph.security.article](../resources/security-article.md) collection|Articles related to this **vulnerability**.|
+|components|[microsoft.graph.security.vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md) collection|Components related to this vulnerability article.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.vulnerability",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.vulnerability",
+ "activeExploitsObserved": "Boolean",
+ "commonWeaknessEnumerationIds": [
+ "String"
+ ],
+ "createdDateTime": "String (timestamp)",
+ "cvss2Summary": {
+ "@odata.type": "microsoft.graph.security.cvssSummary"
+ },
+ "cvss3Summary": {
+ "@odata.type": "microsoft.graph.security.cvssSummary"
+ },
+ "description": {
+ "@odata.type": "microsoft.graph.security.formattedContent"
+ },
+ "exploitsAvailable": "Boolean",
+ "exploits": [
+ {
+ "@odata.type": "microsoft.graph.security.hyperlink"
+ }
+ ],
+ "hasChatter": "Boolean",
+ "id": "String (identifier)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "priorityScore": "Int32",
+ "publishedDateTime": "String (timestamp)",
+ "references": [
+ {
+ "@odata.type": "microsoft.graph.security.hyperlink"
+ }
+ ],
+ "remediation": {
+ "@odata.type": "microsoft.graph.security.formattedContent"
+ },
+ "severity": "String"
+}
+```
v1.0 Security Vulnerabilitycomponent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-vulnerabilitycomponent.md
+
+ Title: "vulnerabilityComponent resource type"
+description: "Represents a component identified in relation to a known vulnerability."
+
+ms.localizationpriority: medium
++
+# vulnerabilityComponent resource type
+
+Namespace: microsoft.graph.security
++
+Represents a component identified in relation to a known [vulnerability](../resources/security-vulnerability.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Get vulnerabilityComponent](../api/security-vulnerabilitycomponent-get.md)|[microsoft.graph.security.vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md)|Read the properties and relationships of a [microsoft.graph.security.vulnerabilityComponent](../resources/security-vulnerabilitycomponent.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|The system-generated ID for this vulnerability component.|
+|name|String|The name of this vulnerability component.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.security.vulnerabilityComponent",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.vulnerabilityComponent",
+ "id": "String (identifier)",
+ "name": "String"
+}
+```
v1.0 Service Communications Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/service-communications-api-overview.md
For more information on access tokens, app registration, and delegated and appli
Delegated permissions are needed to access the service communications API on behalf of a signed-in user. Customer-facing canvas applications, such as the [Microsoft 365 admin center](https://admin.microsoft.com/Adminportal/Home?source=applauncher#/homepage) (accessible only to admin roles), can call the service communications API to get the service health and service announcements data for the signed-in user's tenant, _on behalf of the signed-in user_. Users can find out whether their subscribed services are healthy or have issues. They can also learn about any current service issues affecting their tenants.
+#### Role-based access control for delegation access
+
+The service communications API applies role-based access control (RBAC) to identify whether the signed-in user who is on-behalf of has a required Azure Active Directory (Azure AD) role. The signed-in user who is on-behalf of must have at least one of the admin roles.
+
+For more information about the AZure AD administrator roles, see:
+* [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles)
+* [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference)
+* [Roles in Microsoft 365, including Azure AD, service-specific and cross-service roles](/azure/active-directory/roles/concept-understand-roles#how-azure-ad-roles-are-different-from-other-microsoft-365-roles)
+ ### Access service communications API without user Application permissions are needed to access the service communications API without a signed-in user. Applications that run as backend services, such as monitoring or alert services, can call the service communications API with their own identity and not on behalf of a user. These backend services can build custom monitoring/alert pipelines and call the service communications API to get service health and service announcements data.
That service communications API is available in all Microsoft national cloud dep
|Microsoft Graph global service| https://graph.microsoft.com/beta/admin/serviceAnnouncement/| |Microsoft Graph for US Government L4 (GccHigh)|https://graph.microsoft.us/beta/admin/serviceAnnouncement/| |Microsoft Graph for US Government L5 (DoD)|https://dod-graph.microsoft.us/beta/admin/serviceAnnouncement/|
-|Microsoft Graph Germany|https://graph.microsoft.de/beta/admin/serviceAnnouncement/|
|Microsoft Graph China operated by 21Vianet|https://microsoftgraph.chinacloudapi.cn/beta/admin/serviceAnnouncement/| ## Service communications limits
v1.0 Serviceprincipal https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/serviceprincipal.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|servicePrincipalNames|String collection|Contains the list of **identifiersUris**, copied over from the associated [application](application.md). Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Azure AD. For example,<ul><li>Client apps can specify a resource URI which is based on the values of this property to acquire an access token, which is the URI returned in the ΓÇ£audΓÇ¥ claim.</li></ul><br>The any operator is required for filter expressions on multi-valued properties. Not nullable. <br><br> Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).| |servicePrincipalType|String|Identifies if the service principal represents an application or a managed identity. This is set by Azure AD internally. For a service principal that represents an [application](./application.md) this is set as __Application__. For a service principal that represent a [managed identity](/azure/active-directory/managed-identities-azure-resources/overview) this is set as __ManagedIdentity__. The __SocialIdp__ type is for internal use. | | signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. Read-only. <br><br>Supported values are:<ul><li>`AzureADMyOrg`: Users with a Microsoft work or school account in my organizationΓÇÖs Azure AD tenant (single-tenant).</li><li>`AzureADMultipleOrgs`: Users with a Microsoft work or school account in any organizationΓÇÖs Azure AD tenant (multi-tenant).</li><li>`AzureADandPersonalMicrosoftAccount`: Users with a personal Microsoft account, or a work or school account in any organizationΓÇÖs Azure AD tenant.</li><li>`PersonalMicrosoftAccount`: Users with a personal Microsoft account only.</li></ul> |
-|tags|String collection| Custom strings that can be used to categorize and identify the service principal. Not nullable. <br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
+|tags|String collection| Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated [application](application.md) entity's **tags** property.<br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
|tokenEncryptionKeyId|String|Specifies the keyId of a public key from the keyCredentials collection. When configured, Azure AD issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.| | verifiedPublisher | [verifiedPublisher](verifiedPublisher.md) | Specifies the verified publisher of the application which this service principal represents.|
v1.0 Servicestoragequotabreakdown https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/servicestoragequotabreakdown.md
+
+ Title: "serviceStorageQuotaBreakdown resource type"
+description: "Represents a proportion of the unified storage quota associated with a specific service."
+
+ms.localizationpriority: medium
++
+# serviceStorageQuotaBreakdown resource type
+
+Namespace: microsoft.graph
++
+Represents a proportion of the unified storage quota associated with a specific service.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List serviceStorageQuotaBreakdown](../api/unifiedstoragequota-list-services.md)| [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) collection|Get a list of services in the serviceStorageQuotaBreakdown.|
+|[Get serviceStorageQuotaBreakdown](../api/servicestoragequotabreakdown-get.md)|[serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md)|Read the properties and relationships of a [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|The service breakdown name displayed to users. Localized. Read-only.|
+|id|String|The service breakdown id. Read-only.|
+|manageWebUrl|String|A URL that can be used in a browser to manage the service breakdown. Read-only.|
+|used|Int64|The number of bytes this service breakdown is consuming. Read-only.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.serviceStorageQuotaBreakdown",
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.serviceStorageQuotaBreakdown",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "manageWebUrl": "String",
+ "used": "Integer"
+}
+```
+
v1.0 Signin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/signin.md
The availability of sign-in logs is governed by the [Azure AD data retention pol
|isInteractive|Boolean|Indicates whether a user sign in is interactive. In interactive sign in, the user provides an authentication factor to Azure AD. These factors include passwords, responses to MFA challenges, biometric factors, or QR codes that a user provides to Azure AD or an associated app. In non-interactive sign in, the user doesn't provide an authentication factor. Instead, the client app uses a token or code to authenticate or access a resource on behalf of a user. Non-interactive sign ins are commonly used for a client to sign in on a user's behalf in a process transparent to the user.| |isTenantRestricted|Boolean|Shows whether the sign in event was subject to an Azure AD tenant restriction policy.| |location|[signInLocation](signinlocation.md)|The city, state, and 2 letter country code from where the sign-in occurred. Supports `$filter` (`eq` and `startsWith` operators only) on **city**, **state**, and **countryOrRegion** properties.|
+|managedServiceIdentity|[managedIdentity](../resources/managedidentity.md)|Contains information about the managed identity used for the sign in, including its type and associated Azure Resource Manager (ARM) resource ID.|
|networkLocationDetails|[networkLocationDetail](networklocationdetail.md) collection|The network location details including the type of network used and its names.| |originalRequestId|String|The request identifier of the first request in the authentication sequence. Supports `$filter` (`eq` operator only).| |privateLinkDetails|[privateLinkDetails](../resources/privatelinkdetails.md)|Contains information about the Azure AD Private Link policy that is associated with the sign in event.|
v1.0 Signinactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/signinactivity.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Provides the last interactive or non-interactive sign-in time for a specific [user](user.md). Since signInActivity describes a property of the user object, Azure AD stores signinactivity for your users for as long as the user objects exist.
+Provides the last interactive or non-interactive sign-in time for a specific [user](user.md). Since signInActivity describes a property of the user object, Azure AD stores signinactivity for your users for as long as the user object exists.
## Properties
The following is a JSON representation of the resource.
```json {
+ "@odata.type": "#microsoft.graph.signInActivity",
"lastSignInDateTime": "String (timestamp)", "lastSignInRequestId": "String", "lastNonInteractiveSignInDateTime": "String (timestamp)",
v1.0 Smsauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/smsauthenticationmethodconfiguration.md
Title: "smsAuthenticationMethodConfiguration resource type" description: "Represents a Text Message authentication methods policy."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: resourcePageType
Namespace: microsoft.graph
Represents a Text Message authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
v1.0 Smsauthenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/smsauthenticationmethodtarget.md
Title: "smsAuthenticationMethodTarget resource type" description: "A collection of groups enabled to use Text Message authentication methods policy."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: resourcePageType
v1.0 Softwareoathauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/softwareoathauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents the authentication policy for a third-party software OATH authentication method. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
## Methods |Method|Return type|Description|
v1.0 Subscription https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/subscription.md
For the possible resource path values for each supported resource, see [Use the
### Maximum length of subscription per resource type
-| Resource | Maximum expiration time |
-|:--|:-|
-| Security **alert** | 43200 minutes (under 30 days) |
-| Teams **callRecord** | 4230 minutes (under 3 days) |
-| Teams **channel** | 60 minutes (1 hour) |
-| Teams **chat** | 60 minutes (1 hour) |
-| Teams **chatMessage** | 60 minutes (1 hour) |
-| Teams **conversationMember** | 60 minutes (1 hour) |
-| Teams **onlineMeeting** | 4320 minutes (3 days) |
-| Teams **team** | 60 minutes (1 hour) |
-| Group **conversation** | 4230 minutes (under 3 days) |
-| OneDrive **driveItem** | 42300 minutes (under 30 days) |
-| SharePoint **list** | 42300 minutes (under 30 days) |
-| Outlook **message**, **event**, **contact** | 4230 minutes (under 3 days) |
-| **user**, **group**, other directory resources | 41760 minutes (under 29 days) |
-| **onlineMeeting** | 4230 minutes (under 3 days) |
-| **presence** | 60 minutes (1 hour) |
-| Print **printer** | 4230 minutes (under 3 days) |
-| Print **printTaskDefinition** | 4230 minutes (under 3 days) |
-| **todoTask** | 4230 minutes (under 3 days) |
-| **baseTask** (deprecated) | 4230 minutes (under 3 days) |
--
-> **Note:** Existing applications and new applications should not exceed the supported value. In the future, any requests to create or renew a subscription beyond the maximum value will fail.
## Relationships
Here is a JSON representation of the resource.
"notificationContentType": "String", "notificationUrlAppId": "String" }
-```
+```
v1.0 Teamsappauthorization https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamsappauthorization.md
+
+ Title: "teamsAppAuthorization resource type"
+description: "The authorization details of a teamsApp."
+
+ms.localizationpriority: medium
++
+# teamsAppAuthorization resource type
+
+Namespace: microsoft.graph
++
+The authorization details of a [teamsApp](teamsapp.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|requiredPermissionSet|[teamsAppPermissionSet](../resources/teamsapppermissionset.md)|Set of permissions required by the [teamsApp](teamsapp.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.teamsAppAuthorization"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.teamsAppAuthorization",
+ "requiredPermissionSet": {
+ "@odata.type": "microsoft.graph.teamsAppPermissionSet"
+ }
+}
+```
+
v1.0 Teamsappdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamsappdefinition.md
The details of a version of a [teamsApp](teamsapp.md).
| azureADAppId | string | The WebApplicationInfo.Id from the Teams app manifest. | | displayName | string | The name of the app provided by the app developer. | | version | string | The version number of the application. |
-| allowedInstallationScopes | teamsAppInstallationScope collection | A collection of scopes where the Teams app can be installed. Possible values are:</br>`team` ΓÇö Indicates that the Teams app can be installed within a team and is authorized to access that team's data. </br>`groupChat` ΓÇö Indicates that the Teams app can be installed within a group chat and is authorized to access that group chat's data. </br> `personal` ΓÇö Indicates that the Teams app can be installed in the personal scope of a user and is authorized to access that user's data. |
+| allowedInstallationScopes | teamsAppInstallationScope collection | A collection of scopes where the Teams app can be installed. Possible values are:</br>`team` ΓÇö Indicates that the Teams app can be installed within a team and is authorized to access that team's data. </br>`groupChat` ΓÇö Indicates that the Teams app can be installed within a group chat and is authorized to access that group chat's data. </br> `personal` ΓÇö Indicates that the Teams app can be installed in the personal scope of a user and is authorized to access that user's data. |
+|authorization|[teamsAppAuthorization](../resources/teamsappauthorization.md)|Authorization requirements specified in the Teams app manifest.|
## Relationships
The details of a version of a [teamsApp](teamsapp.md).
"publishingState": "#microsoft.graph.teamsAppPublishingState", "azureADAppId": "string", "displayName": "string",
- "version": "string"
+ "version": "string",
+ "authorization": "#microsoft.graph.teamsAppAuthorization"
} ```
v1.0 Teamsappinstallation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamsappinstallation.md
A [teamsApp](teamsapp.md) installed in a [team](team.md), a [chat](chat.md), or
| Property | Type | Description | |:- |:-- |:-- | | id | string | A unique ID (not the team's app ID). |
+|consentedPermissionSet|[teamsAppPermissionSet](../resources/teamsapppermissionset.md)|The set of resource-specific permissions consented to while installing or upgrading the teamsApp.|
## Relationships
The following is a JSON representation of the resource.
```json {
- "id": "string"
+ "id": "string",
+ "consentedPermissionSet": "#microsoft.graph.teamsAppPermissionSet"
} ```
v1.0 Teamsapppermissionset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamsapppermissionset.md
+
+ Title: "teamsAppPermissionSet resource type"
+description: "Set of Resource specific permissions."
+
+ms.localizationpriority: medium
++
+# teamsAppPermissionSet resource type
+
+Namespace: microsoft.graph
++
+Set of required/granted permissions that can be associated with a Teams app.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|resourceSpecificPermissions|[teamsAppResourceSpecificPermission](../resources/teamsappresourcespecificpermission.md) collection|A collection of resource-specific permissions.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.teamsAppPermissionSet"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.teamsAppPermissionSet",
+ "resourceSpecificPermissions": [
+ {
+ "@odata.type": "microsoft.graph.teamsAppResourceSpecificPermission"
+ }
+ ]
+}
+```
+
v1.0 Teamsappresourcespecificpermission https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamsappresourcespecificpermission.md
+
+ Title: "teamsAppResourceSpecificPermission resource type"
+description: "Represents the resource-specific permission associated with a teamsApp."
+
+ms.localizationpriority: medium
++
+# teamsAppResourceSpecificPermission resource type
+
+Namespace: microsoft.graph
++
+Represents the resource-specific permission associated with a **teamsApp**.
+
+For details, see [understanding resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|permissionType|[teamsAppResourceSpecificPermissionType](../resources/teamsAppResourceSpecificPermission.md#teamsappresourcespecificpermissiontype-values)|The type of resource-specific permission.|
+|permissionValue|String|The name of the resource-specific permission.|
+
+## teamsAppResourceSpecificPermissionType values
+
+| Member | Description |
+|:-|:-|
+| delegated | Indicates that the resource specific permission is of delegated type. |
+| application | Indicates that the resource specific permission is of application type. |
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.teamsAppResourceSpecificPermission"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.teamsAppResourceSpecificPermission",
+ "permissionValue": "String",
+ "permissionType": "String"
+}
+```
+
v1.0 Teamtemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamtemplate.md
Namespace: microsoft.graph
Represents a logical container for all the definitions and versions of the same team template.
-> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
## Methods
v1.0 Teamtemplatedefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamtemplatedefinition.md
Generic representation of a team template definition for a team with a specific
Inherits from [entity](../resources/entity.md).
-> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
- ## Methods |Method|Return type|Description|
v1.0 Teamworktag https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamworktag.md
When a tag is added, users can @mention it in a channel. Everyone who has been a
## Properties |Property|Type|Description| |:|:|:|
-|description|String|Tag description as it will appear to the user in Microsoft Teams.|
+|description|String|Tag description as it will appear to the user in Microsoft Teams. A **teamworkTag** can't have more than 200 **teamworkTagMembers**.|
|displayName|String|Tag name as it will appear to the user in Microsoft Teams.| |id|String|ID of the tag.| |memberCount|Int32|The number of users assigned to the tag.|
The following is a JSON representation of the resource.
``` ## See also-- [teamworkTagMember](../resources/teamworktagmember.md)
+- [teamworkTagMember](../resources/teamworktagmember.md)
v1.0 Teamworkuseridentity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamworkuseridentity.md
Inherits from [identity](../resources/identity.md).
|displayName|String|Inherited from [identity](../resources/identity.md). Display name of the user. Optional.| |id|String|Inherited from [identity](../resources/identity.md). ID of the user. | |userIdentityType|teamworkUserIdentityType| Type of user. Possible values are: `aadUser`, `onPremiseAadUser`, `anonymousGuest`, `federatedUser`, `personalMicrosoftAccountUser`, `skypeUser`, `phoneUser`, `emailUser` and `azureCommunicationServicesUser`.|
+|tenantId|String|Identifier of tenant, which user is part of. Optional. |
## Relationships None.
v1.0 Temporaryaccesspassauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/temporaryaccesspassauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Temporary Access Pass authentication methods policy that defines the configuration settings and users or groups who are enabled to use the [Temporary Access Pass authentication method](temporaryaccesspassauthenticationmethod.md).
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
v1.0 Tenantreference https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/tenantreference.md
+
+ Title: "tenantReference resource type"
+description: "Represents the information used to identify an Azure AD tenant."
+
+ms.localizationpriority: medium
++
+# tenantReference resource type
+
+Namespace: microsoft.graph
++
+Represents the information used to identify an Azure AD tenant. This type is only used in the context of an [outboundSharedUserProfile](../resources/outboundshareduserprofile.md).
+
+## Methods
+
+None.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+| tenantId | String | The identifier of the Azure AD tenant. Read-only. Key. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "tenantId",
+ "@odata.type": "microsoft.graph.tenantReference",
+ "openType": false
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.tenantReference",
+ "tenantId": "String"
+}
+```
v1.0 Tokenlifetimepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/tokenlifetimepolicy.md
Inherits from [stsPolicy](stsPolicy.md).
| Method | Return Type | Description | |:-|:|:|
+| [List tokenLifetimePolicies](../api/tokenlifetimepolicy-list.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Read properties and relationships of tokenLifetimePolicies objects. |
| [Create tokenLifetimePolicy](../api/tokenlifetimepolicy-post-tokenlifetimepolicies.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Create a tokenLifetimePolicy object. | | [Get tokenLifetimePolicy](../api/tokenlifetimepolicy-get.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Read properties and relationships of a tokenLifetimePolicy object. |
-| [List tokenLifetimePolicies](../api/tokenlifetimepolicy-list.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Read properties and relationships of tokenLifetimePolicies objects. |
| [Update tokenLifetimePolicy](../api/tokenlifetimepolicy-update.md) | None | Update a tokenLifetimePolicy object. | | [Delete tokenLifetimePolicy](../api/tokenlifetimepolicy-delete.md) | None | Delete a tokenLifetimePolicy object. | | [List appliesTo](../api/tokenlifetimepolicy-list-appliesto.md) | [directoryObject](directoryobject.md) collection | Get the list of directoryObjects that this policy has been applied to. |
Inherits from [stsPolicy](stsPolicy.md).
| Property | Type | Description | |:-|:|:| |id|String| Unique identifier for this policy. Read-only.|
-|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. See below for more details about the JSON schema for this property. Required.|
+|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. For more information about the JSON schema for this property, see [Properties of a token lifetime policy definition](#properties-of-a-token-lifetime-policy-definition). Required.|
|description|String| Description for this policy.| |displayName|String| Display name for this policy. Required.| |isOrganizationDefault|Boolean|If set to `true`, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is `false`.| ### Properties of a token lifetime policy definition+ The properties below form the JSON object that represents a token lifetime policy. This JSON object must be **converted to a string with quotations escaped** to be inserted into the **definition** property. An example is shown below in JSON format: <!-- {
v1.0 Unifiedstoragequota https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/unifiedstoragequota.md
+
+ Title: "unifiedStorageQuota resource type"
+description: Provides an aggregate view of a user's quota information across multiple services.
+
+ms.localizationpriority: medium
++
+# unifiedStorageQuota resource type
+
+Namespace: microsoft.graph
++
+Provides an aggregate view of a user's quota information across multiple services.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get unifiedStorageQuota](../api/unifiedstoragequota-get.md)|[unifiedStorageQuota](../resources/unifiedstoragequota.md)|Read the properties and relationships of a [unifiedStorageQuota](../resources/unifiedstoragequota.md) object.|
+|[List serviceStorageQuotaBreakdown](../api/unifiedstoragequota-list-services.md)| [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) collection|Get the list of services in a **serviceStorageQuotaBreakdown**.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|The user IF.|
+|manageWebUrl|String| A URL that can be used in a browser to manage the breakdown. Read-only. |
+|remaining|Int64| Total space remaining before reaching the quota limit in bytes. |
+|state|usqState| Indicates the state of the storage space. The possible values are: `normal`, `nearing`, `critical`, `full`, and `overLimit`.|
+|total|Int64| Total allowed storage space in bytes. |
+|used|Int64| Total space used in bytes. |
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|services|[serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) collection| The breakdown of services contributing to the user's quota usage. |
++
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.unifiedStorageQuota",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "id": "String",
+ "manageWebUrl": "String",
+ "remaining": "Integer",
+ "state": "normal | nearing | critical | full | overLimit",
+ "total": "Integer",
+ "used": "Integer"
+}
+```
+
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/user.md
This resource supports:
| [Get deleted user](../api/directory-deleteditems-get.md) | [directoryObject](directoryobject.md) collection | Retrieve a deleted user by ID. | | [Restore deleted user](../api/directory-deleteditems-delete.md) | [directoryObject](directoryobject.md) collection | Restore a user deleted in the tenant in the last 30 days. | | [Permanently delete user](../api/directory-deleteditems-restore.md) | [directoryObject](directoryobject.md) collection | Permanently delete a deleted user from the tenant. |
-| [activateServicePlan](../api/user-activateserviceplan.md) (deprecated) | None | Activate a service with a given `servicePlanId` and `skuId` for a given [user](user.md). |
| **Drive** ||| | [Get drive](../api/drive-get.md) | [drive](drive.md) | Retrieve the properties and relationships of a Drive resource. | | [List children](../api/driveitem-list-children.md) | [DriveItems](driveitem.md) | Return a collection of DriveItems in the children relationship of a DriveItem. |
This resource supports:
| showInAddressList | Boolean | **Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead.** Represents whether the user should be included in the Outlook global address list. See [Known issue](/graph/known-issues#showinaddresslist-property-is-out-of-sync-with-microsoft-exchange).| | signInSessionsValidFromDateTime | DateTimeOffset | Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. Read-only. Use [revokeSignInSessions](../api/user-revokesigninsessions.md) to reset.| | skills | String collection | A list for the user to enumerate their skills. <br><br>Returned only on `$select`. |
-| signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but*, not with any other filterable properties. **Note:** Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<br><br>**Note:** <br/><li>There's a [known issue](/graph/known-issues#license-check-errors-for-azure-ad-activity-reports) with retrieving this property.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
+| signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties. <br><br>**Note:** <br/><li> Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<li>When you specify `$select=signInActivity` or `$filter=signInActivity` while [listing users](../api/user-list.md), the maximum page size is 120 users. Requests with `$top` set higher than 120 will fail.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
| state | String | The state or province in the user's address. Maximum length is 128 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values). | | streetAddress | String | The street address of the user's place of business. Maximum length is 1024 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values).| | surname | String | The user's surname (family name or last name). Maximum length is 64 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values). |
v1.0 Voiceauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/voiceauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a voice call authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method. - Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md). ## Methods
v1.0 Windowsupdates Featureupdatecatalogentry https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/windowsupdates-featureupdatecatalogentry.md
Title: "featureUpdateCatalogEntry resource type"
-description: "Metadata for a Windows 10 feature update that you can approve for deployment."
+description: "Represents metadata for a Windows 10 feature update that you can approve for deployment."
ms.localizationpriority: medium ms.prod: "w10"
Namespace: microsoft.graph.windowsUpdates
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Metadata for a Windows 10 feature update that you can approve for deployment.
+Represents metadata for a Windows 10 feature update that you can approve for deployment.
-Windows 10 feature updates are released bi-annually and contain new features for Windows 10. Installing these updates increases the Windows 10 build number and typically results in a new servicing lifecycle and end of service date. Microsoft recommends organizations regularly deploy new feature updates as part of adopting Windows as a service.
+Windows 10 feature updates are released bi-annually and contain new features for Windows 10. Installing these updates increases the Windows 10 build number and typically results in a new servicing lifecycle and end of service date. We recommend organizations regularly deploy new feature updates as part of adopting Windows as a service.
Inherits from [softwareUpdateCatalogEntry](../resources/windowsupdates-softwareupdatecatalogentry.md).
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.windowsUpdates.featureUpdateCatalogEntry",
- "id": "String (identifier)",
+ "deployableUntilDateTime": "String (timestamp)",
"displayName": "String",
+ "id": "String (identifier)",
"releaseDateTime": "String (timestamp)",
- "deployableUntilDateTime": "String (timestamp)",
"version": "String" } ```
v1.0 Windowsupdates Qualityupdatecatalogentry https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/windowsupdates-qualityupdatecatalogentry.md
Title: "qualityUpdateCatalogEntry resource type"
-description: "Metadata for a Windows 10 quality update that you can be approve for deployment."
+description: "Represents metadata for a Windows 10 quality update that you can approve for deployment."
ms.localizationpriority: medium ms.prod: "w10"
Namespace: microsoft.graph.windowsUpdates
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Metadata for a Windows 10 quality update that you can be approve for deployment.
+Represents metadata for a Windows 10 quality update that you can approve for deployment.
-Windows 10 quality updates are released one or more times per month. These updates contain both security and quality fixes and are typically released on the second Tuesday of every month, though they may be released at any time. These updates are cumulative, so later versions always contain all previous fixes. Microsoft strongly recommends keeping devices current by installing the most recent quality updates as soon as they are available.
+Windows 10 quality updates are released one or more times per month. These updates contain both security and quality fixes and are typically released on the second Tuesday of every month, though they might be released at any time. These updates are cumulative, so later versions always contain all previous fixes. We strongly recommend keeping devices current by installing the most recent quality updates as soon as they are available.
Inherits from [softwareUpdateCatalogEntry](../resources/windowsupdates-softwareupdatecatalogentry.md).
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.windowsUpdates.qualityUpdateCatalogEntry",
- "id": "String (identifier)",
- "displayName": "String",
- "releaseDateTime": "String (timestamp)",
"deployableUntilDateTime": "String (timestamp)",
+ "displayName": "String",
+ "id": "String (identifier)",
"isExpeditable": "Boolean",
- "qualityUpdateClassification": "String"
+ "qualityUpdateClassification": "String",
+ "releaseDateTime": "String (timestamp)"
} ```
v1.0 X509certificateauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/x509certificateauthenticationmethodconfiguration.md
Inherits from [authenticationMethodConfiguration](../resources/authenticationmet
## Properties |Property|Type|Description| |:|:|:|
-|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. |
+|certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
|id|String|The identifier for the authentication method policy. The value is always `X509Certificate`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|state|authenticationMethodState|The possible values are: `enabled`, `disabled`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
-|certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
-|authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. |
## Relationships
v1.0 Accesspackage Getapplicablepolicyrequirements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accesspackage-getapplicablepolicyrequirements.md
POST https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/a
### Response+ >**Note:** The response object shown here might be shortened for readability.+ <!-- { "blockType": "response", "truncated": true, "@odata.type": "Collection(microsoft.graph.accessPackageAssignmentRequestRequirements)" } -->+ ``` http HTTP/1.1 200 OK Content-Type: application/json
v1.0 Accesspackageassignmentpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accesspackageassignmentpolicy-get.md
GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/as
[!INCLUDE [sample-code](../includes/snippets/go/get-accesspackageassignmentpolicy-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-accesspackageassignmentpolicy-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Appmanagementpolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appManagementPolicy-delete.md
+
+ Title: "Delete appManagementPolicy"
+description: "Delete an application management policy."
+ms.localizationpriority: medium
+++
+# Delete appManagementPolicy
+
+Namespace: microsoft.graph
++
+Delete an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /policies/appManagementPolicies/{id}
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_appManagementPolicy"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": false
+} -->
+
+```http
+HTTP/1.1 204 No Content
+
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "delete appManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appManagementPolicy-list-appliesTo.md
+
+ Title: "List appliesTo"
+description: "List application or service principal resources assigned to an application management policy."
+ms.localizationpriority: medium
+++
+# List appliesTo
+
+Namespace: microsoft.graph
+
+List application and service principal objects that are assigned an [appManagementPolicy](../resources/appManagementPolicy.md) policy object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/appManagementPolicies/{id}/appliesTo
+```
+
+## Optional query parameters
+
+This method supports the `$select`, `$filter`, and `$top` OData query parameters to help customize the response. You can apply `$filter` on properties of [application](../resources/application.md) or [servicePrincipal](../resources/serviceprincipal.md) objects that support `$filter`. For example, the following query retrieves the **appId** and **displayName** of applications or service principals that are assigned the policy.
+
+``` http
+https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}/appliesTo?$select=appId,displayName
+```
+
+For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [appManagementPolicy](../resources/appManagementPolicy.md) objects in the response body.
+
+## Examples
+
+### Example 1: Get applications and service principal objects applied to an app management policy
+
+#### Request
+
+The following is an example of the request.
+++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_appManagementPolicyAppliesTo"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}/appliesTo
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "0d77e011-2fc6-438f-8b93-decb4f926929",
+ "appId": "8f527de6-05c9-4032-bca9-b2b56ab2358a",
+ "displayName": "TestApp1",
+ "createdDateTime": "2018-01-24T05:55:37Z"
+ }
+ ]
+}
+```
+
+### Example 2: Get specific properties of applications and service principal objects applied to an app management policy using $select query option
+
+#### Request
+
+The following is an example of the request using $select query option.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_appManagementPolicyAppliesTo_select"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}/appliesTo?$select=id,appId,displayName,createdDateTime
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response that returns `id`, `appId`, `displayName` and `createdDateTime` of applications and service principals where the policy is applied.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects(id,appId,displayName,createdDateTime)",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "0d77e011-2fc6-438f-8b93-decb4f926929",
+ "appId": "8f527de6-05c9-4032-bca9-b2b56ab2358a",
+ "displayName": "TestApp1",
+ "createdDateTime": "2018-01-24T05:55:37Z"
+ },
+ {
+ "@odata.type": "#microsoft.graph.servicePrincipal",
+ "id": "0e1fa067-dcc1-4d85-9b4c-e69145dd3efb",
+ "appId": "255912cb-e31d-4dee-bee4-3fa5d774d6b9",
+ "displayName": "TestApp2",
+ "createdDateTime": "2018-01-24T05:55:37Z"
+ }
+ ]
+}
+```
++
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appManagementPolicy-update.md
+
+ Title: "Update appManagementPolicy"
+description: "Update an application management policy."
+ms.localizationpriority: medium
+++
+# Update appManagementPolicy
+
+Namespace: microsoft.graph
+
+Update an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+PATCH /policies/appManagementPolicies/{id}
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
++
+| Property | Type | Description |
+| :-- | :-- | : |
+| displayName | String | The display name of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| description | String | The description of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| isEnabled | Boolean | Denotes whether the policy is enabled. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_appManagementPolicy"
+}-->
+
+```http
+PATCH https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}
+
+{
+ "isEnabled": false
+}
+
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "update appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Application Delete Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-delete-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/v1.0/applications/{id}/tokenLifetimePolicies/{id}/$ref
+DELETE https://graph.microsoft.com/v1.0/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/$ref
``` # [C#](#tab/csharp)
v1.0 Application List Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-list-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/applications/acc848e9-e8ec-4feb-a521-8d58b5482e09/tokenLifetimePolicies
+GET https://graph.microsoft.com/v1.0/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(microsoft.graph.tokenLifetimePolicy)",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Application List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-list.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | Application.Read.All, Application.ReadWrite.All, Directory.Read.All | |Delegated (personal Microsoft account) | Application.Read.All and User.Read, Application.ReadWrite.All and User.Read |
-|Application | Application.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
+|Application | Application.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.Read.All |
[!INCLUDE [permissions-applicationreadwriteownedby-disclaimer](../../includes/permissions-applicationreadwriteownedby-disclaimer.md)]
v1.0 Application Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-post-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-POST https://graph.microsoft.com/v1.0/applications/{id}/tokenLifetimePolicies/$ref
+POST https://graph.microsoft.com/v1.0/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/$ref
Content-Type: application/json {
- "@odata.id":"https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/cd3d9b57-0aee-4f25-8ee3-ac74ef5986a9"
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4"
} ```
v1.0 Appmanagementpolicy Delete Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-delete-appliesto.md
+
+ Title: "Remove appliesTo"
+description: "Remove an appManagementPolicy from an application or service principal object."
+ms.localizationpriority: medium
+++
+# Remove appliesTo
+
+Namespace: microsoft.graph
+
+Remove an [appManagementPolicy](../resources/appManagementPolicy.md) policy object from an application or service principal object. When you remove the appManagementPolicy, the application or service principal adopts the tenant-wide [tenantAppManagementPolicy](../resources/tenantappmanagementpolicy.md) setting.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /applications/{id}/appManagementPolicies/$ref
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Example 1: Remove an appManagementPolicy from an application object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from an application.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo_e1"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/v1.0/applications/{id}/appManagementPolicies/$ref
+Content-type: application/json
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Remove an appManagementPolicy from a service principal object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from a service principal.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo_e2"
+}-->
+
+``` http
+DELETE https://graph.microsoft.com/v1.0/servicePrincipals/{id}/appManagementPolicies/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-get.md
+
+ Title: "Get appManagementPolicy"
+description: "Get an application management policy."
+ms.localizationpriority: medium
+++
+# Get appManagementPolicy
+
+Namespace: microsoft.graph
+
+Read the properties of an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/appManagementPolicies/{id}
+```
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a single [appManagementPolicy](../resources/appManagementPolicy.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request. From the response, the app management policy defines the following restrictions for application and service principal objects:
+
+- Blocks creating of new passwords after 2019-10-19 at 10:37 AM UTC time.
+- Limits password secrets for apps created after 2019-10-19 at 10:37 AM UTC time to less than 4 days, 12 hours, 30 minutes and 5 seconds.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_appManagementPolicy"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies",
+ "value": [
+ {
+ "id": "db9d4b58-3488-4da4-9994-49773c454e33",
+ "displayName": "Custom app management policy",
+ "description": "Custom policy that enforces app management restrictions on specific applications and service principals.",
+ "isEnabled": false,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2017-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P4D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P90D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ]
+ }
+ }
+ ]
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "get appManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-list.md
+
+ Title: "List appManagementPolicies"
+description: "Get a list of application management policies."
+ms.localizationpriority: medium
+++
+# List appManagementPolicies
+
+Namespace: microsoft.graph
+
+Retrieve a list of [appManagementPolicy](../resources/appManagementPolicy.md) objects.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+
+## Optional query parameters
+
+This method supports the `$select`, `$filter`, and `$top` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/appManagementPolicies
+```
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [appManagementPolicy](../resources/appManagementPolicy.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_appManagementPolicies"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies",
+ "value": [
+ {
+ "id": "db9d4b58-3488-4da4-9994-49773c454e33",
+ "displayName": "Custom app management policy",
+ "description": "Custom policy that enforces app management restrictions on specific applications and service principals.",
+ "isEnabled": false,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2017-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P4D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P90D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ]
+ }
+ }
+ ]
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "get appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Post Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-post-appliesto.md
+
+ Title: "Assign appliesTo"
+description: "Assign an appManagementPolicy to an application or service principal object."
+ms.localizationpriority: medium
+++
+# Assign appliesTo
+
+Namespace: microsoft.graph
+
+Assign an [appManagementPolicy](../resources/appManagementPolicy.md) policy object to an application or service principal object. The application or service principal adopts this policy over the tenant-wide [tenantAppManagementPolicy](../resources/tenantappmanagementpolicy.md) setting. Only one policy object can be assigned to an application or service principal.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+POST /applications/{id}/appManagementPolicies/$ref
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Example 1: Assign an appManagementPolicy to an application object
+
+#### Request
+
+The following is an example of the request to assign an appManagementPolicy to an application.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "assign_appliesTo_ex1"
+}-->
+
+```http
+POST https://graph.microsoft.com/v1.0/applications/{id}/appManagementPolicies/$ref
+Content-type: application/json
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Assign an appManagementPolicy to a service principal object
+
+#### Request
+
+The following is an example of the request to assign an appManagementPolicy to a service principal.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "assign_appliesTo_ex2"
+}-->
+
+``` http
+POST https://graph.microsoft.com/v1.0/servicePrincipals/{id}/appManagementPolicies/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-post.md
+
+ Title: "Create appManagementPolicy"
+description: "Create an application management policy."
+ms.localizationpriority: medium
+++
+# Create appManagementPolicy
+
+Namespace: microsoft.graph
+
+Create an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+POST /policies/appManagementPolicies
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+
+## Request body
+
+In the request body, supply a JSON representation of the [appManagementPolicy](../resources/appmanagementpolicy.md) object.
+
+You can specify the following properties when creating an **appManagementPolicy**.
+
+| Property | Type | Description |
+| :-- | :- | : |
+| displayName | String | The display name of the policy. Required. |
+| description | String | The description of the policy. Required. |
+| isEnabled | Boolean | Denotes whether the policy is enabled. Optional. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. Optional. |
+
+## Response
+
+If successful, this method returns a `201 Created` response code with the new [appManagementPolicy ](../resources/appmanagementpolicy.md) object in the response payload.
+
+## Examples
+
+### Request
+
+The following is an example of the request. This request created an app management policy with the following settings:
+
+- Enables the policy.
+- Blocks creating of new passwords for applications and service principals created on or after 2019-10-19 at 10:37 AM UTC time.
+- Enforces lifetime on password secrets and key credentials for applications created on or after 2014-10-19 at 10:37 AM UTC time.
+- Limits password secrets for apps and service principals created after 2019-10-19 at 10:37 AM UTC time to less than 4 days, 12 hours, 30 minutes and 5 seconds.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_appManagementPolicy"
+}-->
+
+```http
+POST https://graph.microsoft.com/v1.0/policies/appManagementPolicies
+
+{
+ "displayName": "Credential management policy",
+ "description": "Cred policy sample",
+ "isEnabled": true,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P4D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P90D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ]
+ }
+}
+
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
++++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies/$entity",
+ "id": "a4ab1ed9-46bb-4bef-88d4-86fd6398dd5d",
+ "displayName": "credential management policy",
+ "description": "Lorem ipsum",
+ "isEnabled": true,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2018-10-19T10:37:00Z"
+ }
+ ]
+ }
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "create appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Attachment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/attachment-delete.md
DELETE /me/calendar/events/{id}/attachments/{id}
DELETE /users/{id | userPrincipalName}/calendar/events/{id}/attachments/{id} ```
-Attachments for an [event](../resources/event.md) in the specified [calendar](../resources/calendar.md) belonging to the user.
+Attachments for an [event](../resources/event.md) in the specified [calendar](../resources/calendar.md) that belongs to the user.
<!-- { "blockType": "ignored" } --> ```http DELETE /me/calendars/{id}/events/{id}/attachments/{id}
DELETE /groups/{id}/events/{id}/attachments/{id}
DELETE /groups/{id}/calendar/events/{id}/attachments/{id} -->
-Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) belonging to the user's default [calendarGroup](../resources/calendargroup.md).
+Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) that belongs to the user's default [calendarGroup](../resources/calendargroup.md).
<!-- { "blockType": "ignored" } --> ```http DELETE /me/calendars/{id}/events/{id}/attachments/{id} DELETE /users/{id | userPrincipalName}/calendars/{id}/events/{id}/attachments/{id} ```
-Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) belonging to a user's [calendarGroup](../resources/calendargroup.md).
+Attachments for an [event](../resources/event.md) in a [calendar](../resources/calendar.md) that belongs to a user's [calendarGroup](../resources/calendargroup.md).
<!-- { "blockType": "ignored" } --> ```http DELETE /me/calendargroups/{id}/calendars/{id}/events/{id}/attachments/{id}
Attachments for a [message](../resources/message.md) contained in a top level [m
DELETE /me/mailFolders/{id}/messages/{id}/attachments/{id} DELETE /users/{id | userPrincipalName}/mailFolders/{id}/messages/{id}/attachments/{id} ```
-Attachments for a [message](../resources/message.md) contained in a child folder of a [mailFolder](../resources/mailfolder.md) in a user's mailbox. The
-example below shows one level of nesting, but a message can be located in a child of a child and so on.
+Attachments for a [message](../resources/message.md) contained in a child folder of a [mailFolder](../resources/mailfolder.md) in a user's mailbox. The following
+example shows one level of nesting, but a message can be located in a child of a child and so on.
<!-- { "blockType": "ignored" } --> ```http DELETE /me/mailFolders/{id}/childFolders/{id}/.../messages/{id}/attachments/{id} DELETE /users/{id | userPrincipalName}/mailFolders/{id}/childFolders/{id}/messages/{id}/attachments/{id} ```
-Attachments for a [post](../resources/post.md) in a [thread](../resources/conversationthread.md) belonging to a [conversation](../resources/conversation.md) of a group.
+Attachments for a [post](../resources/post.md) in a [thread](../resources/conversationthread.md) thta belongs to a [conversation](../resources/conversation.md) of a group.
<!-- { "blockType": "ignored" } --> ```http DELETE /groups/{id}/threads/{id}/posts/{id}/attachments/{id}
Do not supply a request body for this method.
## Response
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Example
-##### Request
-Here is an example of the request to delete an attachment on an event.
+### Request
+The following is an example of the request to delete an attachment on an event.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/v1.0/me/events/{id}/attachments/{id}
-##### Response
-Here is an example of the response.
+### Response
+The following is an example of the response.
<!-- { "blockType": "response", "truncated": true
v1.0 Authentication List Emailmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-list-emailmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own email authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/emailMethods
+```
+
+Get details of your own or another user's email authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/emailMethods ```
v1.0 Authentication List Methods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-list-methods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
+List your own authentication methods.
<!-- { "blockType": "ignored" } -->-
-```http
+``` http
GET /me/authentication/methods
+```
+
+List your own or another user's authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/methods ```
v1.0 Authentication List Passwordmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-list-passwordmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global Administrator
-* Global Reader
-* Privileged Authentication Administrator
-* Authentication Administrator
## HTTP request
+Get details of your own password authentication method.
<!-- { "blockType": "ignored" } -->- ```http GET /me/authentication/passwordMethods
+```
+
+Get details of your own or another user's password authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/passwordMethods ```
v1.0 Authentication List Phonemethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-list-phonemethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
+List your own phone authentication methods.
<!-- { "blockType": "ignored" } -->-
-```http
+``` http
GET /me/authentication/phoneMethods
+```
+
+List your own or another user's phone authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/phoneMethods ```
v1.0 Authentication List Softwareoathmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-list-softwareoathmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs [one of the following directory roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global Reader
-* Authentication administrator
-* Privileged authentication administrator
-* Global administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own software OATH token authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/softwareOathMethods
+```
+
+Get details of your own or another user's software OATH token authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/softwareOathMethods ```
v1.0 Authentication List Temporaryaccesspassmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-list-temporaryaccesspassmethods.md
One of the following permissions is required to call this API. To learn more, in
| Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
+Get details of your own temporary access pass (TAP) authentication method.
+<!-- { "blockType": "ignored" } -->
+```http
GET /me/authentication/temporaryAccessPassMethods
+```
+
+Get details of your own or another user's temporary access pass (TAP) authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods ```
v1.0 Authentication Post Emailmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-post-emailmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Add an email method to your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+``` http
+POST /me/authentication/emailMethods
+```
+
+Add an email authentication method to another user's account.
+<!-- { "blockType": "ignored" } -->
``` http POST /users/{id | userPrincipalName}/authentication/emailMethods ```
v1.0 Authentication Post Phonemethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-post-phonemethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
+Add a phone authentication method to your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
<!-- { "blockType": "ignored" } -->- ```http POST /me/authentication/phoneMethods
+```
+
+Add a phone authentication method to another user's account.
+<!-- { "blockType": "ignored" } -->
+```http
POST /users/{id | userPrincipalName}/authentication/phoneMethods ```
v1.0 Authentication Post Temporaryaccesspassmethods https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authentication-post-temporaryaccesspassmethods.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
v1.0 Authenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
+Get your own authentication methods.
<!-- { "blockType": "ignored" } -->-
-```http
+``` http
GET /me/authentication/methods/{id}
+```
+
+Get your own or another user's authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/methods/{id} ```
v1.0 Authenticationmethod Resetpassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethod-resetpassword.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | Not supported. |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Administrator
-* Privileged Authentication Administrator
-* Authentication Administrator
## HTTP request
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+ # [JavaScript](#tab/javascript) [!INCLUDE [sample-code](../includes/snippets/javascript/passwordauthenticationmethod-resetpassword-adminprovided-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+ #### Response
The following is an example of the request.
POST https://graph.microsoft.com/v1.0/users/6ea91a8d-e32e-41a1-b7bd-d2d185eed0e0/authentication/methods/28c10230-6103-485e-b985-444c60001490/resetPassword ```
+# [C#](#tab/csharp)
+ # [JavaScript](#tab/javascript) [!INCLUDE [sample-code](../includes/snippets/javascript/passwordauthenticationmethod-resetpassword-systemgenerated-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/v1.0/users/6ea91a8d-e32e-41a1-b7bd-d2d185eed0e0
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+ #### Response
v1.0 Authenticationmethodspolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethodspolicy-get.md
Title: "Get authenticationMethodsPolicy" description: "Read the properties and relationships of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
Content-Type: application/json
"targetType": "group", "id": "all_users", "isRegistrationRequired": false,
- "authenticationMode": "any"
+ "authenticationMode": "any",
+ "outlookMobileAllowedState": "default",
+ "displayAppInformationRequiredState": "default",
+ "numberMatchingRequiredState": "default"
+ }
+ ]
+ },
+ {
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "Sms",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false,
+ "isUsableForSignIn": true
+ }
+ ]
+ },
+ {
+ "@odata.type": "#microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration",
+ "id": "TemporaryAccessPass",
+ "state": "disabled",
+ "defaultLifetimeInMinutes": 60,
+ "defaultLength": 8,
+ "minimumLifetimeInMinutes": 60,
+ "maximumLifetimeInMinutes": 480,
+ "isUsableOnce": false,
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
} ] },
v1.0 Authenticationmethodspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethodspolicy-update.md
Title: "Update authenticationMethodsPolicy" description: "Update the properties of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
PATCH /policies/authenticationMethodsPolicy
|Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [authenticationMethodConfigurations](../resources/authenticationmethodconfiguration.md) object to prompt users to set up targeted authentication methods.
+
+|Property|Type|Description|
+|:|:|:|
+|registrationEnforcement|[registrationEnforcement](../resources/registrationenforcement.md)|Enforce registration at sign-in time. This property can be used to prompt users to set up targeted authentication methods.|
## Response
-If successful, this method returns a `204 No Content` response code.
+If successful, this method returns a `200 OK` response code and an [authenticationMethodsPolicy](../resources/authenticationmethodspolicy.md) object in the response body.
## Examples
PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy
Content-Type: application/json {
- "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy",
- "registrationEnforcement": {
+ "registrationEnforcement": {
"authenticationMethodsRegistrationCampaign": { "snoozeDurationInDays": 1, "state": "enabled",
Content-Type: application/json
"targetedAuthenticationMethod": "microsoftAuthenticator" } ]
- }
- },
- "authenticationMethodConfigurations": [
- {
- "@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
- "id": "Fido2",
- "state": "disabled",
- "isSelfServiceRegistrationAllowed": false,
- "isAttestationEnforced": false,
- "keyRestrictions": {
- "isEnforced": false,
- "enforcementType": "block",
- "aaGuids": []
- }
- }
- ]
+ }
+ }
} ```
Content-Type: application/json
### Response <!-- { "blockType": "response",
- "truncated": true
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationMethodsPolicy"
} --> ``` http
-HTTP/1.1 204 No Content
+HTTP/1.1 200 OK
+Content-Type: application/json
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#authenticationMethodsPolicy",
+ "id": "authenticationMethodsPolicy",
+ "displayName": "Authentication Methods Policy",
+ "description": "The tenant-wide policy that controls which authentication methods are allowed in the tenant, authentication method registration requirements, and self-service password reset settings",
+ "lastModifiedDateTime": "2021-05-25T01:08:08.6712279Z",
+ "policyVersion": "1.4",
+ "registrationEnforcement": {
+ "authenticationMethodsRegistrationCampaign": {
+ "snoozeDurationInDays": 1,
+ "state": "enabled",
+ "excludeTargets": [],
+ "includeTargets": [
+ {
+ "id": "3ee3a9de-0a86-4e12-a287-9769accf1ba2",
+ "targetType": "group",
+ "targetedAuthenticationMethod": "microsoftAuthenticator"
+ }
+ ]
+ }
+ }
+}
```
v1.0 Bookingappointment Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/bookingappointment-cancel.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http POST /solutions/bookingBusinesses/{id}/appointments/{id}/cancel- ``` ## Request headers
In the request body, provide a JSON object with the following parameter.
If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
-If you attempt to cancel an **appointment** that doesn't exist, this method returns a `404 Not found`.
+If you attempt to cancel an **appointment** that doesn't exist, this method returns `HTTP 404 Not Found`.
## Example
-The following is an example of how to call this API.
- ### Request The following is an example of the request.
HTTP/1.1 204 No Content
] } -->--
v1.0 Bundle Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/bundle-get.md
For information about error responses, see [Microsoft Graph error responses and
The following is an example of a request. # [HTTP](#tab/http)
-<!-- { "blockType": "request", "name": "get-bundle-metadata" } -->
+<!-- { "blockType": "request", "name": "get-bundle-metadata_e1" } -->
```msgraph-interactive GET https://graph.microsoft.com/v1.0/drive/bundles/{bundle-id}
Use the `expand` [query string parameter](/graph/query-parameters) to include th
The following is an example of a request. # [HTTP](#tab/http)
-<!-- { "blockType": "request", "name": "get-bundle-and-children" } -->
+<!-- { "blockType": "request", "name": "get-bundle-and-children_e2" } -->
```msgraph-interactive GET https://graph.microsoft.com/v1.0/drive/items/{bundle-id}?expand=children
v1.0 Calendar List Events https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/calendar-list-events.md
Title: "List events"
-description: "Retrieve a list of events in a calendar. The list contains single instance meetings and series masters."
+description: "Retrieve a list of events in a calendar. The list contains single instance meetings and series masters."
ms.localizationpriority: high ms.prod: "outlook"
doc_type: apiPageType
Namespace: microsoft.graph
-Retrieve a list of events in a calendar. The calendar can be one for a [user](../resources/user.md), or the default calendar of a Microsoft 365 [group](../resources/group.md). The list of events contains single instance meetings and series masters.
+Retrieve a list of events in a calendar. The calendar can be one for a [user](../resources/user.md), or the default calendar of a Microsoft 365 [group](../resources/group.md). The list of events contains single instance meetings and series masters.
To get expanded event instances, you can [get the calendar view](calendar-list-calendarview.md), or [get the instances of an event](event-list-instances.md).
+> [!NOTE]
+> If your target mailbox calendar contains any private items, the caller must either:
+> * Be granted `FullAccess` mailbox permissions over the target mailbox (via the [Add-MailboxPermission](/powershell/module/exchange/add-mailboxpermission) cmdlet).
+> * Be granted the `Delegate` + `CanViewPrivateItems` flags (similar to the previous option, but through the [Add-MailboxFolderPermission](/powershell/module/exchange/add-mailboxfolderpermission) cmdlet). This option routes all meeting requests to the delegate mailbox. For a workaround, see [SharingPermissionFlags](/powershell/module/exchange/add-mailboxfolderpermission?view=exchange-ps#-sharingpermissionflags).
+>
+> Failure to meet these conditions will result in a `The specified object was not found in the store` response.
+ ## Permissions Depending on the type of calendar that the events are in and the permission type (delegated or application) requested, one of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Callrecords Callrecord Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/callrecords-callrecord-get.md
There are two ways to get the **id** of a **callRecord**:
* Subscribe to [change notifications](/graph/api/resources/webhooks?view=graph-rest-1.0&preserve-view=true) to the `/communications/callRecords` endpoint. * Use the **callChainId** property of a [call](../resources/call.md). The call record is available only after the associated call is completed.
+> [!WARNING]
+>
+> A call record is created after a call or meeting ends and will remain available for **30 days**. Requests for call records older than 30 days will receive a `404 Not Found` response.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body.
+If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body. A request for a call record older than 30 days will receive a `404 Not Found` response.
## Examples
GET https://graph.microsoft.com/v1.0/communications/callRecords/{id}?$expand=ses
#### Response
-The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions.
+The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions. The default page size for sessions is 60 entries.
> **Note:** The response object shown here might be shortened for readability.
v1.0 Channel List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/channel-list.md
GET /teams/{team-id}/channels
This method supports the $filter and $select [OData query parameters](/graph/query-parameters) to help customize the response.
+### Use $select for better performance
+Populating the **email** property for a channel is an expensive operation that results in slow performance. Use `$select` to exclude the **email** property to improve performance.
+ ## Request headers | Header | Value |
v1.0 Chat Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-get.md
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_group_chat",
+ "name": "get_group_chat_e1",
"sampleKeys": ["19:b8577894a63548969c5c92bb9c80c5e1@thread.v2"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_chat",
+ "name": "get_chat_e2",
"sampleKeys": ["8b081ef6-4792-4def-b2c9-c363a1bf41d5", "19:8b081ef6-4792-4def-b2c9-c363a1bf41d5_877192bd-9183-47d3-a74c-8aa0426716cf@unq.gbl.spaces"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_chat_withmembers",
+ "name": "get_chat_withmembers_e3",
"sampleKeys": ["19:b8577894a63548969c5c92bb9c80c5e1@thread.v2"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_meeting_chat",
+ "name": "get_meeting_chat_e4",
"sampleKeys": ["19:meeting_ZDZlYTYxOWUtYzdlMi00ZmMxLWIxMTAtN2YzODZlZjAxYzI4@thread.v2"] }--> ```msgraph-interactive
The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_meeting_chat",
+ "name": "get_meeting_chat_e5",
"sampleKeys": ["19:ebe3857aa388434bab0cad9d2e09f4de@thread.v2"] }--> ```msgraph-interactive
v1.0 Chat Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-post.md
If successful, this method returns a `201 Created` response code and the newly c
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_chat_oneOnOne"
+ "name": "create_chat_oneOnOne_e1"
} --> ``` http
Content-Type: application/json
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_chat_oneOnOne_federated"
+ "name": "create_chat_oneOnOne_federated_e5"
} --> ``` http
v1.0 Chatmessage Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-delta.md
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
v1.0 Chatmessage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-get.md
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"device": null, "conversation": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
v1.0 Chatmessage List Replies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-list-replies.md
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
v1.0 Chatmessage Post Replies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-post-replies.md
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
HTTP/1.1 200 OK
"application":null, "device":null, "user":{
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id":"8c0a1a67-50ce-4114-bb6c-da9c5dbcf6ca", "displayName":"Joh Doe",
- "userIdentityType":"aadUser"
+ "userIdentityType":"aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body":{
v1.0 Chatmessage Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-post.md
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
"application": null, "device": null, "user": {
+ "@odata.type": "#Microsoft.Teams.GraphSvc.teamworkUserIdentity",
"id": "8ea0e38b-efb3-4757-924a-5f94061cf8c2", "displayName": "Robin Kline",
- "userIdentityType": "aadUser"
+ "userIdentityType": "aadUser",
+ "tenantId": "e61ef81e-8bd8-476a-92e8-4a62f8426fca"
} }, "body": {
Content-type: application/json
} ```
+### Example 11: Send a message with an emoji
+
+#### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "post_chatmessage_11",
+ "sampleKeys": ["19:b7867210a3fa4848a5a2a30c210eb9ae@thread.v2"]
+}-->
+
+```http
+POST https://graph.microsoft.com/v1.0/chats/19:b7867210a3fa4848a5a2a30c210eb9ae@thread.v2/messages
+Content-type: application/json
+
+{
+ "body": {
+ "contentType": "html",
+ "content": "<emoji alt=\"😶‍🌫️\"></emoji>"
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.chatMessage"
+} -->
+
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#chats('19%3Ab7867210a3fa4848a5a2a30c210eb9ae%40thread.v2')/messages/$entity",
+ "id": "1678894699092",
+ "replyToId": null,
+ "etag": "1678894699092",
+ "messageType": "message",
+ "createdDateTime": "2023-03-15T15:38:19.092Z",
+ "lastModifiedDateTime": "2023-03-15T15:38:19.092Z",
+ "lastEditedDateTime": null,
+ "deletedDateTime": null,
+ "subject": null,
+ "summary": null,
+ "chatId": "19:b7867210a3fa4848a5a2a30c210eb9ae@thread.v2",
+ "importance": "normal",
+ "locale": "en-us",
+ "webUrl": null,
+ "channelIdentity": null,
+ "policyViolation": null,
+ "eventDetail": null,
+ "from": {
+ "application": null,
+ "device": null,
+ "user": {
+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",
+ "id": "cf944cab-afa6-4b26-81d6-bdf9f6ea04f2",
+ "displayName": "Ramjot Singh",
+ "userIdentityType": "aadUser"
+ }
+ },
+ "body": {
+ "contentType": "html",
+ "content": "<span contenteditable=\"false\" title=\"Face in clouds\" type=\"(faceinclouds)\" class=\"animated-emoticon-50-faceinclouds\"><img itemscope=\"\" itemtype=\"http://schema.skype.com/Emoji\" itemid=\"faceinclouds\" src=\"https://statics.teams.cdn.office.net/evergreen-assets/personal-expressions/v2/assets/emoticons/faceinclouds/default/50_f.png\" title=\"Face in clouds\" alt=\"😶‍🌫️\" style=\"width:50px;height:50px;\"></span>"
+ },
+ "attachments": [],
+ "mentions": [],
+ "reactions": []
+}
+```
+ ## See also * [Cards reference](/microsoftteams/platform/concepts/cards/cards-reference)
v1.0 Chatmessage Undosoftdelete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-undosoftdelete.md
POST https://graph.microsoft.com/v1.0/teams/172b0cce-e65d-44ce-9a49-91d9f2e8593a
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php)
v1.0 Chatmessagehostedcontent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessagehostedcontent-get.md
GET https://graph.microsoft.com/v1.0/chats/19:2da4c29f6d7041eca70b638b43d45437@t
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript)
GET https://graph.microsoft.com/v1.0/chats/19:2da4c29f6d7041eca70b638b43d45437@t
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell)
GET https://graph.microsoft.com/v1.0/chats/19:2da4c29f6d7041eca70b638b43d45437@t
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Deletedteam Getallmessages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/deletedteam-getallmessages.md
If successful, this function returns a `200 OK` response code and a [chatMessage
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "deletedteamthis.getallmessages"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/teamwork/deletedTeams/fbe2bf47-16c8-47cf-b4a5-4b9b187c508b/channels/getAllMessages ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
++ ### Response The following is an example of the response
v1.0 Device Delete Registeredusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/device-delete-registeredusers.md
Here is an example of the request.
DELETE https://graph.microsoft.com/v1.0/devices/{id}/registeredUsers/{id}/$ref ```
+# [C#](#tab/csharp)
+ # [JavaScript](#tab/javascript) [!INCLUDE [sample-code](../includes/snippets/javascript/delete-registeredusers-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
DELETE https://graph.microsoft.com/v1.0/devices/{id}/registeredUsers/{id}/$ref
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+ ##### Response
v1.0 Directory Deleteditems Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-deleteditems-delete.md
Permanently delete a recently deleted [application](../resources/application.md)
Administrative units **cannot** be permanently deleted by using the **deletedItems** API. Soft-deleted administrative units will be permanently deleted 30 days after initial deletion unless they are restored. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### For applications and service principals:
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [application](../resources/application.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [group](../resources/group.md) | Group.ReadWrite.All | Not supported. | Not supported. |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [user](../resources/user.md) | User.ReadWrite.All | Not supported. | Not supported. |
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
-
-The calling user must be the owner of the application or the calling app must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Application Administrator
-+ Cloud Application Administrator
-+ Hybrid Identity Administrator
-
-### For users:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-The signed-in user needs to have one of the following roles: *Global Administrator* or *User Administrator*.
-
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-The requestor needs to have one of the following roles: *Global Administrator* or *Groups Administrator*.
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Directory Deleteditems Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-deleteditems-get.md
Retrieve the properties of a recently deleted [application](../resources/applica
>**Note:** Deleted security groups are deleted permanently and can't be retrieved through this API. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### For applications and service principals:
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.Read.All, Application.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.Read.All |
-
-### For users:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All, Directory.Read.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.Read.All, Group.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-
-### For administrative units:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [administrativeUnit](../resources/administrativeunit.md) | AdministrativeUnit.Read.All | Not supported. | AdministrativeUnit.Read.All |
+| [application](../resources/application.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [group](../resources/group.md) | Group.Read.All | Not supported. | Group.Read.All |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [user](../resources/user.md) | User.Read.All | Not supported. | User.Read.All |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Directory Deleteditems List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-deleteditems-list.md
Retrieve a list of recently deleted directory objects. Currently, deleted items
## Permissions -
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-### For applications and service principals:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.Read.All, Application.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.Read.All, Application.ReadWrite.All, Directory.Read.All |
-
-### For users:
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [administrativeUnit](../resources/administrativeunit.md) | AdministrativeUnit.Read.All | Not supported. | AdministrativeUnit.Read.All |
+| [application](../resources/application.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [group](../resources/group.md) | Group.Read.All | Not supported. | Group.Read.All |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.Read.All | Not supported. | Application.Read.All |
+| [user](../resources/user.md) | User.Read.All | Not supported. | User.Read.All |
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All, Directory.Read.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.Read.All, Group.ReadWrite.All, Directory.Read.All |
-
-### For administrative units:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All |
## HTTP request <!-- { "blockType": "ignored" } -->
The OData cast type is a required part of the URI and calling `GET /directory/de
## Optional query parameters
-This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
+This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. This API returns 100 objects by default and supports returning up to 999 objects per page using `$top`.
+
+Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
```http GET https://graph.microsoft.com/beta/directory/deletedItems/microsoft.graph.group?&$count=true&$orderBy=deletedDateTime desc&$select=id,displayName,deletedDateTime
v1.0 Directory Deleteditems Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-deleteditems-restore.md
Restore a recently deleted [application](../resources/application.md), [group](.
A recently deleted item will remain available for up to 30 days. After 30 days, the item is permanently deleted. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### For applications and service principals:
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
-
-The calling app must be assigned one of the following [Azure AD roles](/azure/active-directory/roles/permissions-reference):
-+ Global Administrator
-+ Application Administrator
-+ Cloud Application Administrator
-+ Hybrid Identity Administrator
-
-### For users:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.ReadWrite.All |
-
-To restore users with privileged administrator roles in delegated scenarios, the app must be assigned with *Directory.AccessAsUser.All* delegated permission, and the calling user must also be assigned a higher privileged administrator role as indicated in [Who can perform sensitive actions](../resources/users.md#who-can-perform-sensitive-actions).
-
-In app-only scenarios, the *User.ReadWrite.All* application permission isn't enough privilege to restore deleted users with privilged administrator roles. The app must be assigned a higher privileged administrator role as indicated in [Who can perform sensitive actions](../resources/users.md#who-can-perform-sensitive-actions).
-
-### For groups:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Group.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.ReadWrite.All |
-
-### For administrative units:
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.ReadWrite.All |
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [administrativeUnit](../resources/administrativeunit.md) | AdministrativeUnit.ReadWrite.All | Not supported. | AdministrativeUnit.ReadWrite.All |
+| [application](../resources/application.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [group](../resources/group.md) | Group.ReadWrite.All | Not supported. | Not supported. |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.OwnedBy |
+| [user](../resources/user.md) | User.ReadWrite.All | Not supported. | Not supported. |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Directoryobject Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-delete.md
Delete a directory object, for example, a group, user, application, or service p
## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-### Delete a user
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | User.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | User.ReadWrite.All |
-
-### Delete a group
-
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Group.ReadWrite.All |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Group.ReadWrite.All |
-
-### Delete an application or service principal
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Application.ReadWrite.All |
+The following table shows the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
+|:-|:-|:-|:-|
+| [application](../resources/application.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.All |
+| [group](../resources/group.md) | Group.ReadWrite.All | Not supported. | Group.ReadWrite.All |
+| [servicePrincipal](../resources/serviceprincipal.md) | Application.ReadWrite.All | Not supported. | Application.ReadWrite.All |
+| [user](../resources/user.md) | User.ReadWrite.All | Not supported. | User.ReadWrite.All |
## HTTP request
v1.0 Directoryobject Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-delta.md
GET https://graph.microsoft.com/v1.0/directoryObjects/delta?filter=isof('microso
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=isof('{resource type}')`. Note the presence of the _members@delta_ property which includes the ids of member objects in the group.
GET https://graph.microsoft.com/v1.0/directoryObjects/delta?$filter=id eq '87d34
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=id eq '{id}'`.
Prefer: return=minimal
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization. Note that the `microsoft.graph.user/surname` property is not included, which means it has not changed since the last delta query; `microsoft.graph.group/displayName` is included which means its value has changed.
v1.0 Driveitem Createlink https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitem-createlink.md
The request should be a JSON object with the following properties.
| **expirationDateTime** | string | A String with format of yyyy-MM-ddTHH:mm:ssZ of DateTime indicates the expiration time of the permission. | | **retainInheritedPermissions** | Boolean | Optional. If `true` (default), any existing inherited permissions are retained on the shared item when sharing this item for the first time. If `false`, all existing permissions are removed when sharing for the first time. | | **scope** | string | Optional. The scope of link to create. Either `anonymous`, `organization`, or `users`. |
-| **retainInheritedPermissions** | Boolean | If `true`, any current inherited permissions are retained on the shared item when sharing this item for the first time. If `false`, all current permissions are removed when sharing for the first time. The default value is `true`. Optional. |
### Link types
v1.0 Emailauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethod-delete.md
Deletes a user's [emailAuthenticationMethod](../resources/emailauthenticationmet
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+### Permissions acting on self
+
+|Permission type | Permissions (from least to most privileged) |
+|:|:-|
+| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+### Permissions acting on other users
+ |Permission type | Permissions (from least to most privileged) | |:|:-| | Delegated (work or school account) | UserAuthenticationMethod.ReadWrite |
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication admin
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete the email method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /me/authentication/emailMethods/{id}
+```
+
+Delete the email authentication method from another user's account.
+<!-- { "blockType": "ignored" } -->
``` http DELETE /users/{id | userPrincipalName}/authentication/emailMethods/{id} ```
v1.0 Emailauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own email authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/emailMethods/{id}
+```
+
+Get details of your own or another user's email authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/emailMethods/{id} ```
v1.0 Emailauthenticationmethod Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethod-update.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Update the email method for your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+``` http
+PATCH /me/authentication/emailMethods/{id}
+```
+
+Update the email authentication method for another user's account.
+<!-- { "blockType": "ignored" } -->
``` http PATCH /users/{id | userPrincipalName}/authentication/emailMethods/{id} ```
v1.0 Emailauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Emailauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
For delegated scenarios, the administrator needs one of the following [Azure AD
--> ```http
-GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/email
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/email
``` ## Request headers
v1.0 Emailauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Entitlementmanagement Post Assignmentpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/entitlementmanagement-post-assignmentpolicies.md
The following example shows a more complex policy with two stages of approval an
<!-- {
- "blockType": "ignored",
+ "blockType": "request",
"name": "create_accesspackageassignmentpolicy_2" } -->
The following example shows a policy that automatically creates assignments for
<!-- {
- "blockType": "ignored",
+ "blockType": "request",
"name": "create_accesspackageassignmentpolicy_autoassignment" } -->
The following example shows a policy that automatically creates assignments for
<!-- {
- "blockType": "ignored",
+ "blockType": "request",
"name": "create_accesspackageassignmentpolicy_autoassignment" } -->
v1.0 Externalconnectors Externalgroup Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalgroup-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/update-externalgroup-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/update-externalgroup-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Externalconnectors Externalitem Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalitem-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/update-externalitem-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/update-externalitem-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Featurerolloutpolicy Delete Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/featurerolloutpolicy-delete-appliesto.md
Title: "Remove appliesTo"
+ Title: "Remove appliesTo on a featureRolloutPolicy"
description: "Remove a directoryObject from feature rollout." ms.localizationpriority: medium
ms.prod: "identity-and-sign-in"
doc_type: "apiPageType"
-# Remove appliesTo
+# Remove appliesTo on a featureRolloutPolicy
Namespace: microsoft.graph
v1.0 Featurerolloutpolicy Post Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/featurerolloutpolicy-post-appliesto.md
Title: "Assign appliesTo"
+ Title: "Assign appliesTo on a featureRolloutPolicy"
description: "Assign a directoryObject to feature rollout." ms.localizationpriority: medium
ms.prod: "identity-and-sign-in"
doc_type: "apiPageType"
-# Assign appliesTo
+# Assign appliesTo on a featureRolloutPolicy
Namespace: microsoft.graph
v1.0 Fido2authenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
+Remove a FIDO2 authentication method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+```http
+DELETE /me/authentication/fido2Methods/{id}
+```
+
+Remove a FIDO2 authentication method from another user's account.
+<!-- { "blockType": "ignored" } -->
+```http
DELETE /users/{id | userPrincipalName}/authentication/fido2Methods/{id} ```
v1.0 Fido2authenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global admin
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own FIDO2 authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/fido2Methods/{id}
+```
+
+Get details of your own or another user's FIDO2 authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/fido2Methods/{id} ```
v1.0 Fido2authenticationmethod List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethod-list.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve the details of your own FIDO2 authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/fido2Methods
+```
+
+Retrieve the details of your own or another user's FIDO2 authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/fido2Methods ```
v1.0 Fido2authenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-delete.md
Title: "Delete fido2AuthenticationMethodConfiguration" description: "Delete a fido2AuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: "apiPageType"
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Fido2authenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-get.md
Title: "Get fido2AuthenticationMethodConfiguration" description: "Read the properties and relationships of a fido2AuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: "apiPageType"
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
Content-type: application/json
"id": "all_users", "isRegistrationRequired": false }
- ]
+ ],
+ "excludeTargets": []
} ```
v1.0 Fido2authenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-update.md
Title: "Update fido2AuthenticationMethodConfiguration" description: "Update the properties of a fido2AuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: "apiPageType"
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Group List Calendarview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-list-calendarview.md
Title: "List calendarView"
+ Title: "List group calendarView"
description: "Get the occurrences, exceptions, and single instances of events in a calendar view defined by a time range," ms.localizationpriority: medium
ms.prod: "groups"
doc_type: apiPageType
-# List calendarView
+# List group calendarView
Namespace: microsoft.graph
v1.0 Group List Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-list-settings.md
GET /groupSettings
<!-- { "blockType": "ignored" } -->
-List group-specific settings
+List group-specific settings.
```http GET /groups/{groupId}/settings
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and collection of [groupSetting](../resources/groupsetting.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [groupSetting](../resources/groupsetting.md) objects in the response body.
## Examples
-### Example: Retrieve the tenant-level group settings
+### Example 1: Retrieve the tenant-level group settings
#### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/v1.0/groupSettings
#### Response
+The following is an example of the response.
+ > **Note:** The response object shown here might be shortened for readability. <!-- {
Content-type: application/json
#### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/v1.0/groups/05aa6a98-956a-45c0-b13b-88076a23f2cd
#### Response
+The following is an example of the response.
+ > **Note:** The response object shown here might be shortened for readability. <!-- {
v1.0 Group Post Groups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-post-groups.md
The following table shows the properties that are required when you create the [
| :-- | : | :-- | | displayName | String | The name to display in the address book for the group. Maximum length: 256 characters. Required. | | mailEnabled | Boolean | Set to `true` for mail-enabled groups. Required. |
-| mailNickname | String | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : . <> , SPACE`. Required. |
+| mailNickname | String | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : <> , SPACE`. Required. |
| securityEnabled | Boolean | Set to `true` for security-enabled groups, including Microsoft 365 groups. Required. **Note:** Groups created using the Microsoft Azure portal always have **securityEnabled** initially set to `true`. | > [!IMPORTANT]
v1.0 Homerealmdiscoverypolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/homerealmdiscoverypolicy-delete.md
DELETE https://graph.microsoft.com/v1.0/policies/homeRealmDiscoveryPolicies/{id}
[!INCLUDE [sample-code](../includes/snippets/go/delete-homerealmdiscoverypolicy-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/delete-homerealmdiscoverypolicy-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Intune Apps Windowsappx Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/intune-apps-windowsappx-create.md
+
+ Title: "Create windowsAppX"
+description: "Create a new windowsAppX object."
+
+localization_priority: Normal
++
+# Create windowsAppX
+
+Namespace: microsoft.graph
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Create a new [windowsAppX](../resources/intune-apps-windowsappx.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementApps.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementApps.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceAppManagement/mobileApps
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply a JSON representation for the windowsAppX object.
+
+The following table shows the properties that are required when you create the windowsAppX.
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|displayName|String|The admin provided or imported title of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|description|String|The description of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|publisher|String|The publisher of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|largeIcon|[mimeContent](../resources/intune-shared-mimecontent.md)|The large icon, to be displayed in the app details and used for upload of the icon. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|createdDateTime|DateTimeOffset|The date and time the app was created. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|lastModifiedDateTime|DateTimeOffset|The date and time the app was last modified. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|isFeatured|Boolean|The value indicating whether the app is marked as featured by the admin. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|privacyInformationUrl|String|The privacy statement Url. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|informationUrl|String|The more information Url. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|owner|String|The owner of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|developer|String|The developer of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|notes|String|Notes for the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|publishingState|[mobileAppPublishingState](../resources/intune-apps-mobileapppublishingstate.md)|The publishing state for the app. The app cannot be assigned unless the app is published. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md). Possible values are: `notPublished`, `processing`, `published`.|
+|committedContentVersion|String|The internal committed content version. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) on which this app can run. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`; default value is `none`. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`.|
+|identityName|String|The identity name of the uploaded app package. For example: "Contoso.DemoApp".|
+|identityPublisherHash|String|The identity publisher hash of the uploaded app package. This is the hash of the publisher from the manifest. For example: "AB82CD0XYZ".|
+|identityResourceIdentifier|String|The identity resource identifier of the uploaded app package. For example: "TestResourceId".|
+|isBundle|Boolean|When TRUE, indicates that the app is a bundle. When FALSE, indicates that the app is not a bundle. By default, property is set to FALSE.|
+|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system. Valid values for a WindowsAppX app include `v8_0`, `v8_1` and `v10_0`. If the app is a bundle, the minimum supported OS has to be at least `v8_1`.|
+|identityVersion|String|The identity version of the uploaded app package. For example: "1.0.0.0".|
+++
+## Response
+If successful, this method returns a `201 Created` response code and a [windowsAppX](../resources/intune-apps-windowsappx.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps
+Content-type: application/json
+Content-length: 1141
+
+{
+ "@odata.type": "#microsoft.graph.windowsAppX",
+ "displayName": "Display Name value",
+ "description": "Description value",
+ "publisher": "Publisher value",
+ "largeIcon": {
+ "@odata.type": "microsoft.graph.mimeContent",
+ "type": "Type value",
+ "value": "dmFsdWU="
+ },
+ "isFeatured": true,
+ "privacyInformationUrl": "https://example.com/privacyInformationUrl/",
+ "informationUrl": "https://example.com/informationUrl/",
+ "owner": "Owner value",
+ "developer": "Developer value",
+ "notes": "Notes value",
+ "publishingState": "processing",
+ "committedContentVersion": "Committed Content Version value",
+ "fileName": "File Name value",
+ "size": 4,
+ "applicableArchitectures": "x86",
+ "identityName": "Identity Name value",
+ "identityPublisherHash": "Identity Publisher Hash value",
+ "identityResourceIdentifier": "Identity Resource Identifier value",
+ "isBundle": true,
+ "minimumSupportedOperatingSystem": {
+ "@odata.type": "microsoft.graph.windowsMinimumOperatingSystem",
+ "v8_0": true,
+ "v8_1": true,
+ "v10_0": true
+ },
+ "identityVersion": "Identity Version value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+Content-Length: 1313
+
+{
+ "@odata.type": "#microsoft.graph.windowsAppX",
+ "id": "b5179a93-9a93-b517-939a-17b5939a17b5",
+ "displayName": "Display Name value",
+ "description": "Description value",
+ "publisher": "Publisher value",
+ "largeIcon": {
+ "@odata.type": "microsoft.graph.mimeContent",
+ "type": "Type value",
+ "value": "dmFsdWU="
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "isFeatured": true,
+ "privacyInformationUrl": "https://example.com/privacyInformationUrl/",
+ "informationUrl": "https://example.com/informationUrl/",
+ "owner": "Owner value",
+ "developer": "Developer value",
+ "notes": "Notes value",
+ "publishingState": "processing",
+ "committedContentVersion": "Committed Content Version value",
+ "fileName": "File Name value",
+ "size": 4,
+ "applicableArchitectures": "x86",
+ "identityName": "Identity Name value",
+ "identityPublisherHash": "Identity Publisher Hash value",
+ "identityResourceIdentifier": "Identity Resource Identifier value",
+ "isBundle": true,
+ "minimumSupportedOperatingSystem": {
+ "@odata.type": "microsoft.graph.windowsMinimumOperatingSystem",
+ "v8_0": true,
+ "v8_1": true,
+ "v10_0": true
+ },
+ "identityVersion": "Identity Version value"
+}
+```
v1.0 Intune Apps Windowsappx Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/intune-apps-windowsappx-delete.md
+
+ Title: "Delete windowsAppX"
+description: "Deletes a windowsAppX."
+
+localization_priority: Normal
++
+# Delete windowsAppX
+
+Namespace: microsoft.graph
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Deletes a [windowsAppX](../resources/intune-apps-windowsappx.md).
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementApps.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementApps.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /deviceAppManagement/mobileApps/{mobileAppId}
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `204 No Content` response code.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+DELETE https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps/{mobileAppId}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Intune Apps Windowsappx Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/intune-apps-windowsappx-get.md
+
+ Title: "Get windowsAppX"
+description: "Read properties and relationships of the windowsAppX object."
+
+localization_priority: Normal
++
+# Get windowsAppX
+
+Namespace: microsoft.graph
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Read properties and relationships of the [windowsAppX](../resources/intune-apps-windowsappx.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceAppManagement/mobileApps/{mobileAppId}
+```
+
+## Optional query parameters
+This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and [windowsAppX](../resources/intune-apps-windowsappx.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps/{mobileAppId}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1400
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.windowsAppX",
+ "id": "b5179a93-9a93-b517-939a-17b5939a17b5",
+ "displayName": "Display Name value",
+ "description": "Description value",
+ "publisher": "Publisher value",
+ "largeIcon": {
+ "@odata.type": "microsoft.graph.mimeContent",
+ "type": "Type value",
+ "value": "dmFsdWU="
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "isFeatured": true,
+ "privacyInformationUrl": "https://example.com/privacyInformationUrl/",
+ "informationUrl": "https://example.com/informationUrl/",
+ "owner": "Owner value",
+ "developer": "Developer value",
+ "notes": "Notes value",
+ "publishingState": "processing",
+ "committedContentVersion": "Committed Content Version value",
+ "fileName": "File Name value",
+ "size": 4,
+ "applicableArchitectures": "x86",
+ "identityName": "Identity Name value",
+ "identityPublisherHash": "Identity Publisher Hash value",
+ "identityResourceIdentifier": "Identity Resource Identifier value",
+ "isBundle": true,
+ "minimumSupportedOperatingSystem": {
+ "@odata.type": "microsoft.graph.windowsMinimumOperatingSystem",
+ "v8_0": true,
+ "v8_1": true,
+ "v10_0": true
+ },
+ "identityVersion": "Identity Version value"
+ }
+}
+```
v1.0 Intune Apps Windowsappx List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/intune-apps-windowsappx-list.md
+
+ Title: "List windowsAppXs"
+description: "List properties and relationships of the windowsAppX objects."
+
+localization_priority: Normal
++
+# List windowsAppXs
+
+Namespace: microsoft.graph
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+List properties and relationships of the [windowsAppX](../resources/intune-apps-windowsappx.md) objects.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceAppManagement/mobileApps
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and a collection of [windowsAppX](../resources/intune-apps-windowsappx.md) objects in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1482
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.windowsAppX",
+ "id": "b5179a93-9a93-b517-939a-17b5939a17b5",
+ "displayName": "Display Name value",
+ "description": "Description value",
+ "publisher": "Publisher value",
+ "largeIcon": {
+ "@odata.type": "microsoft.graph.mimeContent",
+ "type": "Type value",
+ "value": "dmFsdWU="
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "isFeatured": true,
+ "privacyInformationUrl": "https://example.com/privacyInformationUrl/",
+ "informationUrl": "https://example.com/informationUrl/",
+ "owner": "Owner value",
+ "developer": "Developer value",
+ "notes": "Notes value",
+ "publishingState": "processing",
+ "committedContentVersion": "Committed Content Version value",
+ "fileName": "File Name value",
+ "size": 4,
+ "applicableArchitectures": "x86",
+ "identityName": "Identity Name value",
+ "identityPublisherHash": "Identity Publisher Hash value",
+ "identityResourceIdentifier": "Identity Resource Identifier value",
+ "isBundle": true,
+ "minimumSupportedOperatingSystem": {
+ "@odata.type": "microsoft.graph.windowsMinimumOperatingSystem",
+ "v8_0": true,
+ "v8_1": true,
+ "v10_0": true
+ },
+ "identityVersion": "Identity Version value"
+ }
+ ]
+}
+```
v1.0 Intune Apps Windowsappx Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/intune-apps-windowsappx-update.md
+
+ Title: "Update windowsAppX"
+description: "Update the properties of a windowsAppX object."
+
+localization_priority: Normal
++
+# Update windowsAppX
+
+Namespace: microsoft.graph
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Update the properties of a [windowsAppX](../resources/intune-apps-windowsappx.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementApps.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementApps.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /deviceAppManagement/mobileApps/{mobileAppId}
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply a JSON representation for the [windowsAppX](../resources/intune-apps-windowsappx.md) object.
+
+The following table shows the properties that are required when you create the [windowsAppX](../resources/intune-apps-windowsappx.md).
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|displayName|String|The admin provided or imported title of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|description|String|The description of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|publisher|String|The publisher of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|largeIcon|[mimeContent](../resources/intune-shared-mimecontent.md)|The large icon, to be displayed in the app details and used for upload of the icon. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|createdDateTime|DateTimeOffset|The date and time the app was created. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|lastModifiedDateTime|DateTimeOffset|The date and time the app was last modified. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|isFeatured|Boolean|The value indicating whether the app is marked as featured by the admin. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|privacyInformationUrl|String|The privacy statement Url. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|informationUrl|String|The more information Url. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|owner|String|The owner of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|developer|String|The developer of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|notes|String|Notes for the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|publishingState|[mobileAppPublishingState](../resources/intune-apps-mobileapppublishingstate.md)|The publishing state for the app. The app cannot be assigned unless the app is published. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md). Possible values are: `notPublished`, `processing`, `published`.|
+|committedContentVersion|String|The internal committed content version. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) on which this app can run. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`; default value is `none`. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`.|
+|identityName|String|The identity name of the uploaded app package. For example: "Contoso.DemoApp".|
+|identityPublisherHash|String|The identity publisher hash of the uploaded app package. This is the hash of the publisher from the manifest. For example: "AB82CD0XYZ".|
+|identityResourceIdentifier|String|The identity resource identifier of the uploaded app package. For example: "TestResourceId".|
+|isBundle|Boolean|When TRUE, indicates that the app is a bundle. When FALSE, indicates that the app is not a bundle. By default, property is set to FALSE.|
+|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system. Valid values for a WindowsAppX app include `v8_0`, `v8_1` and `v10_0`. If the app is a bundle, the minimum supported OS has to be at least `v8_1`.|
+|identityVersion|String|The identity version of the uploaded app package. For example: "1.0.0.0".|
+++
+## Response
+If successful, this method returns a `200 OK` response code and an updated [windowsAppX](../resources/intune-apps-windowsappx.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+PATCH https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps/{mobileAppId}
+Content-type: application/json
+Content-length: 1141
+
+{
+ "@odata.type": "#microsoft.graph.windowsAppX",
+ "displayName": "Display Name value",
+ "description": "Description value",
+ "publisher": "Publisher value",
+ "largeIcon": {
+ "@odata.type": "microsoft.graph.mimeContent",
+ "type": "Type value",
+ "value": "dmFsdWU="
+ },
+ "isFeatured": true,
+ "privacyInformationUrl": "https://example.com/privacyInformationUrl/",
+ "informationUrl": "https://example.com/informationUrl/",
+ "owner": "Owner value",
+ "developer": "Developer value",
+ "notes": "Notes value",
+ "publishingState": "processing",
+ "committedContentVersion": "Committed Content Version value",
+ "fileName": "File Name value",
+ "size": 4,
+ "applicableArchitectures": "x86",
+ "identityName": "Identity Name value",
+ "identityPublisherHash": "Identity Publisher Hash value",
+ "identityResourceIdentifier": "Identity Resource Identifier value",
+ "isBundle": true,
+ "minimumSupportedOperatingSystem": {
+ "@odata.type": "microsoft.graph.windowsMinimumOperatingSystem",
+ "v8_0": true,
+ "v8_1": true,
+ "v10_0": true
+ },
+ "identityVersion": "Identity Version value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1313
+
+{
+ "@odata.type": "#microsoft.graph.windowsAppX",
+ "id": "b5179a93-9a93-b517-939a-17b5939a17b5",
+ "displayName": "Display Name value",
+ "description": "Description value",
+ "publisher": "Publisher value",
+ "largeIcon": {
+ "@odata.type": "microsoft.graph.mimeContent",
+ "type": "Type value",
+ "value": "dmFsdWU="
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "isFeatured": true,
+ "privacyInformationUrl": "https://example.com/privacyInformationUrl/",
+ "informationUrl": "https://example.com/informationUrl/",
+ "owner": "Owner value",
+ "developer": "Developer value",
+ "notes": "Notes value",
+ "publishingState": "processing",
+ "committedContentVersion": "Committed Content Version value",
+ "fileName": "File Name value",
+ "size": 4,
+ "applicableArchitectures": "x86",
+ "identityName": "Identity Name value",
+ "identityPublisherHash": "Identity Publisher Hash value",
+ "identityResourceIdentifier": "Identity Resource Identifier value",
+ "isBundle": true,
+ "minimumSupportedOperatingSystem": {
+ "@odata.type": "microsoft.graph.windowsMinimumOperatingSystem",
+ "v8_0": true,
+ "v8_1": true,
+ "v10_0": true
+ },
+ "identityVersion": "Identity Version value"
+}
+```
v1.0 List Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/list-create.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST https://graph.microsoft.com/v1.0/sites/{site-id}/lists
+POST /sites/{site-id}/lists
``` ## Request headers
v1.0 List Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/list-get.md
One of the following permissions is required to call this API. To learn more, in
## HTTP request ```http
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-title}
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}?expand=columns,items(expand=fields)
+GET /sites/{site-id}/lists/{list-id}
+GET /sites/{site-id}/lists/{list-title}
+GET /sites/{site-id}/lists/{list-id}?expand=columns,items(expand=fields)
``` ## Request body
v1.0 List List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/list-list.md
One of the following permissions is required to call this API. To learn more, in
## HTTP request ```http
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists
+GET /sites/{site-id}/lists
``` ## Request headers
v1.0 Listitem Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/listitem-create.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items
+POST /sites/{site-id}/lists/{list-id}/items
``` ## Request body
v1.0 Listitem Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/listitem-delete.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items/{item-id}
+DELETE /sites/{site-id}/lists/{list-id}/items/{item-id}
``` ## Optional request headers
v1.0 Listitem Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/listitem-get.md
One of the following permissions is required to call this API. To learn more, in
Get a listItem ```http
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items/{item-id}
+GET /sites/{site-id}/lists/{list-id}/items/{item-id}
``` Get the column values of a listItem ```http
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items/{item-id}?expand=fields
+GET /sites/{site-id}/lists/{list-id}/items/{item-id}?expand=fields
``` Get specific column values of a listItem ```http
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items/{item-id}?expand=fields(select=Column1,Column2)
+GET /sites/{site-id}/lists/{list-id}/items/{item-id}?expand=fields(select=Column1,Column2)
```+ ## Optional query parameters This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
v1.0 Listitem List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/listitem-list.md
One of the following permissions is required to call this API. To learn more, in
## HTTP request ```http
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items?expand=fields
-GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items?expand=fields(select=Column1,Column2)
+GET /sites/{site-id}/lists/{list-id}/items
+GET /sites/{site-id}/lists/{list-id}/items?expand=fields
+GET /sites/{site-id}/lists/{list-id}/items?expand=fields(select=Column1,Column2)
``` ## Request headers
v1.0 Listitem Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/listitem-update.md
One of the following permissions is required to call this API. To learn more, in
Update the properties on a listItem. ```http
-PATCH https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items/{item-id}
+PATCH /sites/{site-id}/lists/{list-id}/items/{item-id}
``` Update column values on a listItem. ```http
-PATCH https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items/{item-id}/fields
+PATCH /sites/{site-id}/lists/{list-id}/items/{item-id}/fields
``` ## Optional request headers
v1.0 Longrunningoperation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/longrunningoperation-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | Not supported. | | Application | Not supported. | Not supported. |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Administrator
-* Global Reader
-* Privileged Authentication Administrator
-* Authentication Administrator
## HTTP request
v1.0 Microsoftauthenticatorauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete your own Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
``` http DELETE /me/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId}
+```
+
+Delete your own or another user's Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
DELETE /users/{id | userPrincipalName}/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId} ```
v1.0 Microsoftauthenticatorauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId}
+```
+
+Get details of your own or another user's Microsoft Authenticator authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/microsoftAuthenticatorMethods/{microsoftAuthenticatorAuthenticationMethodId} ```
v1.0 Microsoftauthenticatorauthenticationmethod List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethod-list.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Get details of your own Microsoft Authenticator authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/microsoftAuthenticatorMethods
+```
+
+Get details of your own or another user's Microsoft Authenticator authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/microsoftAuthenticatorMethods ```
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-delete.md
Title: "Delete microsoftAuthenticatorAuthenticationMethodConfiguration" description: "Deletes a microsoftAuthenticatorAuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-get.md
Title: "Get microsoftAuthenticatorAuthenticationMethodConfiguration" description: "Read the properties and relationships of a microsoftAuthenticatorAuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
Content-Type: application/json
"authenticationMode": "any" } ],
+ "excludeTargets": [],
"featureSettings": { "displayAppContextRequiredState" : { "state": "enabled",
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-update.md
Title: "Update microsoftAuthenticatorAuthenticationMethodConfiguration" description: "Update the properties of a microsoftAuthenticatorAuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
Content-Type: application/json
### Response
-**Note:** The response object shown here might be shortened for readability.
+The following is an example of the response.
<!-- { "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration"
+ "truncated": true
} --> ``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-
-{
- "@odata.type": "#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration",
- "id": "129ae788-e788-129a-88e7-9a1288e79a12",
- "state": "String"
-}
+HTTP/1.1 204 No Content
```
v1.0 Organizationalbranding Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbranding-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Organizationalbranding List Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbranding-list-localizations.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Not supported. |
v1.0 Organizationalbrandinglocalization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbrandinglocalization-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Passwordauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/passwordauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global Administrator
-* Global Reader
-* Privileged Authentication Administrator
-* Authentication Administrator
## HTTP request
+Get details of your own password authentication method.
<!-- { "blockType": "ignored" } -->- ```http GET /me/authentication/passwordMethods/{id}
+```
+
+Get details of your own or another user's password authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/passwordMethods/{id} ```
v1.0 Phoneauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/phoneauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
+Delete your own phone authentication method.
<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /me/authentication/phoneMethods/{phoneMethodId}
+```
-```http
-DELETE /me/authentication/phoneMethods/{id}
-DELETE /users/{id | userPrincipalName}/authentication/phoneMethods/{id}
+Delete your own or another user's phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /users/{id | userPrincipalName}/authentication/phoneMethods/{phoneMethodId}
```
-The value of `id` corresponding to the phoneType to delete is one of the following:
+
+The value of `phoneMethodId` corresponding to the phoneType to delete is one of the following:
+ `b6332ec1-7057-4abe-9331-3d72feddfe41` to delete the `alternateMobile` **phoneType**. + `e37fc753-ff3b-4958-9484-eaa9425c82bc` to delete the `office` **phoneType**. + `3179e48a-750b-4051-897c-87b9720928f7` to delete the `mobile` **phoneType**.
v1.0 Phoneauthenticationmethod Disablesmssignin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/phoneauthenticationmethod-disablesmssignin.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
+Disable SMS sign-in for your own mobile phone authentication method.
<!-- { "blockType": "ignored" } -->
+``` http
+POST /me/authentication/phoneMethods/{mobilePhoneMethodId}/disableSmsSignIn
+```
-```http
-POST /me/authentication/phoneMethods/{id}/disableSmsSignIn
-POST /users/{id | userPrincipalName}/authentication/phoneMethods/{id}/disableSmsSignIn
+Disable SMS sign-in for your own or another user's mobile phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+POST /users/{id | userPrincipalName}/authentication/phoneMethods/{mobilePhoneMethodId}/disableSmsSignIn
```
-The value of `id` for the `mobile` phoneType is `3179e48a-750b-4051-897c-87b9720928f7`.
+
+The value of `mobilePhoneMethodId` for the `mobile` phoneType is `3179e48a-750b-4051-897c-87b9720928f7`.
## Request headers
v1.0 Phoneauthenticationmethod Enablesmssignin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/phoneauthenticationmethod-enablesmssignin.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
+Enable SMS sign-in for your own mobile phone authentication method.
<!-- { "blockType": "ignored" } -->
+``` http
+POST /me/authentication/phoneMethods/{mobilePhoneMethodId}/enableSmsSignIn
+```
-```http
-POST /me/authentication/phoneMethods/{id}/enableSmsSignIn
-POST /users/{id | userPrincipalName}/authentication/phoneMethods/{id}/enableSmsSignIn
+Enable SMS sign-in for your own or another user's mobile phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+POST /users/{id | userPrincipalName}/authentication/phoneMethods/{mobilePhoneMethodId}/enableSmsSignIn
```
-The value of `id` for the `mobile` phoneType is `3179e48a-750b-4051-897c-87b9720928f7`.
+
+The value of `mobilePhoneMethodId` for the `mobile` phoneType is `3179e48a-750b-4051-897c-87b9720928f7`.
## Request headers
v1.0 Phoneauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/phoneauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
+
+> [!NOTE]
+> The authentication administrator only sees masked phone numbers.
## HTTP request
+Retrieve details of your own phone authentication method.
<!-- { "blockType": "ignored" } -->-
-```http
+``` http
GET /me/authentication/phoneMethods/{phoneMethodId}
+```
+
+Retrieve details of your own or another user's phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{userId | userPrincipalName}/authentication/phoneMethods/{phoneMethodId} ```+ The value of `phoneMethodId` corresponding to the phoneType is one of the following: + `b6332ec1-7057-4abe-9331-3d72feddfe41` to retrieve the `alternateMobile` **phoneType**. + `e37fc753-ff3b-4958-9484-eaa9425c82bc` to retrieve the `office` **phoneType**.
v1.0 Phoneauthenticationmethod Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/phoneauthenticationmethod-update.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
+Update your own phone authentication method.
<!-- { "blockType": "ignored" } -->
+``` http
+PATCH /me/authentication/phoneMethods/{phoneMethodId}
+```
-```http
-PATCH /me/authentication/phoneMethods/{id}
-PATCH /users/{id | userPrincipalName}/authentication/phoneMethods/{id}
+Update your own or another user's phone authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+PATCH /users/{id | userPrincipalName}/authentication/phoneMethods/{phoneMethodId}
```
-The value of `id` corresponding to the phoneType to update is one of the following:
+
+The value of `phoneMethodId` corresponding to the phoneType to update is one of the following:
+ `b6332ec1-7057-4abe-9331-3d72feddfe41` to update the `alternateMobile` **phoneType**. + `e37fc753-ff3b-4958-9484-eaa9425c82bc` to update the `office` **phoneType**. + `3179e48a-750b-4051-897c-87b9720928f7` to update the `mobile` **phoneType**.
v1.0 Plannerbucket Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/plannerbucket-get.md
Title: "Get plannerBucket"
-description: "Retrieve the properties and relationships of **plannerBucket** object."
+description: "Retrieve the properties and relationships of a plannerBucket object."
ms.localizationpriority: medium ms.prod: "planner"
doc_type: apiPageType
Namespace: microsoft.graph
-Retrieve the properties and relationships of **plannerBucket** object.
+Retrieve the properties and relationships of a [plannerBucket](../resources/plannerbucket.md) object.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and [plannerBucket](../resources/plannerbucket.md) object in the response body.
+If successful, this method returns a `200 OK` response code and a [plannerBucket](../resources/plannerbucket.md) object in the response body.
This method can return any of the [HTTP status codes](/graph/errors). The most common errors that apps should handle for this method are the 403 and 404 responses. For more information about these errors, see [Common Planner error conditions](../resources/planner-overview.md#common-planner-error-conditions). ## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_plannerbucket"
+ "name": "get_plannerbucket",
+ "sampleKeys": ["hsOf2dhOJkqyYYZEtdzDe2QAIUCR"]
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/planner/buckets/{bucket-id}
+GET https://graph.microsoft.com/v1.0/planner/buckets/hsOf2dhOJkqyYYZEtdzDe2QAIUCR
``` # [C#](#tab/csharp)
GET https://graph.microsoft.com/v1.0/planner/buckets/{bucket-id}
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
"suppressions": [ ] }-->-
v1.0 Profilephoto Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/profilephoto-update.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | Group.ReadWrite.All | |Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.ReadWrite.All |
+|Application | Not supported. |
### To update the profile photo of a team
v1.0 Rangeformat Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/rangeformat-update.md
This request updates the font style, size, and color of the first cell.
# [HTTP](#tab/http)+ <!-- { "blockType": "request", "name": "update_rangeformat_font" }-->+ ```http PATCH https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/worksheets/{sheet-id}/range(address='$A$1')/format/font Content-type: application/json
This request updates the vertical alignment, horizontal alignment, row height, a
# [HTTP](#tab/http)+ <!-- { "blockType": "request", "name": "update_rangeformat_two" }-->+ ```http PATCH https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/worksheets/{sheet-id}/range(address='$B$1')/format Content-type: application/json
This request updates the font style and size of the second cell.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_rangeformat_font_two"
+ "name": "update_rangeformat_font_two1"
}--> ```http PATCH https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/worksheets/{sheet-id}/range(address='$B$1')/format/font
This request updates the background color of the second cell.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_rangeformat_fill_two"
+ "name": "update_rangeformat_fill_two1"
}--> ```http PATCH https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/worksheets/{sheet-id}/range(address='$B$1')/format/fill
This request updates the font style, size, and color of the third cell. Note tha
# [HTTP](#tab/http)+ <!-- { "blockType": "request",
- "name": "update_rangeformat_font_three"
+ "name": "update_font_rangeformat"
}-->+ ```http PATCH https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/worksheets/{sheet-id}/range(address='$C$1')/format/font Content-type: application/json
This request updates the background color of the third cell.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_rangeformat_fill_three"
+ "name": "update_rangeformat_fill_three_v_one"
}--> ```http PATCH https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/worksheets/{sheet-id}/range(address='$C$1')/format/fill
Content-type: application/json
"keywords": "", "section": "documentation", "suppressions": [
- "Error: update_rangeformat_font_three/underline:
+ "Error: update_font_rangeformat/underline:
Expected type String but actual was Single. Property: underline, actual value: 'Single'" ], "tocPath": ""
v1.0 Rbacapplication List Roledefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/rbacapplication-list-roledefinitions.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All | - ### For the entitlement management provider |Permission type | Permissions (from least to most privileged) |
One of the following permissions is required to call this API. To learn more, in
To list role definitions for the directory provider: <!-- { "blockType": "ignored" } -->- ```http GET /roleManagement/directory/roleDefinitions ```
+To list role definitions for the entitlement management provider:
+<!-- { "blockType": "ignored" } -->
+```http
+/roleManagement/entitlementManagement/roleDefinitions
+```
+ ## Optional query parameters This method supports the `$filter` (`eq` and `in` operators) OData query parameter on `id`, `displayName`, and `isBuiltIn` properties. It also supports `$expand` on the relationships. For general information, see [OData query parameters](/graph/query-parameters).
v1.0 Security Alert Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-alert-get.md
GET https://graph.microsoft.com/v1.0/security/alerts_v2/da637578995287051192_756
[!INCLUDE [sample-code](../includes/snippets/go/get-security-alert-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-security-alert-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Security Alert Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-alert-update.md
Content-length: 2450
[!INCLUDE [sample-code](../includes/snippets/go/update-alert-v2-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/update-alert-v2-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Security List Alerts_V2 https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-list-alerts_v2.md
GET https://graph.microsoft.com/v1.0/security/alerts_v2
[!INCLUDE [sample-code](../includes/snippets/go/security-list-alerts-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/security-list-alerts-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Serviceprincipal Delete Owners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-delete-owners.md
The following example shows the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "serviceprincipal_delete_owners"
+ "name": "serviceprincipal_delete_owners_e1"
}--> ```http
v1.0 Site List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/site-list.md
In addition, you can use a **[$search][]** query against the `/sites` collection
[$search]: site-search.md [sites]: ../resources/site.md
-For more guidance about building applications that use site discovery for scanning purposes, see [Best practices for discovering files and detecting changes at scale](/onedrive/developer/rest-api/concepts/scan-guidance?view=odsp-graph-online).
+For more guidance about building applications that use site discovery for scanning purposes, see [Best practices for discovering files and detecting changes at scale](/onedrive/developer/rest-api/concepts/scan-guidance?view=odsp-graph-online&preserve-view=true).
## Permissions
GET /sites
GET /sites?$filter=siteCollection/root ne null ```
-## Example
+## Examples
-### Request
+### Example 1: List sites using query parameters
+#### Request
-<!-- { "blockType": "ignored" } -->
+
+<!-- {
+ "blockType": "request",
+ "name": "list_sites_example1"
+}-->
```http GET https://graph.microsoft.com/v1.0/sites?$select=siteCollection,webUrl&$filter=siteCollection/root%20ne%20null ```
-### Response
+#### Response
<!-- { "blockType": "response", "@type": "microsoft.graph.site", "isCollection": true, "truncated": true } -->
Content-type: application/json
} ```
-### Request
+### Example 2: List all sites
+#### Request
-<!-- { "blockType": "ignored" } -->
+<!-- {
+ "blockType": "request",
+ "name": "list_sites_example2"
+}-->
```http GET https://graph.microsoft.com/v1.0/sites ```
-### Response
+#### Response
<!-- { "blockType": "response", "@type": "microsoft.graph.site", "isCollection": true, "truncated": true } -->
v1.0 Smsauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/smsauthenticationmethodconfiguration-delete.md
+
+ Title: "Delete smsAuthenticationMethodConfiguration"
+description: "Delete a smsAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Delete smsAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Remove changes made to the [text message authentication method policy](../resources/smsauthenticationmethodconfiguration.md) by reverting the policy to its default configuration.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_smsauthenticationmethodconfiguration"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Smsauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/smsauthenticationmethodconfiguration-get.md
+
+ Title: "Get smsAuthenticationMethodConfiguration"
+description: "Read the properties and relationships of a smsAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Get smsAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Read the properties and relationships of a [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object, which represents the Text Message authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_smsauthenticationmethodconfiguration"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.smsAuthenticationMethodConfiguration"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "Sms",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false,
+ "isUsableForSignIn": true
+ }
+ ],
+ "excludeTargets": []
+ }
+}
+```
+
v1.0 Smsauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/smsauthenticationmethodconfiguration-update.md
+
+ Title: "Update smsAuthenticationMethodConfiguration"
+description: "Update the properties of a smsAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Update smsAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Update the properties of a [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object, which represents the text message authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
+
+>**Note:** The `@odata.type` property with a value of `#microsoft.graph.smsAuthenticationMethodConfiguration` must be included in the body.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_smsauthenticationmethodconfiguration"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "Sms",
+ "state": "enabled"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Softwareoathauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs [one of the following directory roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Authentication administrator
-* Privileged authentication administrator
-* Global administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
+Remove a software OATH token authentication method from your own account. For a signed-in user to update their own authentication method, they must have satisfied a multi-factor authentication requirement during sign in.
+<!-- { "blockType": "ignored" } -->
+```http
+DELETE /me/authentication/softwareOathMethods/{id}
+```
+
+Remove a software OATH token authentication method from another user's account.
+<!-- { "blockType": "ignored" } -->
+```http
DELETE /users/{id | userPrincipalName}/authentication/softwareOathMethods/{id} ```
v1.0 Softwareoathauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs [one of the following directory roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global Reader
-* Authentication administrator
-* Privileged authentication administrator
-* Global administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve details of your own software OATH token authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/softwareOathMethods/{id}
+```
+
+Retrieve details of your own or another user's software OATH token authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/softwareOathMethods/{id} ```
v1.0 Softwareoathauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethodconfiguration-delete.md
+
+ Title: "Delete softwareOathAuthenticationMethodConfiguration"
+description: "Delete a softwareOathAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Delete softwareOathAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Revert the [third-party software Oath authentication method policy](../resources/softwareoathauthenticationmethodconfiguration.md) to its default configuration.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_softwareoathauthenticationmethodconfiguration"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Softwareoathauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethodconfiguration-get.md
+
+ Title: "Get softwareOathAuthenticationMethodConfiguration"
+description: "Read the properties and relationships of a softwareOathAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Get softwareOathAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Read the properties and relationships of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object, which represents the third-party software OATH authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_softwareoathauthenticationmethodconfiguration"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.softwareOathAuthenticationMethodConfiguration"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "id": "SoftwareOath",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
+ }
+ ],
+ "excludeTargets": []
+ }
+}
+```
+
v1.0 Softwareoathauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethodconfiguration-update.md
+
+ Title: "Update softwareOathAuthenticationMethodConfiguration"
+description: "Update the properties of a softwareOathAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Update softwareOathAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Update the properties of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object, which represents the third-party software OATH authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object with the values of fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
+
+For the list of properties, see [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md).
+
+>**Note:** The `@odata.type` property with a value of `#microsoft.graph.softwareOathAuthenticationMethodConfiguration` must be included in the body.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_softwareoathauthenticationmethodconfiguration"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "state": "disabled"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Team Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-post.md
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go)
v1.0 Teamwork List Deletedteams https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/teamwork-list-deletedteams.md
If successful, this method returns a `200 OK` response code and a collection of
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_deletedteam"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/teamwork/deletedTeams ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++ ### Response The following is an example of the response
Content-Type: application/json
} ] }
-```
+```
v1.0 Temporaryaccesspassauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/temporaryaccesspassauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete your own temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
``` http
-DELETE /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{id}
DELETE /me/authentication/temporaryAccessPassMethods/{id} ```
+Delete your own or another user's temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+DELETE /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{id}
+```
+ ## Request headers |Name|Description| |:|:|
v1.0 Temporaryaccesspassauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/temporaryaccesspassauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve details of your own temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/temporaryAccessPassMethods/{temporaryAccessPassAuthenticationMethodId}
-GET /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{temporaryAccessPassAuthenticationMethodId}
```
+Retrieve details of your own or another user's temporary access pass authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
+GET /users/{id | userPrincipalName}/authentication/temporaryAccessPassMethods/{temporaryAccessPassAuthenticationMethodId}
+```
## Request headers |Name|Description|
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/temporaryaccesspassauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/temporaryaccesspassauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
Content-Type: application/json
"id": "all_users", "isRegistrationRequired": false }
- ]
+ ],
+ "excludeTargets": []
} ```
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/temporaryaccesspassauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 Tenantappmanagementpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tenantappmanagementpolicy-get.md
+
+ Title: "Get tenantAppManagementPolicy"
+description: "Read the default tenant policy that applies to applications and service principals objects."
+ms.localizationpriority: medium
+++
+# Get tenantAppManagementPolicy
+
+Namespace: microsoft.graph
+
+Read the properties of a [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/defaultAppManagementPolicy
+```
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and the requested [defaultAppManagementPolicy](../resources/tenantAppManagementPolicy.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_tenantAppManagementPolicy"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/policies/defaultAppManagementPolicy
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response that shows the default tenant app management policy.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.tenantAppManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/defaultAppManagementPolicy/$entity",
+ "@odata.id": "https://graph.microsoft.com/v2/927c6607-8060-4f4a-a5f8-34964ac78d70/defaultAppManagementPolicy/00000000-0000-0000-0000-000000000000",
+ "id": "00000000-0000-0000-0000-000000000000",
+ "displayName": "Default app management tenant policy",
+ "description": "Default tenant policy that enforces app management restrictions on applications and service principals. To apply policy to targeted resources, create a new policy under appManagementPolicies collection.",
+ "isEnabled": false,
+ "applicationRestrictions": {
+ "passwordCredentials": [],
+ "keyCredentials":[]
+ },
+ "servicePrincipalRestrictions": {
+ "passwordCredentials": [],
+ "keyCredentials":[]
+ }
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Get tenantAppManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Tenantappmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tenantappmanagementpolicy-update.md
+
+ Title: "Update tenantAppManagementPolicy"
+description: "Update the default tenant policy that applies to applications and service principals objects."
+ms.localizationpriority: medium
+++
+# Update tenantAppManagementPolicy
+
+Namespace: microsoft.graph
+
+Update the properties of a [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+PATCH /policies/defaultAppManagementPolicy
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+
+## Request body
+
+In the request body, supply the values for relevant fields from the [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) that should be updated. Existing properties that are not included in the request body will maintain their previous values. For best performance, do not include unchanged values in the request payload.
+
+| Property | Type | Description |
+| : | :-- | :-- |
+| displayName | String | The display name of the default policy. Inherited from [policyBase](../resources/policybase.md). |
+| description | String | The description of the default policy. Inherited from [policyBase](../resources/policybase.md). |
+| isEnabled | Boolean | Denotes if the policy is enabled. Default value is false. |
+| applicationRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all application objects in the tenant. |
+| servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
+
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_tenantAppManagementPolicy"
+}-->
+
+```msgraph-interactive
+PATCH https://graph.microsoft.com/v1.0/policies/defaultAppManagementPolicy
+Content-Type: application/json
+
+{
+ "isEnabled": true,
+ "applicationRestrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2017-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "customPasswordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P40D",
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
+ }
+ ],
+ "keyCredentials":[
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P30D",
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
+ },
+ ]
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": false
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Update tenantAppManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Tokenlifetimepolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-delete.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}
+DELETE https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
v1.0 Tokenlifetimepolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-get.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}
+GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-list-appliesto.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}/appliesTo
+GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/appliesTo
``` # [JavaScript](#tab/javascript)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "id": "id-value",
- "deletedDateTime": "datetime-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "3ccc9971-9ae7-45d6-8de8-263fd25fe116",
+ "appId": "6e4a2285-a438-4bcc-9d76-6c45fb91d4b0",
+ "applicationTemplateId": "8adf8e6e-67b2-4cf2-a259-e3dc5476c621",
+ "displayName": "Contoso IWA App",
+ "publisherDomain": "Contoso.com",
+ "signInAudience": "AzureADMyOrg"
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-list.md
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/tokenLifetimePolicies",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
If successful, this method returns a `201 Created` response code and a new [toke
### Request
-The following is an example of the request.
+The following is an example of a request that creates a token lifetime policy that sets the access and ID token lifetime to eight hours.
# [HTTP](#tab/http)
POST https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
HTTP/1.1 201 Created
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-update.md
In the request body, supply the values for relevant fields that should be update
| Property | Type | Description | |:-|:|:|
-|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. Required.|
+|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. For more information about the JSON schema for this property, see [Properties of a token lifetime policy definition](../resources/tokenlifetimepolicy.md#properties-of-a-token-lifetime-policy-definition). Required.|
|description|String| Description for this policy.| |displayName|String| Display name for this policy. Required.| |isOrganizationDefault|Boolean|If set to true, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is false.|
The following is an example of the request.
}--> ```http
-PATCH https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}
+PATCH https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
Content-type: application/json
The following is an example of the response.
-> **Note:** The response object shown here might be shortened for readability.
- <!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.tokenLifetimePolicy"
+ "blockType": "response"
} -->- ```http HTTP/1.1 204 No Content
-Content-type: application/json
-
-{
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
-}
``` <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
v1.0 User Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-get.md
Title: "Get user"
+ Title: "Get a user"
description: "Retrieve the properties and relationships of user object." ms.localizationpriority: high
ms.prod: "users"
doc_type: apiPageType
-# Get user
+# Get a user
Namespace: microsoft.graph
To retrieve specific properties, use the OData `$select` query parameter. For ex
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_user_select"
+ "name": "get_user_select_e3"
} --> ```msgraph-interactive GET https://graph.microsoft.com/v1.0/users/87d349ed-44d7-43e1-9a83-5f2406dee5bd?$select=displayName,givenName,postalCode,identities
v1.0 User List Calendarview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-calendarview.md
Do not supply a request body for this method.
## Response If successful, this method returns a `200 OK` response code and collection of [event](../resources/event.md) objects in the response body.+ ## Example
-##### Request
+### Request
Here is an example of the request. # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "user_get_calendarview"
+ "name": "user_get_calendarview_e1"
}--> ```msgraph-interactive GET https://graph.microsoft.com/v1.0/me/calendarView?startDateTime=2020-01-01T19:00:00-08:00&endDateTime=2020-01-02T19:00:00-08:00
GET https://graph.microsoft.com/v1.0/me/calendarView?startDateTime=2020-01-01T19
-##### Response
+### Response
Here is an example of the response. Note: The response object shown here might be shortened for readability. <!-- { "blockType": "response",
v1.0 User List Contacts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-contacts.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and collection of [Contact](../resources/contact.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [contact](../resources/contact.md) objects in the response body.
## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/v1.0/me/contacts
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
v1.0 User List People https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-people.md
This method supports the [OData query parameters](/graph/query-parameters) to he
|$search|string|Search for people by name or alias. Supports Fuzzy matching. Parameter only works for searching the signed-in user's relevant people, not for searching people relevant to other users. Also supports the `topic` keyword to find people based on topics extracted from e-mail conversations with that person. For information and examples, see the *Perform a fuzzy search* section at [Use the People API to get information about the people most relevant to you](/graph/people-insights-overview#perform-a-fuzzy-search). | |$select|string|Comma-separated list of properties to include in the response. For optimal performance, only select the subset of properties needed.| |$skip|int|Skip the first n results, useful for paging. This is not supported when using *$search*.|
-|$top|int|Number of results to be returned.|
+|$top|int|The maximum number of results to be returned on a results page. For more information, see [top parameter](/graph/query-parameters?tabs=http#top-parameter).|
## Request headers
v1.0 User List Transitivememberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-transitivememberof.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | | :- | : |
-| Delegated (work or school account) | User.Read, GroupMember.Read.All, Directory.Read.All, Directory.ReadWrite.All |
+| Delegated (work or school account) | User.Read, User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
-| Application | Directory.Read.All, Directory.ReadWrite.All |
+| Application | User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
++
+> [!IMPORTANT]
+> To add members to a role-assignable group, the calling user must also be assigned the _RoleManagement.ReadWrite.Directory_ permission.
[!INCLUDE [limited-info](../../includes/limited-info.md)]
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
+GET /me/transitiveMemberOf
GET /users/{id | userPrincipalName}/transitiveMemberOf ```
v1.0 User List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list.md
GET /users
## Optional query parameters
-This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. The default and maximum page sizes are 100 and 999 user objects respectively. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). The `$count` and `$search` parameters are currently not available in Azure AD B2C tenants.
+This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. The default and maximum page sizes are 100 and 999 user objects respectively, except when you specify `$select=signInActivity` or `$filter=signInActivity`. When `signInActivity` is selected or filtered on, the maximum page size is 120. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). The `$count` and `$search` parameters are currently not available in Azure AD B2C tenants.
By default, only a limited set of properties are returned (**businessPhones**, **displayName**, **givenName**, **id**, **jobTitle**, **mail**, **mobilePhone**, **officeLocation**, **preferredLanguage**, **surname**, and **userPrincipalName**).To return an alternative property set, specify the desired set of [user](../resources/user.md) properties using the OData `$select` query parameter. For example, to return **displayName**, **givenName**, and **postalCode**, add the following to your query `$select=displayName,givenName,postalCode`.
In this example, the ID of the schema extension is `ext55gb1l09_msLearnCourses`.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "list_schemaextension"
+ "name": "list_users_schemaextension"
}--> ```msgraph-interactive GET https://graph.microsoft.com/v1.0/users?$select=ext55gb1l09_msLearnCourses ``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
>**Note:** You can also apply `$filter` on the schema extension property to retrieve objects where a property in the collection matches a specified value. The syntax is `/users?$filter={schemaPropertyID}/{propertyName} eq 'value'`. For example, `GET /users?$select=ext55gb1l09_msLearnCourses&$filter=ext55gb1l09_msLearnCourses/courseType eq 'Developer'`. The `eq` and `not` operators are supported.
+### Example 10: Get users including their last sign-in time
+
+#### Request
+
+The following is an example of the request. Details for the **signInActivity** property require an Azure AD Premium P1/P2 license and the AuditLog.Read.All permission.
+
+>**Note:** When you specify `$select=signInActivity` or `$filter=signInActivity` while listing users, the maximum page size for `$top` is 120. Requests with $top set higher than 120 will fail. signInActivity supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_users_signin_last_time"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/users?$select=displayName,userPrincipalName,signInActivity
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+
+The following is an example of the response.
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.user",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users(displayName,userPrincipalName,signInActivity)",
+ "value": [
+ {
+ "displayName": "Adele Vance",
+ "userPrincipalName": "AdeleV@contoso.com",
+ "id": "1aecaf40-dc3a-461f-88a8-d06994e12898",
+ "signInActivity": {
+ "lastSignInDateTime": "2021-06-17T16:41:33Z",
+ "lastSignInRequestId": "d4d31c40-4c36-4775-ad59-7d1e6a171f00",
+ "lastNonInteractiveSignInDateTime": "0001-01-01T00:00:00Z",
+ "lastNonInteractiveSignInRequestId": ""
+ }
+ },
+ {
+ "displayName": "Alex Wilber",
+ "userPrincipalName": "AlexW@contoso.com",
+ "id": "f0662ee5-84b1-43d6-8338-769cce1bc141",
+ "signInActivity": {
+ "lastSignInDateTime": "2021-07-29T15:53:27Z",
+ "lastSignInRequestId": "f3149ee1-e347-4181-b45b-99a1f82b1c00",
+ "lastNonInteractiveSignInDateTime": "2021-07-29T17:53:42Z",
+ "lastNonInteractiveSignInRequestId": "868efa6a-b2e9-40e9-9b1c-0aaea5b50200"
+ }
+ }
+ ]
+}
+```
+ <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 User Post Messages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-post-messages.md
Content-type: application/json
<!-- {
- "blockType": "ignored",
+ "blockType": "request",
"name": "message_create_draft_mime_v1" }-->
v1.0 User Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-update.md
PATCH /users/{id | userPrincipalName}
## Request body In the request body, supply the values for relevant fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't changed.
-| Property | Type |Description|
+| Property | Type |Description|
|:|:--|:-| |aboutMe|String|A freeform text entry field for the user to describe themselves.| |accountEnabled|Boolean| `true` if the account is enabled; otherwise, `false`. This property is required when a user is created. A global administrator assigned the _Directory.AccessAsUser.All_ delegated permission can update the **accountEnabled** status of all administrators in the tenant.|
In the request body, supply the values for relevant fields that should be update
|employeeHireDate|DateTimeOffset|The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |employeeLeaveDateTime|DateTimeOffset|The date and time when the user left or will leave the organization. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.<br><br> For delegated scenarios, the calling user must have the Global Administrator role and the calling app assigned the _User.Read.All_ and _User-LifeCycleInfo.ReadWrite.All_ delegated permissions. | |interests|String collection|A list for the user to describe their interests.|
-|jobTitle|String|The userΓÇÖs job title.|
-|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. |
+|jobTitle|String|The user's job title.|
+|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. Cannot be updated to `null`. |
|mailNickname|String|The mail alias for the user. This property must be specified when a user is created.| |mobilePhone|String|The primary cellular telephone number for the user.| |mySite|String|The URL for the user's personal site.| |officeLocation|String|The office location in the user's place of business.| | onPremisesExtensionAttributes | [onPremisesExtensionAttributes](../resources/onpremisesextensionattributes.md) | Contains extensionAttributes 1-15 for the user. Note that the individual extension attributes are neither selectable nor filterable. For an `onPremisesSyncEnabled` user, the source of authority for this set of properties is the on-premises and is read-only and is read-only. These extension attributes are also known as Exchange custom attributes 1-15.|
-|onPremisesImmutableId|String|This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the userΓÇÖs **userPrincipalName** (UPN) property. **Important:** The **$** and **_** characters cannot be used when specifying this property. |
+|onPremisesImmutableId|String|This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user's **userPrincipalName** (UPN) property. **Important:** The **$** and **_** characters cannot be used when specifying this property. |
|otherMails|String collection |A list of additional email addresses for the user; for example: `["bob@contoso.com", "Robert@fabrikam.com"]`.| |passwordPolicies|String|Specifies password policies for the user. This value is an enumeration with one possible value being `DisableStrongPassword`, which allows weaker passwords than the default policy to be specified. `DisablePasswordExpiration` can also be specified. The two may be specified together; for example: `DisablePasswordExpiration, DisableStrongPassword`.|
-|passwordProfile|[PasswordProfile](../resources/passwordprofile.md)|Specifies the password profile for the user. The profile contains the userΓÇÖs password. The password in the profile must satisfy minimum requirements as specified by the **passwordPolicies** property. By default, a strong password is required. As a best practice, always set the **forceChangePasswordNextSignIn** to `true`. This cannot be used for federated users. <br><br> In delegated access, the calling app must be assigned the *Directory.AccessAsUser.All* delegated permission on behalf of the signed-in user. In application-only access, the calling app must be assigned the *User.ReadWrite.All* application permission and at least the *User Administrator* [Azure AD role](/azure/active-directory/roles/permissions-reference).|
+|passwordProfile|[PasswordProfile](../resources/passwordprofile.md)|Specifies the password profile for the user. The profile contains the user's password. The password in the profile must satisfy minimum requirements as specified by the **passwordPolicies** property. By default, a strong password is required. As a best practice, always set the **forceChangePasswordNextSignIn** to `true`. This cannot be used for federated users. <br><br> In delegated access, the calling app must be assigned the *Directory.AccessAsUser.All* delegated permission on behalf of the signed-in user. In application-only access, the calling app must be assigned the *User.ReadWrite.All* application permission and at least the *User Administrator* [Azure AD role](/azure/active-directory/roles/permissions-reference?toc=%2Fgraph%2Ftoc.json).|
|pastProjects|String collection|A list for the user to enumerate their past projects.| |postalCode|String|The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.| |preferredLanguage|String|The preferred language for the user. Should follow ISO 639-1 Code; for example `en-US`.|
v1.0 Userscopeteamsappinstallation Get Chat https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/userscopeteamsappinstallation-get-chat.md
The following is an example of a request that lists one-on-one chats between the
"sampleKeys": ["f32b83bb-4fc8-4db7-b7f5-76cdbbb8aa1c", "ZjMyYjgzYmItNGZjOC00ZGI3LWI3ZjUtNzZjZGJiYjhhYTFjIyMyMmY3M2JiZS1mNjdhLTRkZWEtYmQ1NC01NGNhYzcxOGNiMmI="] }--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/users/f32b83bb-4fc8-4db7-b7f5-76cdbbb8aa1c/teamwork/installedApps/ZjMyYjgzYmItNGZjOC00ZGI3LWI3ZjUtNzZjZGJiYjhhYTFjIyMyMmY3M2JiZS1mNjdhLTRkZWEtYmQ1NC01NGNhYzcxOGNiMmI=/chat
+GET https://graph.microsoft.com/v1.0/users/f32b83bb-4fc8-4db7-b7f5-76cdbbb8aa1c/teamwork/installedApps/ZjMyYjgzYmItNGZjOC00ZGI3LWI3ZjUtNzZjZGJiYjhhYTFjIyMyMmY3M2JiZS1mNjdhLTRkZWEtYmQ1NC01NGNhYzcxOGNiMmI=/chat
``` # [C#](#tab/csharp)
v1.0 Voiceauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/voiceauthenticationmethodconfiguration-delete.md
+
+ Title: "Delete voiceAuthenticationMethodConfiguration"
+description: "Delete a voiceAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Delete voiceAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Revert the [voice call authentication method policy](../resources/voiceauthenticationmethodconfiguration.md) to its default configuration.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_voiceauthenticationmethodconfiguration"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Voiceauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/voiceauthenticationmethodconfiguration-get.md
+
+ Title: "Get voiceAuthenticationMethodConfiguration"
+description: "Read the properties and relationships of a voiceAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Get voiceAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Read the properties and relationships of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_voiceauthenticationmethodconfiguration"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.voiceAuthenticationMethodConfiguration"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "id": "Voice",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
+ }
+ ],
+ "excludeTargets": [],
+ "isOfficePhoneAllowed": "true"
+ }
+}
+```
+
v1.0 Voiceauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/voiceauthenticationmethodconfiguration-update.md
+
+ Title: "Update voiceAuthenticationMethodConfiguration"
+description: "Update the properties of a voiceAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Update voiceAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Update the properties of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object, which represents the voice call authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|isOfficePhoneAllowed|Boolean|`true` if users can register office phones, otherwise, `false`.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
+
+>**Note:** The `@odata.type` property with a value of `#microsoft.graph.voiceAuthenticationMethodConfiguration` must be included in the body.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_voiceauthenticationmethodconfiguration"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "isOfficePhoneAllowed": "false"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Windowshelloforbusinessauthenticationmethod Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/windowshelloforbusinessauthenticationmethod-delete.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Privileged authentication administrator
-* Authentication administrator
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Delete your own Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
``` http DELETE /me/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId}
+```
+
+Delete your own or another user's Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
DELETE /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId} ```
v1.0 Windowshelloforbusinessauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/windowshelloforbusinessauthenticationmethod-get.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Read details of your own Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId}
+```
+
+Read details of your own or another user's Windows Hello For Business authentication method.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId} ```
v1.0 Windowshelloforbusinessauthenticationmethod List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/windowshelloforbusinessauthenticationmethod-list.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All |
-For delegated scenarios where an admin is acting on another user, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-* Global administrator
-* Global reader
-* Privileged authentication administrator
-* Authentication administrator (only sees masked phone numbers)
## HTTP request
-<!-- {
- "blockType": "ignored"
-}
>
+Retrieve details of your own Windows Hello For Business authentication methods.
+<!-- { "blockType": "ignored" } -->
``` http GET /me/authentication/windowsHelloForBusinessMethods
+```
+
+Retrieve details of your own or another user's Windows Hello For Business authentication methods.
+<!-- { "blockType": "ignored" } -->
+``` http
GET /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods ```
v1.0 Workbook Closesession https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/workbook-closesession.md
Here is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "close_excel_session"
+ "name": "close_workbook_session"
}--> ```http POST https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/closeSession
v1.0 Workbook Createsession https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/workbook-createsession.md
Content-type: application/json
] }-->
-With the `202 Accepted` response, please see [Work with APIs that take a long time to complete](/concepts/workbook-best-practice.md#work-with-apis-that-take-a-long-time-to-complete) for how to retrieve the operation status and get the session creation result.
+With the `202 Accepted` response, please see [Work with APIs that take a long time to complete](/graph/workbook-best-practice?tabs=http#work-with-apis-that-take-a-long-time-to-complete) for how to retrieve the operation status and get the session creation result.
### Example 2: Basic session creation
With the `202 Accepted` response, please see [Work with APIs that take a long ti
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_excel_session"
+ "name": "create_workbook_session"
}--> ```http POST https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/createSession
v1.0 X509certificateauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/x509certificateauthenticationmethodconfiguration-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request
v1.0 X509certificateauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/x509certificateauthenticationmethodconfiguration-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Global Reader
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request <!-- {
Content-Type: application/json
"id": "all_users", "isRegistrationRequired": false }
- ]
+ ],
+ "excludeTargets": []
} ```
v1.0 X509certificateauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/x509certificateauthenticationmethodconfiguration-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
-For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
-
-* Authentication Policy Administrator
-* Global Administrator
## HTTP request <!-- {
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/x
|Content-Type|application/json. Required.| ## Request body The following properties can be updated. |Property|Type|Description|
The following properties can be updated.
## Response
-If successful, this method returns a `204 No Content` response code and an updated [x509CertificateAuthenticationMethodConfiguration](../resources/x509certificateauthenticationmethodconfiguration.md) object in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Examples
v1.0 Accessreviewschedulesettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accessreviewschedulesettings.md
The **accessReviewScheduleSettings** defines the settings of an [accessReviewSch
| Property | Type | Description | | :| :- | :- | | applyActions|[accessReviewApplyAction](../resources/accessreviewapplyaction.md) collection | Optional field. Describes the actions to take once a review is complete. There are two types that are currently supported: `removeAccessApplyAction` (default) and `disableAndDeleteUserApplyAction`. Field only needs to be specified in the case of `disableAndDeleteUserApplyAction`. |
-| autoApplyDecisionsEnabled|Boolean | Indicates whether decisions are automatically applied. When set to `false`, an admin must apply the decisions manually once the reviewer completes the access review. When set to `true`, decisions are applied automatically after the access review instance duration ends, whether or not the reviewers have responded. Default value is `false`. |
+| autoApplyDecisionsEnabled|Boolean | Indicates whether decisions are automatically applied. When set to `false`, an admin must apply the decisions manually once the reviewer completes the access review. When set to `true`, decisions are applied automatically after the access review instance duration ends, whether or not the reviewers have responded. Default value is `false`. <br/><br/> **CAUTION:** If both **autoApplyDecisionsEnabled** and **defaultDecisionEnabled** are `true`, all access for the principals to the resource risks being revoked if the reviewers fail to respond.|
| decisionHistoriesForReviewersEnabled|Boolean| Indicates whether decisions on previous access review stages are available for reviewers on an **accessReviewInstance** with multiple subsequent stages. If not provided, the default is disabled (`false`).| | defaultDecision|String | Decision chosen if **defaultDecisionEnabled** is enabled. Can be one of `Approve`, `Deny`, or `Recommendation`. |
-| defaultDecisionEnabled|Boolean | Indicates whether the default decision is enabled or disabled when reviewers do not respond. Default value is `false`. |
+| defaultDecisionEnabled|Boolean | Indicates whether the default decision is enabled or disabled when reviewers do not respond. Default value is `false`. <br/><br/> **CAUTION:** If both **autoApplyDecisionsEnabled** and **defaultDecisionEnabled** are `true`, all access for the principals to the resource risks being revoked if the reviewers fail to respond.|
| instanceDurationInDays|Int32 | Duration of an access review instance in days. <br/>**NOTE:** If the **stageSettings** of the [accessReviewScheduleDefinition](accessreviewscheduledefinition.md) object is defined, its **durationInDays** setting will be used instead of the value of this property. | | justificationRequiredOnApproval|Boolean | Indicates whether reviewers are required to provide justification with their decision. Default value is `false`. | | mailNotificationsEnabled|Boolean | Indicates whether emails are enabled or disabled. Default value is `false`. |
v1.0 Appmanagementpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/appManagementPolicy.md
+
+ Title: "appManagementPolicy resource type"
+description: "An application auth method policy for enforcing app management restrictions on specific applications or service principals."
+
+ms.localizationpriority: medium
++
+# appManagementPolicy resource type
+
+Namespace: microsoft.graph
+
+Restrictions on app management operations for specific applications and service principals. If this resource is not configured for an application or service principal, the restrictions default to the settings in the [tenantAppManagementPolicy](tenantappmanagementpolicy.md) object.
+
+## Methods
+
+| Method | Return type | Description |
+| :- | :- | : |
+| [List](../api/appManagementPolicy-list.md) | [appManagementPolicy](../resources/appManagementPolicy.md) | Return a list of app management policies created for applications and service principals along with their properties. |
+| [Create](../api/appManagementPolicy-post.md) | [appManagementPolicy](../resources/appManagementPolicy.md) | Create an app management policy that can be assigned to an application or service principal object. |
+| [Get](../api/appManagementPolicy-get.md) | [appManagementPolicy](../resources/appManagementPolicy.md) | Get a single app management policy object. |
+| [Update](../api/appManagementPolicy-update.md) | None | Update an app management policy. |
+| [Delete](../api/appManagementPolicy-delete.md) | None | Delete an app management policy from the collection of policies in appManagementPolicies. |
+| [List appliesTo](../api/appManagementPolicy-list-appliesTo.md)| [appManagementPolicy](../resources/appManagementPolicy.md)|Return a list of applications and service principals to which the policy is applied. |
+| [Assign appliesTo](../api/appManagementPolicy-post-appliesTo.md)| None |Return a list of applications and service principals to which the policy is applied. |
+
+## Properties
+
+| Property | Type | Description |
+| :-- | :- | : |
+| id | String | Identifier for the policy. |
+| displayName | String | The display name of the policy. Inherited from [policyBase](policybase.md). |
+| description | String | The description of the policy. Inherited from [policyBase](policybase.md). |
+| isEnabled | Boolean | Denotes whether the policy is enabled. |
+| restrictions | [appManagementConfiguration](appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
+
+## Relationships
+
+| Relationship | Type | Description |
+| :-- | : | :- |
+| appliesTo | [directoryObject](directoryobject.md) | Collection of applications and service principals to which the policy is applied. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.appManagementPolicy",
+ "baseType": "microsoft.graph.policyBase",
+ "openType": false
+}
+-->
+
+```json
+[
+ {
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies",
+ "id": "string (identifier)",
+ "description": "string",
+ "displayName": "string",
+ "isEnabled": true,
+ "restrictions": {
+ "@odata.type": "microsoft.graph.appManagementConfiguration"
+ }
+ }
+]
+```
v1.0 Application https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/application.md
This resource supports:
| passwordCredentials | [passwordCredential](passwordcredential.md) collection|The collection of password credentials associated with the application. Not nullable.| | publicClient | [publicClientApplication](publicclientapplication.md) | Specifies settings for installed clients such as desktop or mobile devices. | | publisherDomain | String | The verified publisher domain for the application. Read-only. For more information, see [How to: Configure an application's publisher domain](/azure/active-directory/develop/howto-configure-publisher-domain). Supports `$filter` (`eq`, `ne`, `ge`, `le`, `startsWith`).|
+| requestSignatureVerification | [requestSignatureVerification](requestsignatureverification.md)| Specifies whether this application requires Azure AD to verify the signed authentication requests.|
| requiredResourceAccess |[requiredResourceAccess](requiredresourceaccess.md) collection| Specifies the resources that the application needs to access. This property also specifies the set of delegated permissions and application roles that it needs for each of those resources. This configuration of access to the required resources drives the consent experience. <br/><br/>No more than 50 resource services (APIs) can be configured. Beginning mid-October 2021, the total number of required permissions must not exceed 400. For more information, see [Limits on requested permissions per app](#limits-on-requested-permissions-per-app). Not nullable. <br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`).| | samlMetadataUrl | String | The URL where the service exposes SAML metadata for federation. This property is valid only for single-tenant applications. Nullable. | | serviceManagementReference | String | References application or service contact information from a Service or Asset Management database. Nullable. | | signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. The possible values are: `AzureADMyOrg`, `AzureADMultipleOrgs`, `AzureADandPersonalMicrosoftAccount` (default), and `PersonalMicrosoftAccount`. See more in the [table](#signinaudience-values). <br/><br/>The value of this object also limits the number of permissions an app can request. For more information, see [Limits on requested permissions per app](#limits-on-requested-permissions-per-app). <br><br>The value for this property has implications on other app object properties. As a result, if you change this property, you may need to change other properties first. For more information, see [Validation differences for signInAudience](/azure/active-directory/develop/supported-accounts-validation?context=graph/context).<br><br>Supports `$filter` (`eq`, `ne`, `not`).| | spa | [spaApplication](../resources/spaapplication.md) | Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and access tokens. |
-| tags |String collection| Custom strings that can be used to categorize and identify the application. Not nullable. <br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
+| tags |String collection| Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here will also appear in the **tags** property of any associated [service principals](serviceprincipal.md).<br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
| tokenEncryptionKeyId |String|Specifies the keyId of a public key from the keyCredentials collection. When configured, Azure AD encrypts all the tokens it emits by using the key this property points to. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.| | verifiedPublisher | [verifiedPublisher](verifiedPublisher.md) | Specifies the verified publisher of the application. For more information about how publisher verification helps support application security, trustworthiness, and compliance, see [Publisher verification](/azure/active-directory/develop/publisher-verification-overview).| | web |[webApplication](webapplication.md)| Specifies settings for a web application. |
This resource supports:
| Relationship | Type | Description | |:|:--|:-|
+|appManagementPolicies|[appManagementPolicy](../resources/appManagementPolicy.md) collection| The appManagementPolicy applied to this application.|
|createdOnBehalfOf|[directoryObject](directoryobject.md)| Supports `$filter` (`/$count eq 0`, `/$count ne 0`). Read-only.| |extensionProperties|[extensionProperty](extensionproperty.md) collection| Read-only. Nullable. Supports `$expand` and `$filter` (`/$count eq 0`, `/$count ne 0`).| |federatedIdentityCredentials|[federatedIdentityCredential](federatedidentitycredential.md) collection |Federated identities for applications. Supports `$expand` and `$filter` (`startsWith`, `/$count eq 0`, `/$count ne 0`).|
The following is a JSON representation of the resource.
"passwordCredentials": [{"@odata.type": "microsoft.graph.passwordCredential"}], "publicClient": {"@odata.type": "microsoft.graph.publicClientApplication"}, "publisherDomain": "String",
+ "requestSignatureVerification": {"@odata.type": "microsoft.graph.requestSignatureVerification"},
"requiredResourceAccess": [{"@odata.type": "microsoft.graph.requiredResourceAccess"}], "serviceManagementReference": "String", "signInAudience": "String",
v1.0 Applicationauthenticationmethodpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/applicationauthenticationmethodpolicy.md
+
+ Title: "Azure AD application authentication methods API overview"
+description: "Application authentication methods allow apps to acquire tokens to access data in Azure AD."
+ms.localizationpriority: medium
+++
+# Azure AD application authentication methods API overview
+
+Namespace: microsoft.graph
+
+Application authentication methods such as certificates and password secrets allow apps to acquire tokens to access data in Azure Active Directory (Azure AD). The policies allow IT admins to enforce best practices for how apps in their organizations use these application authentication methods. For example, an admin might configure a policy to block the use or limit the lifetime of password secrets, and use the creation date of the object to enforce the policy.
+
+These policies allow organizations to take advantage of the new app security hardening features. By enforcing restrictions that are based on the application or service principal created date, an organization can review their current app security posture, inventory apps, and enforce controls per their resourcing schedules and needs. This approach using the created date allows the organization to enforce the policy for new applications and also apply it to existing applications.
+
+There are two types of policy controls:
+
+- Tenant default policy that applies to all applications or service principals.
+- App (application or service principal) management policies that allow inclusion or exclusion of individual applications from the tenant default policy.
+
+## Tenant default app management policy
+
+A tenant default policy is a single object that always exists and is disabled by default. It's defined by the [tenantAppManagementPolicy](tenantappmanagementpolicy.md) resource and enforces restrictions on application vs service principal objects. It contains the following two properties:
+
+- **applicationRestrictions** allows targeting applications owned by the tenant (application objects).
+- **servicePrincipalRestrictions** allows targeting provisioned from another tenant (service principal objects.
+
+These properties allow the organization to either lock down apps that originate within a tenant or raise the quality bar for apps that are provisioned from outside the tenant boundary.
+
+## App management policy for applications and service principals
+
+App management policies are defined in the [appManagementPolicy](appmanagementpolicy.md) resource, which contains a collection of policies with varying restrictions or different enforcement dates from what's defined in tenant default policy. One of these policies can be assigned to an application or service principal, excluding them from the tenant default policy.
+
+When both the tenant default policy and an app management policy exist, the app management policy takes precedence and the assigned application or service principal doesn't inherit from the tenant default policy. Only one policy can be assigned to an application or service principal.
+
+> [!Note]
+> Neither the tenant default policies nor the app management policies block token issuance for existing applications. An application that does not meet the policy requirements will continue to work until it tries to update the resource to add a new secret.
+
+## What restrictions can be managed in Microsoft Graph?
+
+The application authentication methods policy API offers the following restrictions:
+
+| Restriction name | Description | Examples |
+| : | : | : |
+| passwordAddition | Restrict password secrets on applications altogether. | Block new passwords on applications created on or after '01/01/2019'. |
+| passwordLifetime | Enforce a max lifetime range for a password secret. | Restrict all new password secrets to a maximum of 30 days for applications created after 01/01/2015. |
+| customPasswordAddition | Restrict a custom password secret on application or service principal. | Restrict all new custom password secrets on applications created after 01/01/2015. |
+| symmetricKeyAddition | Restrict symmetric keys on applications. | Block new symmetric keys on applications created on or after 01/01/2019. |
+| symmetricKeyLifetime | Enforce a max lifetime range for a symmetric key. | Restrict all new symmetric keys to a maximum of 30 days for applications created after 01/01/2019. |
+| asymmetricKeyLifetime | Enforce a max lifetime range for an asymmetric key (certificate). | Restrict all new asymmetric key secrets to a maximum of 30 days for applications created after 01/01/2019. |
+
+> [!Note]
+> All lifetime restrictions are expressed in ISO-8601 duration format (For example: P4DT12H30M5S).
+> Restricting customPasswordAddition restriction will block any legacy PowerShell modules that provide a client generated password secret for applications. This restriction still allows the application developer to request Azure AD generated application password secrets.
+
+### Single vs multi-tenant apps
+
+Depending on whether your app is a single tenant or multitenant app, you apply the policy on either an application or the service principal object as follows:
+
+- For single tenant apps, apply the policy to the application object.
+- To restrict multi-tenant apps homed in a customer tenant, apply the policy to the application object.
+- To restrict multi-tenant apps provisioned from another tenant, apply the policy to the service principal object.
+
+### Summary of key differences between the tenant default policy and app management policies
+
+| Tenant default policy | App management policy |
+| - | |
+| Policy always exists. | Policy objects can be created or updated to override default policy. |
+| Restrictions are disabled by default for app/SP. | Allows customization for single tenant or multi tenant(backing app in home tenant or provisioned apps). |
+| Allows only single restriction object definition for all resources. | Allows multiple policy objects to be defined, but only one can be applied to a resource. |
+| Allows distinction of restrictions for application objects vs. service principals. | Policy can be applied to either an application or service principal object. |
+| Applies all restrictions configured to all apps or service principals. | Applies only the restrictions configured in the resource policy to the specified app or service principal, and doesn't inherit from default policy. |
+
+## Next steps
+
+- [tenantAppManagementPolicy](tenantappmanagementpolicy.md) resource type.
+- [appManagementPolicy](appmanagementpolicy.md) resource type.
v1.0 Appmanagementconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/appmanagementconfiguration.md
+
+ Title: "appManagementConfiguration resource type"
+description: "App management configuration object that contains properties which can be configured to enable various restrictions for applications and service principals."
+
+ms.localizationpriority: medium
++
+# appManagementConfiguration resource type
+
+Namespace: microsoft.graph
+
+App management configuration object that contains properties which can be configured to enable various restrictions for applications and service principals.
+
+## Properties
+
+| Property | Type | Description |
+| : | :-- | : |
+| passwordCredentials | [passwordCredentialConfiguration](passwordCredentialConfiguration.md) collection | Collection of password restrictions settings to be applied to an application or service principal. |
+| keyCredentials | [keyCredentialConfiguration](keyCredentialConfiguration.md) collection | Collection of keyCredential restrictions settings to be applied to an application or service principal. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.appManagementConfiguration"
+}
+-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.appManagementConfiguration",
+ "passwordCredentials": [
+ {
+ "@odata.type": "microsoft.graph.passwordCredentialConfiguration"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "@odata.type": "microsoft.graph.keyCredentialConfiguration"
+ }
+ ]
+}
+```
v1.0 Authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethodconfiguration.md
The following authentication methods are derived from the **authenticationMethod
+ [emailAuthenticationMethodConfiguration](emailauthenticationmethodconfiguration.md) + [fido2AuthenticationMethodConfiguration](fido2authenticationmethodconfiguration.md) + [microsoftAuthenticatorAuthenticationMethodConfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)++ [voiceAuthenticationMethodConfiguration](voiceauthenticationmethodconfiguration.md)++ [smsAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md)++ [softwareOathAuthenticationMethodConfiguration](softwareoathauthenticationmethodconfiguration.md)++ [temporaryAccessPassAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md)++ [x509CertificateAuthenticationMethodConfiguration](x509certificateauthenticationmethodconfiguration.md) ## Properties |Property|Type|Description| |:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from a policy.|
|id|String|The policy name.| |state|authenticationMethodState|The state of the policy. Possible values are: `enabled`, `disabled`.|
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.authenticationMethodConfiguration", "id": "String (identifier)",
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
} ```
v1.0 Authenticationmethodspolicies Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethodspolicies-overview.md
The authentication method policies APIs are used to manage policy settings. For
## What authentication methods policies can be managed in Microsoft Graph? |Authentication method policy | Description |
-|:|:|:|
+|:|:|
|[emailauthenticationmethodconfiguration](emailauthenticationmethodconfiguration.md)|Define users who can use email OTP on the Azure AD tenant.| |[fido2authenticationmethodconfiguration](fido2authenticationmethodconfiguration.md)| Define FIDO2 security key restrictions and users who can use them to sign in to Azure AD.| |[microsoftauthenticatorauthenticationmethodconfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)|Define users who can use Microsoft Authenticator on the Azure AD tenant.|
-|[temporaryAccessPassAuthenticationMethod](temporaryaccesspassauthenticationmethodconfiguration.md)|Define the configuration settings and users or groups who are enabled to use the Temporary Access Pass authentication method.|
+|[smsAuthenticationMethodConfiguration](smsAuthenticationMethodConfiguration.md)| Define users who can use Text Message on the Azure AD tenant.|
+|[softwareOathAuthenticationMethodConfiguration](softwareOathAuthenticationMethodConfiguration.md)|Define users who can use a third-party software OATH authentication method.|
+|[temporaryaccesspassauthenticationmethodconfiguration](temporaryaccesspassauthenticationmethodconfiguration.md)|Define users who can use Temporary Access Pass to sign in to Azure AD.|
+|[voiceAuthenticationMethodConfiguration](voiceAuthenticationMethodConfiguration.md)|Define users or groups that are enabled to use the voice call authentication method.|
|[x509CertificateAuthenticationMethodConfiguration](x509CertificateAuthenticationMethodConfiguration.md)|Define users who can use X.509 certificate to sign in to Azure AD.|
-## Policies available for authentication methods registration campaign:
+## Policies available for authentication methods registration campaign
+ |Policy | Description | |:|:| |[authenticationMethodsRegistrationCampaign](authenticationmethodsregistrationcampaign.md)| Define users who should be reminded to set up an authentication method (currently only supported for the Microsoft Authenticator).|
v1.0 Authenticationmethodspolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethodspolicy.md
Defines authentication methods and the users that are allowed to use them to sig
|lastModifiedDateTime|DateTimeOffset|The date and time of the last update to the policy. Read-only.| |policyVersion|String|The version of the policy in use. Read-only.| |registrationEnforcement|[registrationEnforcement](../resources/registrationenforcement.md)|Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication methods.|
+|policyMigrationState|authenticationMethodsPolicyMigrationState|The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service password reset (SSPR) policies. The possible values are: <br/><li>`premigration` - means the authentication methods policy is used for authentication only, legacy policies are respected. <li>`migrationInProgress` - means the authentication methods policy is used for both authentication and SSPR, legacy policies are respected. <li>`migrationComplete` - means the authentication methods policy is used for authentication and SSPR, legacy policies are ignored. <li>`unknownFutureValue` - Evolvable enumeration sentinel value. Do not use. |
## Relationships |Relationship|Type|Description|
The following is a JSON representation of the resource.
"id": "String (identifier)", "lastModifiedDateTime": "String (timestamp)", "policyVersion": "String",
+ "policyMigrationState": "String",
"registrationEnforcement": { "@odata.type": "microsoft.graph.registrationEnforcement" }
v1.0 Callrecords Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/callrecords-api-overview.md
Title: "Working with the call records API in Microsoft Graph" description: "The Microsoft Graph call records API allows you to retrieve usage and diagnostics data for calls and online meetings within your organization."-+ doc_type: conceptualPageType ms.prod: cloud-communications ms.localizationpriority: high
ms.localizationpriority: high
# Working with the call records API in Microsoft Graph
-Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs.
+Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs. A call record is created after a call or meeting ends and the record is retained for 30 days.
The call records API is defined in the OData sub-namespace, `microsoft.graph.callRecords`.
v1.0 Callrecords Callrecord https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/callrecords-callrecord.md
Title: "callRecord resource type" description: "The callRecord type" ms.localizationpriority: medium-+ ms.prod: "cloud-communications" doc_type: "resourcePageType"
doc_type: "resourcePageType"
Namespace: microsoft.graph.callRecords
-Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting.
+Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting. A call record is created after a call or meeting ends.
## Methods
v1.0 Chatmessagefromidentityset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/chatmessagefromidentityset.md
Inherits from [identitySet](../resources/identityset.md).
|:|:|:| |application|[identity](../resources/identity.md)|Inherited from [identitySet](../resources/identityset.md). If present, represents the application (for instance, bot) that sent the message.| |device|[identity](../resources/identity.md)|Inherited from [identitySet](../resources/identityset.md). Not used.|
-|user|[identity](../resources/identity.md)|Inherited from [identitySet](../resources/identityset.md). If present, represents the user that sent the message.|
+|user|[teamworkUserIdentity](../resources/teamworkUserIdentity.md)|If present, represents the user that sent the message.|
## Relationships None.
v1.0 Columndefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/columndefinition.md
-+ description: "Represents a column in a site, a list, or a content type." Previously updated : 09/11/2017 Title: columnDefinition resource type
+ Title: "columnDefinition resource type"
ms.localizationpriority: medium
-doc_type: resourcePageType
ms.prod: "sites-and-lists" + # columnDefinition resource type Namespace: microsoft.graph
Namespace: microsoft.graph
Represents a column in a [site][], [list][], or [contentType][].
-ColumnDefinitions and field values for `hidden` columns aren't shown by default.
-To list hidden **columnDefinitions**, include `hidden` in your `$select` statement.
-To list hidden **field** values on [listItems][listItem], include the desired columns by name in your `$select` statement.
+By default, **columnDefinitions** and field values for `hidden` columns aren't shown. To list hidden **columnDefinitions**, include `hidden` in your `$select` statement. To list hidden **field** values on [listItems][listItem], include the desired columns by name in your `$select` statement.
## Methods |Method|Return type|Description|
To list hidden **field** values on [listItems][listItem], include the desired co
|[Create columnDefinition for a content type](../api/contenttype-post-columns.md)|[columnDefinition](../resources/columndefinition.md)|Create a new [columnDefinition](../resources/columndefinition.md) object in a [content type](../resources/contenttype.md).| |[Get columnDefinition](../api/columndefinition-get.md)|[columnDefinition](../resources/columndefinition.md)|Read the properties and relationships of a [columnDefinition](../resources/columndefinition.md) object.| |[Update columnDefinition](../api/columndefinition-update.md)|[columnDefinition](../resources/columndefinition.md)|Update the properties of a [columnDefinition](../resources/columndefinition.md) object.|
-|[Delete columnDefinition](../api/columndefinition-delete.md)|None|Deletes a [columnDefinition](../resources/columndefinition.md) object.|
+|[Delete columnDefinition](../api/columndefinition-delete.md)|None|Delete a [columnDefinition](../resources/columndefinition.md) object.|
## Properties
Sites and list columns response won't contain **isDeletable**, **propagateChange
## JSON representation
-Here is a JSON representation of a columnDefinition resource.
+The following is a JSON representation of the resource.
<!--{ "blockType": "resource",
Here is a JSON representation of a columnDefinition resource.
"boolean": { "@odata.type": "microsoft.graph.booleanColumn" }, "calculated": { "@odata.type": "microsoft.graph.calculatedColumn" }, "choice": { "@odata.type": "microsoft.graph.choiceColumn" },
- "columnGroup": "string",
+ "columnGroup": "String",
"contentApprovalStatus": { "@odata.type": "microsoft.graph.contentApprovalStatusColumn" }, "currency": { "@odata.type": "microsoft.graph.currencyColumn" }, "dateTime": { "@odata.type": "microsoft.graph.dateTimeColumn" }, "defaultValue": { "@odata.type": "microsoft.graph.defaultColumnValue" },
- "description": "description",
- "displayName": "friendly name",
- "enforceUniqueValues": true,
+ "description": "String",
+ "displayName": "String",
+ "enforceUniqueValues": "Boolean",
"geolocation": { "@odata.type": "microsoft.graph.geolocationColumn" },
- "hidden": false,
+ "hidden": "Boolean",
"hyperlinkOrPicture": { "@odata.type": "microsoft.graph.hyperlinkOrPictureColumn" },
- "id": "string",
- "indexed": true,
- "isDeletable" : false,
- "isReorderable": false,
- "isSealed": false,
+ "id": "String (identifier)",
+ "indexed": "Boolean",
+ "isDeletable" : "Boolean",
+ "isReorderable": "Boolean",
+ "isSealed": "Boolean",
"lookup": { "@odata.type": "microsoft.graph.lookupColumn" }, "name": "staticNameForApi", "number": { "@odata.type": "microsoft.graph.numberColumn" }, "personOrGroup": { "@odata.type": "microsoft.graph.personOrGroupColumn" },
- "readOnly": false,
- "required": false,
- "propagateChanges": false,
+ "readOnly": "Boolean",
+ "required": "Boolean",
+ "propagateChanges": "Boolean",
"sourceContentType": { "@odata.type": "microsoft.graph.contentTypeInfo" }, "term": { "@odata.type": "microsoft.graph.termColumn" }, "text": { "@odata.type": "microsoft.graph.textColumn" }, "thumbnail": { "@odata.type": "microsoft.graph.thumbnailColumn" }, "type": { "@odata.type": "microsoft.graph.columnTypes" },
- "validation": { "@odata.type": "microsoft.graph.columnValidation" },
+ "validation": { "@odata.type": "microsoft.graph.columnValidation" }
} ```
v1.0 Conditionalaccessusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/conditionalaccessusers.md
Represents users, groups, and roles included in and excluded from the policy sco
| excludeGroups | String collection | Group IDs excluded from scope of policy. | | excludeRoles | String collection | Role IDs excluded from scope of policy. | | excludeUsers | String collection | User IDs excluded from scope of policy and/or `GuestsOrExternalUsers`. |
-| includeGroups | String collection | Group IDs in scope of policy unless explicitly excluded, or `All`. |
-| includeRoles | String collection | Role IDs in scope of policy unless explicitly excluded, or `All`. |
-| includeUsers | String collection | User IDs in scope of policy unless explicitly excluded, or `None` or `All` or `GuestsOrExternalUsers`. |
+| includeGroups | String collection | Group IDs in scope of policy unless explicitly excluded. |
+| includeRoles | String collection | Role IDs in scope of policy unless explicitly excluded. |
+| includeUsers | String collection | User IDs in scope of policy unless explicitly excluded, `None`, `All`, or `GuestsOrExternalUsers`. |
## Relationships
v1.0 Emailauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/emailauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents this tenant's email OTP authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method. Email OTP may be used by the tenant's cloud-native users for self-service password reset, or by external users for authentication during invitation redemption and self-service sign-up for specific apps in user flows.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
Represents this tenant's email OTP authentication methods policy. Authentication
|Property|Type|Description| |:|:|:| |allowExternalIdToUseEmailOtp|externalEmailOtpState|Determines whether email OTP is usable by external users for authentication. Possible values are: `default`, `enabled`, `disabled`, `unknownFutureValue`. Tenants in the `default` state who did not use public preview will automatically have email OTP enabled beginning in October 2021.|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The authentication method policy identifier. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).| |state|authenticationMethodState|Indicates whether this authentication method is enabled or not. Possible values are: `enabled`, `disabled`.|
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.emailAuthenticationMethodConfiguration", "allowExternalIdToUseEmailOtp": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
"id": "String (identifier)", "includeTargets": [ { "@odata.type": "microsoft.graph.authenticationMethodTarget" } ], "state": "String"
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/enums.md
doc_type: enumPageType
Namespace: microsoft.graph
+### appCredentialRestrictionType values
+
+| Member |
+| :- |
+| passwordAddition |
+| passwordLifetime |
+| symmetricKeyAddition |
+| symmetricKeyLifetime |
+| unknownFutureValue |
+
+### appKeyCredentialRestrictionType values
+
+| Member |
+| :-- |
+| asymmetricKeyLifetime |
+| unknownFutureValue |
+ ### userPurpose values
-| Member |
-|:-|
+| Member |
+| :-- |
| user | | linked | | shared |
Namespace: microsoft.graph
| unknownFutureValue | ### bookingsAvailabilityStatus values
-|Member|
-|:|
-|available|
-|busy|
-|slotsAvailable|
-|outOfOffice|
-|unknownFutureValue|
+| Member |
+| :-- |
+| available |
+| busy |
+| slotsAvailable |
+| outOfOffice |
+| unknownFutureValue |
### signInFrequencyAuthenticationType values
-|Member|
-|:|
-|primaryAndSecondaryAuthentication|
-|secondaryAuthentication|
-|unknownFutureValue|
+| Member |
+| :-- |
+| primaryAndSecondaryAuthentication |
+| secondaryAuthentication |
+| unknownFutureValue |
### signInFrequencyInterval values
-|Member|
-|:|
-|timeBased|
-|everyTime|
+| Member |
+| :-- |
+| timeBased |
+| everyTime |
### crossTenantAccessPolicyTargetConfigurationAccessType values
-|Member|
-|:|
-|allowed|
-|blocked|
-|unknownFutureValue|
+| Member |
+| :-- |
+| allowed |
+| blocked |
+| unknownFutureValue |
### crossTenantAccessPolicyTargetType values
-|Member|
-|:|
-|user|
-|group|
+| Member |
+| :-- |
+| user |
+| group |
### federatedIdpMfaBehavior values
-|Member|
-|:|
-|acceptIfMfaDoneByFederatedIdp|
-|enforceMfaByFederatedIdp|
-|rejectMfaByFederatedIdp|
-|unknownFutureValue|
+| Member |
+| :- |
+| acceptIfMfaDoneByFederatedIdp |
+| enforceMfaByFederatedIdp |
+| rejectMfaByFederatedIdp |
+| unknownFutureValue |
#### promptLoginBehavior values
-|Member|
-|:|
-|translateToFreshPasswordAuthentication|
-|nativeSupport|
-|disabled|
-|unknownFutureValue|
+| Member |
+| :- |
+| translateToFreshPasswordAuthentication |
+| nativeSupport |
+| disabled |
+| unknownFutureValue |
### expirationPatternType values
-|Member|
-|:|
-|notSpecified|
-|noExpiration|
-|afterDateTime|
-|afterDuration|
+| Member |
+| : |
+| notSpecified |
+| noExpiration |
+| afterDateTime |
+| afterDuration |
### recurrencePatternType values
-|Member|
-|:|
-|daily|
-|weekly|
-|absoluteMonthly|
-|relativeMonthly|
-|absoluteYearly|
-|relativeYearly|
+| Member |
+| :-- |
+| daily |
+| weekly |
+| absoluteMonthly |
+| relativeMonthly |
+| absoluteYearly |
+| relativeYearly |
### roleAssignmentScheduleFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleAssignmentScheduleInstanceFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleAssignmentScheduleRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| createdBy |
+| approver |
+| unknownFutureValue |
### roleEligibilityScheduleFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleEligibilityScheduleInstanceFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleEligibilityScheduleRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| createdBy |
+| approver |
+| unknownFutureValue |
### unifiedRoleManagementPolicyRuleTargetOperations values
-|Member|
-|:|
-|all|
-|activate|
-|deactivate|
-|assign|
-|update|
-|remove|
-|extend|
-|renew|
-|unknownFutureValue|
+| Member |
+| :-- |
+| all |
+| activate |
+| deactivate |
+| assign |
+| update |
+| remove |
+| extend |
+| renew |
+| unknownFutureValue |
### unifiedRoleScheduleRequestActions values
-|Member|
-|:|
-|adminAssign|
-|adminUpdate|
-|adminRemove|
-|selfActivate|
-|selfDeactivate|
-|adminExtend|
-|adminRenew|
-|selfExtend|
-|selfRenew|
-|unknownFutureValue|
+| Member |
+| :-- |
+| adminAssign |
+| adminUpdate |
+| adminRemove |
+| selfActivate |
+| selfDeactivate |
+| adminExtend |
+| adminRenew |
+| selfExtend |
+| selfRenew |
+| unknownFutureValue |
### approvalFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| approver |
+| unknownFutureValue |
### accessReviewExpirationBehavior values
-|Member|
-|:|
-|keepAccess|
-|removeAccess|
-|acceptAccessRecommendation|
-|unknownFutureValue|
+| Member |
+| :- |
+| keepAccess |
+| removeAccess |
+| acceptAccessRecommendation |
+| unknownFutureValue |
### allowedTargetScope values
-|Member|
-|:|
-|notSpecified|
-|specificDirectoryUsers|
-|specificConnectedOrganizationUsers|
-|specificDirectoryServicePrincipals|
-|allMemberUsers|
-|allDirectoryUsers|
-|allDirectoryServicePrincipals|
-|allConfiguredConnectedOrganizationUsers|
-|allExternalUsers|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notSpecified |
+| specificDirectoryUsers |
+| specificConnectedOrganizationUsers |
+| specificDirectoryServicePrincipals |
+| allMemberUsers |
+| allDirectoryUsers |
+| allDirectoryServicePrincipals |
+| allConfiguredConnectedOrganizationUsers |
+| allExternalUsers |
+| unknownFutureValue |
### approvalFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| approver |
+| unknownFutureValue |
### accessPackageAssignmentFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| unknownFutureValue |
### accessPackageAssignmentRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| approver |
+| unknownFutureValue |
### accessPackageAssignmentState values
-|Member|
-|:|
-|delivering|
-|partiallyDelivered|
-|delivered|
-|expired|
-|deliveryFailed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| delivering |
+| partiallyDelivered |
+| delivered |
+| expired |
+| deliveryFailed |
+| unknownFutureValue |
### accessPackageCatalogState values
-|Member|
-|:|
-|unpublished|
-|published|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unpublished |
+| published |
+| unknownFutureValue |
### accessPackageCatalogType values
-|Member|
-|:|
-|userManaged|
-|serviceDefault|
-|serviceManaged|
-|unknownFutureValue|
+| Member |
+| :-- |
+| userManaged |
+| serviceDefault |
+| serviceManaged |
+| unknownFutureValue |
### accessPackageExternalUserLifecycleAction values
-|Member|
-|:|
-|none|
-|blockSignIn|
-|blockSignInAndDelete|
-|unknownFutureValue|
+| Member |
+| :- |
+| none |
+| blockSignIn |
+| blockSignInAndDelete |
+| unknownFutureValue |
### accessPackageFilterByCurrentUserOptions values
-|Member|
-|:|
-|allowedRequestor|
-|unknownFutureValue|
+| Member |
+| :-- |
+| allowedRequestor |
+| unknownFutureValue |
### accessPackageRequestState values
-|Member|
-|:|
-|submitted|
-|pendingApproval|
-|delivering|
-|delivered|
-|deliveryFailed|
-|denied|
-|scheduled|
-|canceled|
-|partiallyDelivered|
-|unknownFutureValue|
+| Member |
+| :-- |
+| submitted |
+| pendingApproval |
+| delivering |
+| delivered |
+| deliveryFailed |
+| denied |
+| scheduled |
+| canceled |
+| partiallyDelivered |
+| unknownFutureValue |
### accessPackageRequestType values
-|Member|
-|:|
-|notSpecified|
-|userAdd|
-|userUpdate|
-|userRemove|
-|adminAdd|
-|adminUpdate|
-|adminRemove|
-|systemAdd|
-|systemUpdate|
-|systemRemove|
-|onBehalfAdd|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notSpecified |
+| userAdd |
+| userUpdate |
+| userRemove |
+| adminAdd |
+| adminUpdate |
+| adminRemove |
+| systemAdd |
+| systemUpdate |
+| systemRemove |
+| onBehalfAdd |
+| unknownFutureValue |
### accessPackageSubjectType values
-|Member|
-|:|
-|notSpecified|
-|user|
-|servicePrincipal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notSpecified |
+| user |
+| servicePrincipal |
+| unknownFutureValue |
### connectedOrganizationState values
-|Member|
-|:|
-|configured|
-|proposed|
+| Member |
+| : |
+| configured |
+| proposed |
### accessReviewInstanceDecisionItemFilterByCurrentUserOptions values
-|Member|
-|:|
-|reviewer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| reviewer |
+| unknownFutureValue |
### accessReviewStageFilterByCurrentUserOptions values
-|Member|
-|:|
-|reviewer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| reviewer |
+| unknownFutureValue |
### volumeType values
-|Member|
-|:|
-|operatingSystemVolume|
-|fixedDataVolume|
-|removableDataVolume|
-|unknownFutureValue|
+| Member |
+| :-- |
+| operatingSystemVolume |
+| fixedDataVolume |
+| removableDataVolume |
+| unknownFutureValue |
### filterMode values
-|Member|
-|:|
-|include|
-|exclude|
+| Member |
+| : |
+| include |
+| exclude |
### lifecycleEventType values
-|Member|
-|:|
-|missed|
-|subscriptionRemoved|
-|reauthorizationRequired|
+| Member |
+| :- |
+| missed |
+| subscriptionRemoved |
+| reauthorizationRequired |
### changeType values
-|Member|
-|:|
-|clientIpAddress|
-|authenticatorAppGps|
+| Member |
+| : |
+| clientIpAddress |
+| authenticatorAppGps |
### countryLookupMethodType values
-|Member|
-|:|
-|clientIpAddress|
-|authenticatorAppGps|
+| Member |
+| : |
+| clientIpAddress |
+| authenticatorAppGps |
### consentRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|reviewer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| reviewer |
+| unknownFutureValue |
### educationFeedbackResourceOutcomeStatus values
-|Member|
-|:|
-|notPublished|
-|pendingPublish|
-|published|
-|failedPublish|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notPublished |
+| pendingPublish |
+| published |
+| failedPublish |
+| unknownFutureValue |
### externalEmailOtpState values
-|Member|
-|:|
-|default|
-|enabled|
-|disabled|
-|unknownFutureValue|
+| Member |
+| :-- |
+| default |
+| enabled |
+| disabled |
+| unknownFutureValue |
### educationAddedStudentAction values
-|Member|
-|:|
-|none|
-|assignIfOpen|
-|unknownFutureValue|
+| Member |
+| :-- |
+| none |
+| assignIfOpen |
+| unknownFutureValue |
### fido2RestrictionEnforcementType values
-|Member|
-|:|
-|allow|
-|block|
+| Member |
+| :-- |
+| allow |
+| block |
### x509CertificateAuthenticationMode values
-|Member|
-|:|
-|x509CertificateSingleFactor|
-|x509CertificateMultiFactor|
-|unknownFutureValue|
+| Member |
+| :-- |
+| x509CertificateSingleFactor |
+| x509CertificateMultiFactor |
+| unknownFutureValue |
### x509CertificateRuleType values
-|Member|
-|:|
-|issuerSubject|
-|policyOID|
-|unknownFutureValue|
+| Member |
+| :-- |
+| issuerSubject |
+| policyOID |
+| unknownFutureValue |
### attestationLevel values
-|Member|
-|:|
-|attested|
-|notAttested|
+| Member |
+| :- |
+| attested |
+| notAttested |
### authenticationMethodTargetType values
-|Member|
-|:|
-|user|
-|group|
+| Member |
+| :-- |
+| user |
+| group |
### authenticationMethodState values
-|Member|
-|:|
-|enabled|
-|disabled|
+| Member |
+| :- |
+| enabled |
+| disabled |
### microsoftAuthenticatorAuthenticationMode values
-|Member|
-|:|
-|any|
-|push|
-|deviceBasedPush|
+| Member |
+| :-- |
+| any |
+| push |
+| deviceBasedPush |
### keyStrength values
-|Member|
-|:|
-|normal|
-|weak|
-|unknown|
+| Member |
+| : |
+| normal |
+| weak |
+| unknown |
### authenticationMethodKeyStrength values
-|Member|
-|:|
-|normal|
-|weak|
-|unknown|
+| Member |
+| : |
+| normal |
+| weak |
+| unknown |
### allowInvitesFrom values
-|Member|
-|:|
-|none|
-|adminsAndGuestInviters|
-|adminsGuestInvitersAndAllMembers|
-|everyone|
-|unknownFutureValue|
+| Member |
+| :- |
+| none |
+| adminsAndGuestInviters |
+| adminsGuestInvitersAndAllMembers |
+| everyone |
+| unknownFutureValue |
### dataPolicyOperationStatus values
-|Member|
-|:|
-|notStarted|
-|running|
-|complete|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notStarted |
+| running |
+| complete |
+| failed |
+| unknownFutureValue |
### conditionalAccessDevicePlatform values
-| Member |
-|:--|
-|android|
-|iOS|
-|windows|
-|windowsPhone|
-|macOS|
-|all|
-|unknownFutureValue|
+| Member |
+| :-- |
+| android |
+| iOS |
+| windows |
+| windowsPhone |
+| macOS |
+| all |
+| unknownFutureValue |
### signinFrequencyType values
-| Member |
-|:--|
-|days|
-|hours|
+| Member |
+| :-- |
+| days |
+| hours |
### persistentBrowserSessionMode values
-| Member |
-|:--|
-|always|
-|never|
+| Member |
+| :-- |
+| always |
+| never |
### cloudAppSecuritySessionControlType values
-| Member |
-|:--|
-|mcasConfigured|
-|monitorOnly|
-|blockDownloads|
-|unknownFutureValue|
+| Member |
+| :-- |
+| mcasConfigured |
+| monitorOnly |
+| blockDownloads |
+| unknownFutureValue |
### conditionalAccessGrantControl values
-| Member |
-|:--|
-|block|
-|mfa|
-|compliantDevice|
-|domainJoinedDevice|
-|approvedApplication|
-|compliantApplication|
-|passwordChange|
-|unknownFutureValue|
+| Member |
+| :- |
+| block |
+| mfa |
+| compliantDevice |
+| domainJoinedDevice |
+| approvedApplication |
+| compliantApplication |
+| passwordChange |
+| unknownFutureValue |
### conditionalAccessClientApp values
-|Member|
-|:|
-|all|
-|browser|
-|mobileAppsAndDesktopClients|
-|exchangeActiveSync|
-|easSupported|
-|other|
-|unknownFutureValue|
+| Member |
+| :-- |
+| all |
+| browser |
+| mobileAppsAndDesktopClients |
+| exchangeActiveSync |
+| easSupported |
+| other |
+| unknownFutureValue |
### conditionalAccessPolicyState values
-|Member|
-|:|
-|enabled|
-|disabled|
-|enabledForReportingButNotEnforced|
+| Member |
+| :-- |
+| enabled |
+| disabled |
+| enabledForReportingButNotEnforced |
#### deviceProfileType values
-|Member|
-|:|
-|RegisteredDevice|
-|SecureVM|
-|Printer|
-|Shared|
-|IoT|
+| Member |
+| : |
+| RegisteredDevice |
+| SecureVM |
+| Printer |
+| Shared |
+| IoT |
### appliedConditionalAccessPolicyResult values
-|Member|
-|:|
-|success|
-|failure|
-|notApplied|
-|notEnabled|
-|unknown|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| notApplied |
+| notEnabled |
+| unknown |
+| unknownFutureValue |
### groupType values
-|Member|
-|:|
-|unifiedGroups|
-|azureAD|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unifiedGroups |
+| azureAD |
+| unknownFutureValue |
### conditionalAccessStatus values
-|Member|
-|:|
-|success|
-|failure|
-|notApplied|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| notApplied |
+| unknownFutureValue |
### templateScenarios values
-|Member |
-|:|
-|new |
-|secureFoundation |
-|zeroTrust |
-|remoteWork |
-|protectAdmins |
-|emergingThreats |
-|unknownFutureValue |
+| Member |
+| :-- |
+| new |
+| secureFoundation |
+| zeroTrust |
+| remoteWork |
+| protectAdmins |
+| emergingThreats |
+| unknownFutureValue |
### operationResult values
-|Member|
-|:|
-|success|
-|failure|
-|timeout|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| timeout |
+| unknownFutureValue |
### tone values
-|Member|
-|:|
-|tone0|
-|tone1|
-|tone2|
-|tone3|
-|tone4|
-|tone5|
-|tone6|
-|tone7|
-|tone8|
-|tone9|
-|star|
-|pound|
-|a|
-|b|
-|c|
-|d|
-|flash|
+| Member |
+| :-- |
+| tone0 |
+| tone1 |
+| tone2 |
+| tone3 |
+| tone4 |
+| tone5 |
+| tone6 |
+| tone7 |
+| tone8 |
+| tone9 |
+| star |
+| pound |
+| a |
+| b |
+| c |
+| d |
+| flash |
### mediaState values
-|Member|
-|:|
-|active|
-|inactive|
-|unknownFutureValue|
+| Member |
+| :-- |
+| active |
+| inactive |
+| unknownFutureValue |
### basicStatus values
-|Member|
-|:|
-|active|
-|inactive|
+| Member |
+| :- |
+| active |
+| inactive |
### callState values
-|Member|
-|:|
-|incoming|
-|establishing|
-|ringing|
-|established|
-|hold|
-|transferring|
-|transferAccepted|
-|redirecting|
-|terminating|
-|terminated|
+| Member |
+| : |
+| incoming |
+| establishing |
+| ringing |
+| established |
+| hold |
+| transferring |
+| transferAccepted |
+| redirecting |
+| terminating |
+| terminated |
### callType values
-|Member|
-|:|
-|unknown|
-|groupCall|
-|peerToPeer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unknown |
+| groupCall |
+| peerToPeer |
+| unknownFutureValue |
### educationAddToCalendarOptions values
-|Member|
-|:|
-|none|
-|studentsAndPublisher|
-|studentsAndTeamOwners|
-|unknownFutureValue|
-|studentsOnly|
+| Member |
+| :-- |
+| none |
+| studentsAndPublisher |
+| studentsAndTeamOwners |
+| unknownFutureValue |
+| studentsOnly |
### educationSubmissionStatus values
-|Member|
-|:|
-|working|
-|submitted|
-|released|
-|returned|
-|unknownFutureValue|
-|reassigned|
+| Member |
+| :-- |
+| working |
+| submitted |
+| released |
+| returned |
+| unknownFutureValue |
+| reassigned |
### onlineMeetingRole values
-|Member|
-|:|
-|attendee|
-|presenter|
-|unknownFutureValue|
+| Member |
+| :-- |
+| attendee |
+| presenter |
+| unknownFutureValue |
### modality values
-|Member|
-|:|
-|audio|
-|video|
-|videoBasedScreenSharing|
-|data|
-|screenSharing|
-|unknownFutureValue|
+| Member |
+| :- |
+| audio |
+| video |
+| videoBasedScreenSharing |
+| data |
+| screenSharing |
+| unknownFutureValue |
### callDirection values
-|Member|
-|:|
-|incoming|
-|outgoing|
+| Member |
+| :- |
+| incoming |
+| outgoing |
### signInAudience values
-|Member|
-|:|
-|AzureADMyOrg|
-|AzureADMultipleOrgs|
-|AzureADandPersonalMicrosoftAccount|
-|PersonalMicrosoftAccount|
+| Member |
+| : |
+| AzureADMyOrg |
+| AzureADMultipleOrgs |
+| AzureADandPersonalMicrosoftAccount |
+| PersonalMicrosoftAccount |
### groupMembershipClaims values
-|Member|
-|:|
-|None|
-|SecurityGroup|
-|All|
+| Member |
+| : |
+| None |
+| SecurityGroup |
+| All |
### recipientScopeType values
-|Member|
-|:|
-|none|
-|internal|
-|external|
-|externalPartner|
-|externalNonPartner|
+| Member |
+| :-- |
+| none |
+| internal |
+| external |
+| externalPartner |
+| externalNonPartner |
### activityType values
-|Member|
-|:|
-|signin|
-|user|
-|unknownFutureValue|
-|servicePrincipal|
+| Member |
+| :-- |
+| signin |
+| user |
+| unknownFutureValue |
+| servicePrincipal |
### riskDetectionTimingType values
-|Member|
-|:|
-|notDefined|
-|realtime|
-|nearRealtime|
-|offline|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notDefined |
+| realtime |
+| nearRealtime |
+| offline |
+| unknownFutureValue |
### tokenIssuerType values
-|Member|
-|:|
-|AzureAD|
-|ADFederationServices|
-|UnknownFutureValue|
+| Member |
+| :- |
+| AzureAD |
+| ADFederationServices |
+| UnknownFutureValue |
### attachmentType values
Namespace: microsoft.graph
### contactRelationship values
-|Member|Value|Description|
-|:|:|:|
-|parent|0|The user's parent.|
-|relative|1| The user's relative.|
-|aide|2| The user's aide.|
-|doctor|3| The user's doctor.|
-|guardian|4| The user's guardian.|
-|child|5| The user's child.|
-|other|6| An unspecified relationship to the user.|
-|unknownFutureValue|7| Marker value for future compatibility.|
+| Member | Value | Description |
+| :-- | :- | : |
+| parent | 0 | The user's parent. |
+| relative | 1 | The user's relative. |
+| aide | 2 | The user's aide. |
+| doctor | 3 | The user's doctor. |
+| guardian | 4 | The user's guardian. |
+| child | 5 | The user's child. |
+| other | 6 | An unspecified relationship to the user. |
+| unknownFutureValue | 7 | Marker value for future compatibility. |
### scheduleEntityTheme values
Namespace: microsoft.graph
### timeOffReasonIconType values
-|Member|
-|:|
-|none|
-|car|
-|calendar|
-|running|
-|plane|
-|firstAid|
-|doctor|
-|notWorking|
-|clock|
-|juryDuty|
-|globe|
-|cup|
-|phone|
-|weather|
-|umbrella|
-|piggyBank|
-|dog|
-|cake|
-|trafficCone|
-|pin|
-|sunny|
-|unknownFutureValue|
+| Member |
+| :-- |
+| none |
+| car |
+| calendar |
+| running |
+| plane |
+| firstAid |
+| doctor |
+| notWorking |
+| clock |
+| juryDuty |
+| globe |
+| cup |
+| phone |
+| weather |
+| umbrella |
+| piggyBank |
+| dog |
+| cake |
+| trafficCone |
+| pin |
+| sunny |
+| unknownFutureValue |
### workforceIntegrationEncryptionProtocol values
Namespace: microsoft.graph
### workforceIntegrationSupportedEntities values
-|Member|
-|:|
-|none|
-|shift|
-|swapRequest|
-|userShiftPreferences|
-|openShift|
-|openShiftRequest|
-|offerShiftRequest|
-|unknownFutureValue|
+| Member |
+| :- |
+| none |
+| shift |
+| swapRequest |
+| userShiftPreferences |
+| openShift |
+| openShiftRequest |
+| offerShiftRequest |
+| unknownFutureValue |
### timeZoneStandard values
Namespace: microsoft.graph
### freeBusyStatus values
-| Member |Value
-|:|:-
-| free | 0
-| tentative | 1
-| busy | 2
-| oof | 3
-| workingElsewhere | 4
-| unknown | -1
+| Member | Value |
+| : | :- |
+| free | 0 |
+| tentative | 1 |
+| busy | 2 |
+| oof | 3 |
+| workingElsewhere | 4 |
+| unknown | -1 |
### attendeeType values
Namespace: microsoft.graph
### calendarColor values
-| Member | Value
-|:--|:-
-| auto | -1
-| lightBlue | 0
-| lightGreen | 1
-| lightOrange| 2
-| lightGray | 3
-| lightYellow| 4
-| lightTeal | 5
-| lightPink | 6
-| lightBrown | 7
-| lightRed | 8
-| maxColor | 9
+| Member | Value |
+| :- | :- |
+| auto | -1 |
+| lightBlue | 0 |
+| lightGreen | 1 |
+| lightOrange | 2 |
+| lightGray | 3 |
+| lightYellow | 4 |
+| lightTeal | 5 |
+| lightPink | 6 |
+| lightBrown | 7 |
+| lightRed | 8 |
+| maxColor | 9 |
### educationExternalSource values
Namespace: microsoft.graph
### onenoteUserRole values
-| Member | Value
-|:|:
-| Owner | 0
-| Contributor | 1
-| Reader | 2
-| None | -1
+| Member | Value |
+| :- | :- |
+| Owner | 0 |
+| Contributor | 1 |
+| Reader | 2 |
+| None | -1 |
### operationStatus values
Namespace: microsoft.graph
### plannerContainerType values
-|Member|
-|:|
-|group|
-|unknownFutureValue|
-|roster|
+| Member |
+| :-- |
+| group |
+| unknownFutureValue |
+| roster |
### plannerPreviewType values
Namespace: microsoft.graph
### categoryColor values
-| Member |Value
-|:|:--
-| none | -1
-| preset0 | 0
-| preset1 | 1
-| preset2 | 2
-| preset3 | 3
-| preset4 | 4
-| preset5 | 5
-| preset6 | 6
-| preset7 | 7
-| preset8 | 8
-| preset9 | 9
-| preset10 | 10
-| preset11 | 11
-| preset12 | 12
-| preset13 | 13
-| preset14 | 14
-| preset15 | 15
-| preset16 | 16
-| preset17 | 17
-| preset18 | 18
-| preset19 | 19
-| preset20 | 20
-| preset21 | 21
-| preset22 | 22
-| preset23 | 23
-| preset24 | 24
+| Member | Value |
+| :- | :- |
+| none | -1 |
+| preset0 | 0 |
+| preset1 | 1 |
+| preset2 | 2 |
+| preset3 | 3 |
+| preset4 | 4 |
+| preset5 | 5 |
+| preset6 | 6 |
+| preset7 | 7 |
+| preset8 | 8 |
+| preset9 | 9 |
+| preset10 | 10 |
+| preset11 | 11 |
+| preset12 | 12 |
+| preset13 | 13 |
+| preset14 | 14 |
+| preset15 | 15 |
+| preset16 | 16 |
+| preset17 | 17 |
+| preset18 | 18 |
+| preset19 | 19 |
+| preset20 | 20 |
+| preset21 | 21 |
+| preset22 | 22 |
+| preset23 | 23 |
+| preset24 | 24 |
### alertFeedback values Possible feedback values on the alert provided by an analyst.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown.|
-|truePositive|1|Alert is true-positive.|
-|falsePositive|2| Alert is false-positive.|
-|benignPositive|3| Alert is benign-positive.|
+| Member | Value | Description |
+| :- | :- | : |
+| unknown | 0 | Unknown. |
+| truePositive | 1 | Alert is true-positive. |
+| falsePositive | 2 | Alert is false-positive. |
+| benignPositive | 3 | Alert is benign-positive. |
### fileHashType values Enum for file hash types.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown type.|
-|sha1|1|SHA1 hash type.|
-|sha256|2| SHA256 hash type.|
-|md5|3| MD5 hash type.|
-|authenticodeHash256|4| AuthenticodeHash256 hash type.|
-|lsHash|5| LsHash hash type.|
-|ctph|6| CTPH hash type.|
-|peSha1|7| PESHA1 hash type.|
-|peSha256|8| PESHA256 hash type.|
+| Member | Value | Description |
+| : | :- | :-- |
+| unknown | 0 | Unknown type. |
+| sha1 | 1 | SHA1 hash type. |
+| sha256 | 2 | SHA256 hash type. |
+| md5 | 3 | MD5 hash type. |
+| authenticodeHash256 | 4 | AuthenticodeHash256 hash type. |
+| lsHash | 5 | LsHash hash type. |
+| ctph | 6 | CTPH hash type. |
+| peSha1 | 7 | PESHA1 hash type. |
+| peSha256 | 8 | PESHA256 hash type. |
### connectionDirection values Enum for the direction of the network connection (inbound/outbound).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown connection.|
-|inbound|1|Inbound connection.|
-|outbound|2| Outbound connection.|
+| Member | Value | Description |
+| :- | :- | :- |
+| unknown | 0 | Unknown connection. |
+| inbound | 1 | Inbound connection. |
+| outbound | 2 | Outbound connection. |
### connectionStatus values Enum for the status of connections.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown connection status.|
-|attempted|1|Connection attempted.|
-|succeeded|2| Connection succeeded.|
-|blocked|3| Connection blocked.|
-|failed|4| Connection failed.|
+| Member | Value | Description |
+| :-- | :- | :- |
+| unknown | 0 | Unknown connection status. |
+| attempted | 1 | Connection attempted. |
+| succeeded | 2 | Connection succeeded. |
+| blocked | 3 | Connection blocked. |
+| failed | 4 | Connection failed. |
### processIntegrityLevel values Possible integrity level values of the process.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown.|
-|untrusted|10|Integrity level is Untrusted.|
-|low|20| Integrity level is Low.|
-|medium|30| Integrity level is Medium.|
-|high|40| Integrity level is High.|
-|system|50| Integrity level is System.|
+| Member | Value | Description |
+| :-- | :- | :- |
+| unknown | 0 | Unknown. |
+| untrusted | 10 | Integrity level is Untrusted. |
+| low | 20 | Integrity level is Low. |
+| medium | 30 | Integrity level is Medium. |
+| high | 40 | Integrity level is High. |
+| system | 50 | Integrity level is System. |
### registryHive values Enum for registry hives as defined by [/windows/desktop/sysinfo/registry-hives](/windows/desktop/sysinfo/registry-hives).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown hive.|
-|currentConfig|1|HKEY_CURRENT_CONFIG hive.|
-|currentUser|2| HKEY_CURRENT_USER hive.|
-|localMachineSam|3| HKEY_LOCAL_MACHINE\SAM hive.|
-|localMachineSamSoftware|4| HKEY_LOCAL_MACHINE\Software hive.|
-|localMachineSystem|5| HKEY_LOCAL_MACHINE\System hive.|
-|usersDefault|6| HKEY_USERS\\.DEFAULT hive.|
+| Member | Value | Description |
+| :- | :- | :-- |
+| unknown | 0 | Unknown hive. |
+| currentConfig | 1 | HKEY_CURRENT_CONFIG hive. |
+| currentUser | 2 | HKEY_CURRENT_USER hive. |
+| localMachineSam | 3 | HKEY_LOCAL_MACHINE\SAM hive. |
+| localMachineSamSoftware | 4 | HKEY_LOCAL_MACHINE\Software hive. |
+| localMachineSystem | 5 | HKEY_LOCAL_MACHINE\System hive. |
+| usersDefault | 6 | HKEY_USERS\\.DEFAULT hive. |
### registryOperation values Operation that changed the registry key name and/or value.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown registry value type.|
-|create|1|Create registry.|
-|modify|2|Modify registry.|
-|delete|3|Delete registry.|
+| Member | Value | Description |
+| : | :- | : |
+| unknown | 0 | Unknown registry value type. |
+| create | 1 | Create registry. |
+| modify | 2 | Modify registry. |
+| delete | 3 | Delete registry. |
### registryValueType values Enum for registry value types as defined by [/windows/desktop/sysinfo/registry-value-types](/windows/desktop/sysinfo/registry-value-types).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown registry value type.|
-|binary|1|REG_BINARY registry value type.|
-|dword|2| REG_DWORD registry value type.|
-|dwordLittleEndian|3| REG_DWORD_LITTLE_ENDIAN registry value type.|
-|dwordBigEndian|4| REG_DWORD_BIG_ENDIAN registry value type.|
-|expandSz|5| REG_EXPAND_SZ registry value type.|
-|link|6| REG_LINK registry value type.|
-|multiSz|7| REG_MULTI_SZ registry value type.|
-|none|8| REG_NONE registry value type.|
-|qword|9| REG_QWORD registry value type.|
-|qwordlittleEndian|10| REG_QWORD_LITTLE_ENDIAN registry value type.|
-|sz|11| REG_SZ registry value type.|
+| Member | Value | Description |
+| :- | :- | :- |
+| unknown | 0 | Unknown registry value type. |
+| binary | 1 | REG_BINARY registry value type. |
+| dword | 2 | REG_DWORD registry value type. |
+| dwordLittleEndian | 3 | REG_DWORD_LITTLE_ENDIAN registry value type. |
+| dwordBigEndian | 4 | REG_DWORD_BIG_ENDIAN registry value type. |
+| expandSz | 5 | REG_EXPAND_SZ registry value type. |
+| link | 6 | REG_LINK registry value type. |
+| multiSz | 7 | REG_MULTI_SZ registry value type. |
+| none | 8 | REG_NONE registry value type. |
+| qword | 9 | REG_QWORD registry value type. |
+| qwordlittleEndian | 10 | REG_QWORD_LITTLE_ENDIAN registry value type. |
+| sz | 11 | REG_SZ registry value type. |
### alertSeverity values Enum for severity of alerts.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Severity is unknown.|
-|informational|1|Severity is only for information.|
-|low|2| Severity is low.|
-|medium|3| Severity is medium.|
-|high|4| Severity is high.|
+| Member | Value | Description |
+| : | :- | :-- |
+| unknown | 0 | Severity is unknown. |
+| informational | 1 | Severity is only for information. |
+| low | 2 | Severity is low. |
+| medium | 3 | Severity is medium. |
+| high | 4 | Severity is high. |
### alertStatus values Possible values of an Alert lifecycle status (stage).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown status.|
-|newAlert|10| Alert is new.|
-|inProgress|20|Alert is in progress.|
-|resolved|30|Alert is resolved.|
+| Member | Value | Description |
+| : | :- | :-- |
+| unknown | 0 | Unknown status. |
+| newAlert | 10 | Alert is new. |
+| inProgress | 20 | Alert is in progress. |
+| resolved | 30 | Alert is resolved. |
### emailRole values Possible values for email roles.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown Role.|
-|sender|1|Sender of the email.|
-|recipient|2|Recipient of the email.|
+| Member | Value | Description |
+| :-- | :- | :- |
+| unknown | 0 | Unknown Role. |
+| sender | 1 | Sender of the email. |
+| recipient | 2 | Recipient of the email. |
### logonType values Possible values for the method of user signin.
-|Member|Value|Description|
-|:|:|:|
-|unknown|-1|Unknown.|
-|interactive|0|Logon is interactive.|
-|remoteInteractive|1| Logon is remote interactive.|
-|network|2| Logon is network.|
-|batch|3| Logon is batch.|
-|service|4| Logon is service.|
+| Member | Value | Description |
+| :- | :- | : |
+| unknown | -1 | Unknown. |
+| interactive | 0 | Logon is interactive. |
+| remoteInteractive | 1 | Logon is remote interactive. |
+| network | 2 | Logon is network. |
+| batch | 3 | Logon is batch. |
+| service | 4 | Logon is service. |
### userAccountSecurityType values Possible values for user account types (group membership), per Windows definition.
-|Member|Member|Description|
-|:|:|:|
-|unknown|-1|Unknown.|
-|standard|0|Member of Standard Users group.|
-|power|1| Member of Power Users group.|
-|administrator|2| Member of Administrators group.|
+| Member | Member | Description |
+| : | :-- | : |
+| unknown | -1 | Unknown. |
+| standard | 0 | Member of Standard Users group. |
+| power | 1 | Member of Power Users group. |
+| administrator | 2 | Member of Administrators group. |
### riskDetail values
-|Member|
-|:|
-|none|
-|adminGeneratedTemporaryPassword|
-|userPerformedSecuredPasswordChange|
-|userPerformedSecuredPasswordReset|
-|adminConfirmedSigninSafe|
-|aiConfirmedSigninSafe|
-|userPassedMFADrivenByRiskBasedPolicy|
-|adminDismissedAllRiskForUser|
-|adminConfirmedSigninCompromised|
-|hidden|
-|adminConfirmedUserCompromised|
-|unknownFutureValue|
-|adminConfirmedServicePrincipalCompromised|
-|adminDismissedAllRiskForServicePrincipal|
-|m365DAdminDismissedDetection|
+| Member |
+| :- |
+| none |
+| adminGeneratedTemporaryPassword |
+| userPerformedSecuredPasswordChange |
+| userPerformedSecuredPasswordReset |
+| adminConfirmedSigninSafe |
+| aiConfirmedSigninSafe |
+| userPassedMFADrivenByRiskBasedPolicy |
+| adminDismissedAllRiskForUser |
+| adminConfirmedSigninCompromised |
+| hidden |
+| adminConfirmedUserCompromised |
+| unknownFutureValue |
+| adminConfirmedServicePrincipalCompromised |
+| adminDismissedAllRiskForServicePrincipal |
+| m365DAdminDismissedDetection |
### riskEventTypes values
Possible values for user account types (group membership), per Windows definitio
### riskEventType values
-|Member|
-|:|
-|unlikelyTravel|
-|anonymizedIPAddress|
-|maliciousIPAddress|
-|unfamiliarFeatures|
-|malwareInfectedIPAddress|
-|suspiciousIPAddress|
-|leakedCredentials|
-|investigationsThreatIntelligence|
-|generic|
-|adminConfirmedUserCompromised|
-|mcasImpossibleTravel|
-|mcasSuspiciousInboxManipulationRules|
-|investigationsThreatIntelligenceSigninLinked|
-|maliciousIPAddressValidCredentialsBlockedIP|
-|unknownFutureValue|
+| Member |
+| :- |
+| unlikelyTravel |
+| anonymizedIPAddress |
+| maliciousIPAddress |
+| unfamiliarFeatures |
+| malwareInfectedIPAddress |
+| suspiciousIPAddress |
+| leakedCredentials |
+| investigationsThreatIntelligence |
+| generic |
+| adminConfirmedUserCompromised |
+| mcasImpossibleTravel |
+| mcasSuspiciousInboxManipulationRules |
+| investigationsThreatIntelligenceSigninLinked |
+| maliciousIPAddressValidCredentialsBlockedIP |
+| unknownFutureValue |
### riskLevel values
Possible values for user account types (group membership), per Windows definitio
### exchangeIdFormat values
-|Member|
-|:|
-|entryId|
-|ewsId|
-|immutableEntryId|
-|restId|
-|restImmutableEntryId|
+| Member |
+| :- |
+| entryId |
+| ewsId |
+| immutableEntryId |
+| restId |
+| restImmutableEntryId |
### onlineMeetingProviderType values
-|Member|
-|:|
-|unknown|
-|skypeForBusiness|
-|skypeForConsumer|
-|teamsForBusiness|
+| Member |
+| : |
+| unknown |
+| skypeForBusiness |
+| skypeForConsumer |
+| teamsForBusiness |
### delegateMeetingMessageDeliveryOptions values
-|Member|
-|:|
-|sendToDelegateAndInformationToPrincipal|
-|sendToDelegateAndPrincipal|
-|sendToDelegateOnly|
+| Member |
+| :-- |
+| sendToDelegateAndInformationToPrincipal |
+| sendToDelegateAndPrincipal |
+| sendToDelegateOnly |
### calendarRoleType values
-|Member|
-|:|
-|none|
-|freeBusyRead|
-|limitedRead|
-|read|
-|write|
-|delegateWithoutPrivateEventAccess|
-|delegateWithPrivateEventAccess|
-|custom|
+| Member |
+| :-- |
+| none |
+| freeBusyRead |
+| limitedRead |
+| read |
+| write |
+| delegateWithoutPrivateEventAccess |
+| delegateWithPrivateEventAccess |
+| custom |
### threatAssessmentContentType values | Member | Value | Description |
-|:-|:|:|
+| :-- | :- | :- |
| mail | 1 | Mail threat. | | url | 2 | URL threat. | | file | 3 | Attachment file threat. |
Possible values for user account types (group membership), per Windows definitio
### threatExpectedAssessment values | Member | Value | Description |
-|:--|:|:-|
+| : | :- | :-- |
| block | 1 | The threat should be blocked. | | unblock | 2 | The threat should not be blocked. | ### threatCategory values | Member | Value | Description |
-|:-|:|:-|
+| :-- | :- | :-- |
| spam | 1 | Spam threat. | | phishing | 2 | Phishing threat. | | malware | 3 | Malware threat. |
Possible values for user account types (group membership), per Windows definitio
### threatAssessmentStatus values | Member | Value | Description |
-|:-|:|:--|
+| :-- | :- | : |
| pending | 1 | The threat assessment still in progress. | | completed | 2 | The threat assessment completed. | ### threatAssessmentRequestSource values | Member | Value | Description |
-|:--|:|:-|
+| : | :- | :-- |
| undefined | 0 | Not yet know. | | user | 1 | User submission. | | administrator | 2 | Tenant admin submission. |
Possible values for user account types (group membership), per Windows definitio
### threatAssessmentResultType values | Member | Value | Description |
-|:-|:|:--|
+| :-- | :- | : |
| checkPolicy | 1 | The policy check result, only for `mail` assessment. | | rescan | 2 | The rescan result. | | unknownFutureValue | 3 | A sentinel member. |
Possible values for user account types (group membership), per Windows definitio
### mailDestinationRoutingReason values | Member | Value | Description |
-|:-|:|:|
+| :-- | :- | :- |
| none | 0 | Not yet know. | | mailFlowRule | 1 | Exchange transport rule. | | safeSender | 2 | Safe sender list. |
Possible values for user account types (group membership), per Windows definitio
### chatMessageType values
-| Value |
-|:--|
-| message |
-| chatEvent |
-| typing |
+| Value |
+| :-- |
+| message |
+| chatEvent |
+| typing |
| unknownFutureValue | | systemEventMessage | ### chatMessagePolicyViolationDlpActionType values
-| Value |
-|:--|
-| none |
-| NotifySender |
-| BlockAccess |
+| Value |
+| : |
+| none |
+| NotifySender |
+| BlockAccess |
| BlockAccessExternal | ### chatMessagePolicyViolationUserActionType values
-| Member | Int value | Description |
-|:|:--|:-|
-| None | 0 | Default value. This is the value on a message when the user has not taken an action on the message blocked by DLP. |
-| Override | 1 | Sender has overridden the message verdict and sent the message anyway.|
-| ReportFalsePositive | 2 | Sender has reported the message verdict to the admins as a false positive.|
+| Member | Int value | Description |
+| : | :-- | :-- |
+| None | 0 | Default value. This is the value on a message when the user has not taken an action on the message blocked by DLP. |
+| Override | 1 | Sender has overridden the message verdict and sent the message anyway. |
+| ReportFalsePositive | 2 | Sender has reported the message verdict to the admins as a false positive. |
### chatMessagePolicyViolationVerdictDetailsType values
-| Member | Int value | Description |
-|:|:--|:-|
-| None | 0 | User is not allowed to override the message. User is not allowed to report a message as false positive if policyTip is not provided. In all other scenarios, user can report a message as false positive.|
-| AllowFalsePositiveOverride | 1 | User is not allowed to explicitly override the block unless this is combined with `AllowOverrideWithoutJustification` or `AllowOverrideWithJustification` flags. Reporting a false positive on the violation automatically overrides the block and sends the message. |
-| AllowOverrideWithoutJustification | 2 | User is allowed to override the block and send the message. Justification text is not required. Exclusive to `AllowOverrideWithJustification`. |
-| AllowOverrideWithJustification | 4 | User is allowed to override the block and send the message. Justification text is required. Exclusive to `AllowOverrideWithoutJustification`.|
+| Member | Int value | Description |
+| :-- | :-- | :-- |
+| None | 0 | User is not allowed to override the message. User is not allowed to report a message as false positive if policyTip is not provided. In all other scenarios, user can report a message as false positive. |
+| AllowFalsePositiveOverride | 1 | User is not allowed to explicitly override the block unless this is combined with `AllowOverrideWithoutJustification` or `AllowOverrideWithJustification` flags. Reporting a false positive on the violation automatically overrides the block and sends the message. |
+| AllowOverrideWithoutJustification | 2 | User is allowed to override the block and send the message. Justification text is not required. Exclusive to `AllowOverrideWithJustification`. |
+| AllowOverrideWithJustification | 4 | User is allowed to override the block and send the message. Justification text is required. Exclusive to `AllowOverrideWithoutJustification`. |
### wellknownListName values | Member
Possible values for user account types (group membership), per Windows definitio
### columnTypes values
-|Member|Description|
-|:-|:
-|note| Multiline text. |
-|text | Single line text. |
-|choice | Choice column |
-|multichoice | Multichoice column. |
-|number | Number column. |
-|currency | Currency column. |
-|dateTime | DateTime column. |
-|lookup | Lookup column. |
-|boolean | Yes/No column. |
-|user | Person or group column. |
-|url | Hyperlink or picture column. |
-|calculated | Calculated column. |
-|location | Location column. |
-|geolocation | Geolocation column. |
-|term | Managed metadata column. |
-|multiterm | Managed metadata column accepting multiple values. |
-|thumbnail | Image column. |
-|approvalStatus | Content approval status column. |
-|unknownFutureValue | UnknownFuturevalue |
+| Member | Description |
+| :-- | :- |
+| note | Multiline text. |
+| text | Single line text. |
+| choice | Choice column |
+| multichoice | Multichoice column. |
+| number | Number column. |
+| currency | Currency column. |
+| dateTime | DateTime column. |
+| lookup | Lookup column. |
+| boolean | Yes/No column. |
+| user | Person or group column. |
+| url | Hyperlink or picture column. |
+| calculated | Calculated column. |
+| location | Location column. |
+| geolocation | Geolocation column. |
+| term | Managed metadata column. |
+| multiterm | Managed metadata column accepting multiple values. |
+| thumbnail | Image column. |
+| approvalStatus | Content approval status column. |
+| unknownFutureValue | UnknownFuturevalue |
### permissionClassificationType values
Possible values for user account types (group membership), per Windows definitio
### printColorMode values
-|Member|
-|:|
-|blackAndWhite|
-|grayscale|
-|color|
-|auto|
-|unknownFutureValue|
+| Member |
+| :-- |
+| blackAndWhite |
+| grayscale |
+| color |
+| auto |
+| unknownFutureValue |
### printDuplexMode values
-|Member|
-|:|
-|flipOnLongEdge|
-|flipOnShortEdge|
-|oneSided|
-|unknownFutureValue|
+| Member |
+| :-- |
+| flipOnLongEdge |
+| flipOnShortEdge |
+| oneSided |
+| unknownFutureValue |
### printerFeedOrientation values
-|Member|
-|:|
-|longEdgeFirst|
-|shortEdgeFirst|
-|unknownFutureValue|
+| Member |
+| :-- |
+| longEdgeFirst |
+| shortEdgeFirst |
+| unknownFutureValue |
### printFinishing values
-|Member|
-|:|
-|none|
-|staple|
-|punch|
-|cover|
-|bind|
-|saddleStitch|
-|stitchEdge|
-|stapleTopLeft|
-|stapleBottomLeft|
-|stapleTopRight|
-|stapleBottomRight|
-|stitchLeftEdge|
-|stitchTopEdge|
-|stitchRightEdge|
-|stitchBottomEdge|
-|stapleDualLeft|
-|stapleDualTop|
-|stapleDualRight|
-|stapleDualBottom|
-|unknownFutureValue|
+| Member |
+| :-- |
+| none |
+| staple |
+| punch |
+| cover |
+| bind |
+| saddleStitch |
+| stitchEdge |
+| stapleTopLeft |
+| stapleBottomLeft |
+| stapleTopRight |
+| stapleBottomRight |
+| stitchLeftEdge |
+| stitchTopEdge |
+| stitchRightEdge |
+| stitchBottomEdge |
+| stapleDualLeft |
+| stapleDualTop |
+| stapleDualRight |
+| stapleDualBottom |
+| unknownFutureValue |
### printMultipageLayout values
-|Member|
-|:|
-|clockwiseFromTopLeft|
-|counterclockwiseFromTopLeft|
-|counterclockwiseFromTopRight|
-|clockwiseFromTopRight|
-|counterclockwiseFromBottomLeft|
-|clockwiseFromBottomLeft|
-|counterclockwiseFromBottomRight|
-|clockwiseFromBottomRight|
-|unknownFutureValue|
+| Member |
+| : |
+| clockwiseFromTopLeft |
+| counterclockwiseFromTopLeft |
+| counterclockwiseFromTopRight |
+| clockwiseFromTopRight |
+| counterclockwiseFromBottomLeft |
+| clockwiseFromBottomLeft |
+| counterclockwiseFromBottomRight |
+| clockwiseFromBottomRight |
+| unknownFutureValue |
### printOrientation values
-|Member|
-|:|
-|portrait|
-|landscape|
-|reverseLandscape|
-|reversePortrait|
-|unknownFutureValue|
+| Member |
+| :-- |
+| portrait |
+| landscape |
+| reverseLandscape |
+| reversePortrait |
+| unknownFutureValue |
### printQuality values
-|Member|
-|:|
-|low|
-|medium|
-|high|
-|unknownFutureValue|
+| Member |
+| :-- |
+| low |
+| medium |
+| high |
+| unknownFutureValue |
### printScaling values
-|Member|
-|:|
-|auto|
-|shrinkToFit|
-|fill|
-|fit|
-|none|
-|unknownFutureValue|
+| Member |
+| :-- |
+| auto |
+| shrinkToFit |
+| fill |
+| fit |
+| none |
+| unknownFutureValue |
### userFlowType values
Possible values for user account types (group membership), per Windows definitio
### identityUserFlowAttributeDataType values
-| Member |
-|:-|
-| string |
-| boolean |
-| int64 |
-| stringCollection |
-| dateTime |
-| unknownFutureValue |
+| Member |
+| :-- |
+| string |
+| boolean |
+| int64 |
+| stringCollection |
+| dateTime |
+| unknownFutureValue |
### identityUserFlowAttributeType values
-| Member |
-|:-|
-| builtIn |
-| custom |
-| required |
-| unknownFutureValue |
+| Member |
+| :-- |
+| builtIn |
+| custom |
+| required |
+| unknownFutureValue |
### identityUserFlowAttributeInputType values
-| Member |
-|:-|
-| textBox |
-| dateTimeDropDown |
-| radioSingleSelect |
-| dropdownSingleSelect |
-| emailBox |
-| checkboxMultiSelect |
+| Member |
+| :- |
+| textBox |
+| dateTimeDropDown |
+| radioSingleSelect |
+| dropdownSingleSelect |
+| emailBox |
+| checkboxMultiSelect |
### teamworkActivityTopicSource values
Possible values for user account types (group membership), per Windows definitio
### provisioningResult values
-|Member|
-|:|
-|success|
-|failure|
-|skipped|
-|warning|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| skipped |
+| warning |
+| unknownFutureValue |
### provisioningStepType values
-|Member|
-|:|
-|import|
-|scoping|
-|matching|
-|processing|
-|referenceResolution|
-|export|
-|unknownFutureValue|
+| Member |
+| : |
+| import |
+| scoping |
+| matching |
+| processing |
+| referenceResolution |
+| export |
+| unknownFutureValue |
### provisioningStatusErrorCategory values
-|Member|
-|:|
-|failure|
-|nonServiceFailure|
-|success|
-|unknownFutureValue|
+| Member |
+| :-- |
+| failure |
+| nonServiceFailure |
+| success |
+| unknownFutureValue |
### provisioningAction values
-|Member|
-|:|
-|other|
-|create|
-|delete|
-|disable|
-|update|
-|stagedDelete|
-|unknownFutureValue|
+| Member |
+| :-- |
+| other |
+| create |
+| delete |
+| disable |
+| update |
+| stagedDelete |
+| unknownFutureValue |
### initiatorType values
-|Member|
-|:|
-|user|
-|application|
-|system|
-|unknownFutureValue|
+| Member |
+| :-- |
+| user |
+| application |
+| system |
+| unknownFutureValue |
### teamworkApplicationIdentityType values
-|Member|
-|:|
-|aadApplication|
-|bot|
-|tenantBot|
-|office365Connector|
-|outgoingWebhook|
-|unknownFutureValue|
+| Member |
+| :-- |
+| aadApplication |
+| bot |
+| tenantBot |
+| office365Connector |
+| outgoingWebhook |
+| unknownFutureValue |
### teamworkConversationIdentityType values
-|Member|
-|:|
-|team|
-|channel|
-|chat|
-|unknownFutureValue|
+| Member |
+| :-- |
+| team |
+| channel |
+| chat |
+| unknownFutureValue |
### teamworkUserIdentityType values
-|Member|
-|:|
-|aadUser|
-|onPremiseAadUser|
-|anonymousGuest|
-|federatedUser|
-|personalMicrosoftAccountUser|
-|skypeUser|
-|phoneUser|
-|unknownFutureValue|
-|emailUser|
+| Member |
+| : |
+| aadUser |
+| onPremiseAadUser |
+| anonymousGuest |
+| federatedUser |
+| personalMicrosoftAccountUser |
+| skypeUser |
+| phoneUser |
+| unknownFutureValue |
+| emailUser |
### postType values
-|Member|
-|:|
-|regular|
-|quick|
-|strategic|
-|unknownFutureValue|
+| Member |
+| :-- |
+| regular |
+| quick |
+| strategic |
+| unknownFutureValue |
### searchAlterationType values
-| Member |
-|:|
-|modification|
-|suggestion|
+| Member |
+| :-- |
+| modification |
+| suggestion |
### serviceHealthClassificationType values
-|Member|
-|:|
-|advisory|
-|incident|
-|unknownFutureValue|
+| Member |
+| :-- |
+| advisory |
+| incident |
+| unknownFutureValue |
### serviceHealthOrigin values
-|Member|
-|:|
-|microsoft|
-|thirdParty|
-|customer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| microsoft |
+| thirdParty |
+| customer |
+| unknownFutureValue |
### featureTargetType values
-|Member|
-|:|
-|group|
-|administrativeUnit|
-|role|
-|unknownFutureValue|
+| Member |
+| :-- |
+| group |
+| administrativeUnit |
+| role |
+| unknownFutureValue |
### serviceHealthStatus values
-|Member|
-|:|
-|serviceOperational|
-|investigating|
-|restoringService|
-|verifyingService|
-|serviceRestored|
-|postIncidentReviewPublished|
-|serviceDegradation|
-|serviceInterruption|
-|extendedRecovery|
-|falsePositive|
-|investigationSuspended|
-|resolved|
-|mitigatedExternal|
-|mitigated|
-|resolvedExternal|
-|confirmed|
-|reported|
-|unknownFutureValue|
+| Member |
+| :-- |
+| serviceOperational |
+| investigating |
+| restoringService |
+| verifyingService |
+| serviceRestored |
+| postIncidentReviewPublished |
+| serviceDegradation |
+| serviceInterruption |
+| extendedRecovery |
+| falsePositive |
+| investigationSuspended |
+| resolved |
+| mitigatedExternal |
+| mitigated |
+| resolvedExternal |
+| confirmed |
+| reported |
+| unknownFutureValue |
### serviceUpdateCategory values
-|Member|
-|:|
-|preventOrFixIssue|
-|planForChange|
-|stayInformed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| preventOrFixIssue |
+| planForChange |
+| stayInformed |
+| unknownFutureValue |
### serviceUpdateSeverity values
-|Member|
-|:|
-|normal|
-|high|
-|critical|
-|unknownFutureValue|
+| Member |
+| :-- |
+| normal |
+| high |
+| critical |
+| unknownFutureValue |
### subjectRightsRequestStage values
-|Member|
-|:|
-|contentRetrieval|
-|contentReview|
-|generateReport|
-|contentDeletion|
-|caseResolved|
-|unknownFutureValue|
+| Member |
+| :-- |
+| contentRetrieval |
+| contentReview |
+| generateReport |
+| contentDeletion |
+| caseResolved |
+| unknownFutureValue |
### subjectRightsRequestStageStatus values
-|Member|
-|:|
-|notStarted|
-|current|
-|completed|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notStarted |
+| current |
+| completed |
+| failed |
+| unknownFutureValue |
### subjectRightsRequestStatus values
-|Member|
-|:|
-|active|
-|closed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| active |
+| closed |
+| unknownFutureValue |
### subjectRightsRequestType values
-|Member|
-|:|
-|export|
-|delete|
-|access|
-|tagForAction|
-|unknownFutureValue|
+| Member |
+| :-- |
+| export |
+| delete |
+| access |
+| tagForAction |
+| unknownFutureValue |
### dataSubjectType values
-|Member|
-|:|
-|customer|
-|currentEmployee|
-|formerEmployee|
-|prospectiveEmployee|
-|student|
-|teacher|
-|faculty|
-|other|
-|unknownFutureValue|
+| Member |
+| : |
+| customer |
+| currentEmployee |
+| formerEmployee |
+| prospectiveEmployee |
+| student |
+| teacher |
+| faculty |
+| other |
+| unknownFutureValue |
### advancedConfigState values
-|Member|
-|:|
-|default|
-|enabled|
-|disabled|
-|unknownFutureValue|
+| Member |
+| :-- |
+| default |
+| enabled |
+| disabled |
+| unknownFutureValue |
### callRecordingStatus values
-|Member|
-|:|
-|success|
-|failure|
-|initial|
-|chunkFinished|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| initial |
+| chunkFinished |
+| unknownFutureValue |
### payloadDeliveryPlatform values
-|Member|
-|:|
-|unknown|
-|sms|
-|email|
-|teams|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unknown |
+| sms |
+| email |
+| teams |
+| unknownFutureValue |
### trainingStatus values
-|Member|
-|:|
-|unknown|
-|assigned|
-|inProgress|
-|completed|
-|overdue|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unknown |
+| assigned |
+| inProgress |
+| completed |
+| overdue |
+| unknownFutureValue |
### teamworkCallEventType values
-|Member|
-|:|
-|call|
-|meeting|
-|screenShare|
-|unknownFutureValue|
+| Member |
+| :-- |
+| call |
+| meeting |
+| screenShare |
+| unknownFutureValue |
### bookingReminderRecipients values
-|Member|
-|:|
-|allAttendees|
-|staff|
-|customer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| allAttendees |
+| staff |
+| customer |
+| unknownFutureValue |
### bookingStaffRole values
-|Member|
-|:|
-|guest|
-|administrator|
-|viewer|
-|externalGuest|
-|unknownFutureValue|
-|scheduler|
-|teamMember|
+| Member |
+| :-- |
+| guest |
+| administrator |
+| viewer |
+| externalGuest |
+| unknownFutureValue |
+| scheduler |
+| teamMember |
### answerInputType values
-|Member|
-|:|
-|text|
-|radioButton|
-|unknownFutureValue|
+| Member |
+| :-- |
+| text |
+| radioButton |
+| unknownFutureValue |
### bookingPriceType values
-|Member|
-|:|
-|undefined|
-|fixedPrice|
-|startingAt|
-|hourly|
-|free|
-|priceVaries|
-|callUs|
-|notSet|
-|unknownFutureValue|
+| Member |
+| :-- |
+| undefined |
+| fixedPrice |
+| startingAt |
+| hourly |
+| free |
+| priceVaries |
+| callUs |
+| notSet |
+| unknownFutureValue |
### accessReviewHistoryStatus values
-| Member|
-|:--|
-|done|
-|inprogress|
-|error|
-|requested|
-|unknownFutureValue|
+| Member |
+| :-- |
+| done |
+| inprogress |
+| error |
+| requested |
+| unknownFutureValue |
### accessReviewHistoryDecisionFilter values
-| Member|
-|:--|
-|approve|
-|deny|
-|notReviewed|
-|dontKnow|
-|notNotified|
-|unknownFutureValue|
+| Member |
+| :-- |
+| approve |
+| deny |
+| notReviewed |
+| dontKnow |
+| notNotified |
+| unknownFutureValue |
-### authenticationProtocol values
+### weakAlgorithms values
|Member| |:|
-|wsFed|
-|saml|
+|rsaSha1|
+|unknownFutureValue|
+
+### authenticationProtocol values
+
+| Member |
+| :-- |
+| wsFed |
+| saml |
### longRunningOperationStatus values
-| Member|
-|:--|
-|notStarted|
-|running|
-|succeeded|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notStarted |
+| running |
+| succeeded |
+| failed |
+| unknownFutureValue |
### delegatedAdminAccessAssignmentStatus values
-|Member|
-|:|
-|pending|
-|active|
-|deleting|
-|deleted|
-|error|
-|unknownFutureValue|
+| Member |
+| :-- |
+| pending |
+| active |
+| deleting |
+| deleted |
+| error |
+| unknownFutureValue |
### delegatedAdminAccessContainerType values
-|Member|
-|:|
-|securityGroup|
-|unknownFutureValue|
+| Member |
+| :-- |
+| securityGroup |
+| unknownFutureValue |
### delegatedAdminRelationshipOperationType values
-|Member|
-|:|
-|delegatedAdminAccessAssignmentUpdate|
-|unknownFutureValue|
+| Member |
+| :-- |
+| delegatedAdminAccessAssignmentUpdate |
+| unknownFutureValue |
### delegatedAdminRelationshipRequestAction values
-|Member|
-|:|
-|lockForApproval|
-|terminate|
-|unknownFutureValue|
+| Member |
+| :-- |
+| lockForApproval |
+| terminate |
+| unknownFutureValue |
### delegatedAdminRelationshipRequestStatus values
-|Member|
-|:|
-|created|
-|pending|
-|succeeded|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| created |
+| pending |
+| succeeded |
+| failed |
+| unknownFutureValue |
### delegatedAdminRelationshipStatus values
-|Member|
-|:|
-|activating|
-|active|
-|approvalPending|
-|approved|
-|created|
-|expired|
-|expiring|
-|terminated|
-|terminating|
-|terminationRequested|
-|unknownFutureValue|
+| Member |
+| :- |
+| activating |
+| active |
+| approvalPending |
+| approved |
+| created |
+| expired |
+| expiring |
+| terminated |
+| terminating |
+| terminationRequested |
+| unknownFutureValue |
### onPremisesDirectorySynchronizationDeletionPreventionType values
-|Member|
-|:--|
-|disabled|
-|enabledForCount|
-|enabledForPercentage|
+| Member |
+| :- |
+| disabled |
+| enabledForCount |
+| enabledForPercentage |
### searchContent values
+| Member |
+| :-- |
+| sharedContent |
+| privateContent |
+| unknownFutureValue |
+
+### authenticationMethodsPolicyMigrationState values
+ |Member|
-|:|
-|sharedContent|
-|privateContent|
+|:--|
+|premigration|
+|migrationInProgress|
+|migrationComplete|
|unknownFutureValue|+
v1.0 Excel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/excel.md
Title: "Working with Excel in Microsoft Graph" description: "You can use Microsoft Graph to allow web and mobile applications to read and modify Excel workbooks stored in OneDrive for Business, SharePoint site or Group drive." ms.localizationpriority: high-+ ms.prod: "excel" doc_type: conceptualPageType
v1.0 Fido2authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/fido2authenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a FIDO2 authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
Represents a FIDO2 authentication methods policy. Authentication methods policie
## Properties |Property|Type|Description| |:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The authentication method policy identifier.| |isAttestationEnforced|Boolean|Determines whether attestation must be enforced for FIDO2 security key registration.| |isSelfServiceRegistrationAllowed|Boolean|Determines if users can register new FIDO2 security keys.|
The following is a JSON representation of the resource.
"keyRestrictions": { "@odata.type": "microsoft.graph.fido2KeyRestrictions" },
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
} ```
v1.0 Hashes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/hashes.md
In OneDrive for Business and SharePoint Server 2016, **sha1Hash** and **crc32Has
In OneDrive Personal, **quickXorHash** is not available.
-To calculate **quickXorHash** for a file, refer to the [QuickXorHash snippet](https://dev.onedrive.com/snippets/quickxorhash.htm).
+To calculate **quickXorHash** for a file, refer to the [QuickXorHash snippet](/onedrive/developer/code-snippets/quickxorhash).
For more information about the facets on a DriveItem, see [DriveItem](driveitem.md).
v1.0 Intune Apps Windowsappx https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/intune-apps-windowsappx.md
+
+ Title: "windowsAppX resource type"
+description: "Contains properties and inherited properties for Windows AppX Line Of Business apps."
+
+localization_priority: Normal
++
+# windowsAppX resource type
+
+Namespace: microsoft.graph
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Contains properties and inherited properties for Windows AppX Line Of Business apps.
++
+Inherits from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)
+
+## Methods
+|Method|Return Type|Description|
+|:|:|:|
+|[List windowsAppXs](../api/intune-apps-windowsappx-list.md)|[windowsAppX](../resources/intune-apps-windowsappx.md) collection|List properties and relationships of the [windowsAppX](../resources/intune-apps-windowsappx.md) objects.|
+|[Get windowsAppX](../api/intune-apps-windowsappx-get.md)|[windowsAppX](../resources/intune-apps-windowsappx.md)|Read properties and relationships of the [windowsAppX](../resources/intune-apps-windowsappx.md) object.|
+|[Create windowsAppX](../api/intune-apps-windowsappx-create.md)|[windowsAppX](../resources/intune-apps-windowsappx.md)|Create a new [windowsAppX](../resources/intune-apps-windowsappx.md) object.|
+|[Delete windowsAppX](../api/intune-apps-windowsappx-delete.md)|None|Deletes a [windowsAppX](../resources/intune-apps-windowsappx.md).|
+|[Update windowsAppX](../api/intune-apps-windowsappx-update.md)|[windowsAppX](../resources/intune-apps-windowsappx.md)|Update the properties of a [windowsAppX](../resources/intune-apps-windowsappx.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|displayName|String|The admin provided or imported title of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|description|String|The description of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|publisher|String|The publisher of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|largeIcon|[mimeContent](../resources/intune-shared-mimecontent.md)|The large icon, to be displayed in the app details and used for upload of the icon. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|createdDateTime|DateTimeOffset|The date and time the app was created. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|lastModifiedDateTime|DateTimeOffset|The date and time the app was last modified. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|isFeatured|Boolean|The value indicating whether the app is marked as featured by the admin. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|privacyInformationUrl|String|The privacy statement Url. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|informationUrl|String|The more information Url. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|owner|String|The owner of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|developer|String|The developer of the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|notes|String|Notes for the app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|publishingState|[mobileAppPublishingState](../resources/intune-apps-mobileapppublishingstate.md)|The publishing state for the app. The app cannot be assigned unless the app is published. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md). Possible values are: `notPublished`, `processing`, `published`.|
+|committedContentVersion|String|The internal committed content version. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|fileName|String|The name of the main Lob application file. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|size|Int64|The total size, including all uploaded files. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+|applicableArchitectures|[windowsArchitecture](../resources/intune-apps-windowsarchitecture.md)|The Windows architecture(s) on which this app can run. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`; default value is `none`. Possible values are: `none`, `x86`, `x64`, `arm`, `neutral`.|
+|identityName|String|The identity name of the uploaded app package. For example: "Contoso.DemoApp".|
+|identityPublisherHash|String|The identity publisher hash of the uploaded app package. This is the hash of the publisher from the manifest. For example: "AB82CD0XYZ".|
+|identityResourceIdentifier|String|The identity resource identifier of the uploaded app package. For example: "TestResourceId".|
+|isBundle|Boolean|When TRUE, indicates that the app is a bundle. When FALSE, indicates that the app is not a bundle. By default, property is set to FALSE.|
+|minimumSupportedOperatingSystem|[windowsMinimumOperatingSystem](../resources/intune-apps-windowsminimumoperatingsystem.md)|The value for the minimum applicable operating system. Valid values for a WindowsAppX app include `v8_0`, `v8_1` and `v10_0`. If the app is a bundle, the minimum supported OS has to be at least `v8_1`.|
+|identityVersion|String|The identity version of the uploaded app package. For example: "1.0.0.0".|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|categories|[mobileAppCategory](../resources/intune-apps-mobileappcategory.md) collection|The list of categories for this app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|assignments|[mobileAppAssignment](../resources/intune-apps-mobileappassignment.md) collection|The list of group assignments for this mobile app. Inherited from [mobileApp](../resources/intune-apps-mobileapp.md)|
+|contentVersions|[mobileAppContent](../resources/intune-apps-mobileappcontent.md) collection|The list of content versions for this app. Inherited from [mobileLobApp](../resources/intune-apps-mobilelobapp.md)|
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.windowsAppX"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.windowsAppX",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "publisher": "String",
+ "largeIcon": {
+ "@odata.type": "microsoft.graph.mimeContent",
+ "type": "String",
+ "value": "binary"
+ },
+ "createdDateTime": "String (timestamp)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "isFeatured": true,
+ "privacyInformationUrl": "String",
+ "informationUrl": "String",
+ "owner": "String",
+ "developer": "String",
+ "notes": "String",
+ "publishingState": "String",
+ "committedContentVersion": "String",
+ "fileName": "String",
+ "size": 1024,
+ "applicableArchitectures": "String",
+ "identityName": "String",
+ "identityPublisherHash": "String",
+ "identityResourceIdentifier": "String",
+ "isBundle": true,
+ "minimumSupportedOperatingSystem": {
+ "@odata.type": "microsoft.graph.windowsMinimumOperatingSystem",
+ "v8_0": true,
+ "v8_1": true,
+ "v10_0": true
+ },
+ "identityVersion": "String"
+}
+```
v1.0 Intune Apps Windowsappxappassignmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/intune-apps-windowsappxappassignmentsettings.md
Inherits from [mobileAppAssignmentSettings](../resources/intune-apps-mobileappas
## Properties |Property|Type|Description| |:|:|:|
-|useDeviceContext|Boolean|Whether or not to use device execution context for Windows AppX mobile app.|
+|useDeviceContext|Boolean|When TRUE, indicates that device execution context will be used for the AppX mobile app. When FALSE, indicates that user context will be used for the AppX mobile app. By default, this property is set to FALSE. Once this property has been set to TRUE it cannot be changed.|
## Relationships None
v1.0 Invitedusermessageinfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/invitedusermessageinfo.md
Title: "Configuring the invitation message"
+ Title: "invitedUserMessageInfo resource type"
description: "The invitedUserMessageInfo object allows you to configure the invitation message." ms.localizationpriority: medium
ms.prod: "identity-and-sign-in"
doc_type: resourcePageType
-# Configuring the invitation message
+# invitedUserMessageInfo resource type
Namespace: microsoft.graph
The invitedUserMessageInfo object allows you to configure the [invitation](invit
## Properties | Property | Type |Description| |:|:--|:-|
-|ccRecipients|[Recipient](recipient.md) collection|Additional recipients the invitation message should be sent to. Currently only 1 additional recipient is supported.|
+|ccRecipients|[recipient](recipient.md) collection|Additional recipients the invitation message should be sent to. Currently only 1 additional recipient is supported.|
|customizedMessageBody|String|Customized message body you want to send if you don't want the default message.| |messageLanguage|String|The language you want to send the default message in. If the customizedMessageBody is specified, this property is ignored, and the message is sent using the customizedMessageBody. The language format should be in ISO 639. The default is en-US.|
v1.0 Keycredential https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/keycredential.md
Title: "keyCredential resource type"
-description: "Contains a key credential associated with an application or a service principal. The **keyCredentials** property of the application and servicePrincipal entities is a collection of **keyCredential**."
+description: "Contains a key credential associated with an application or a service principal. The keyCredentials property of the application and servicePrincipal entities is a collection of keyCredential."
ms.localizationpriority: medium doc_type: resourcePageType ms.prod: "applications"
Namespace: microsoft.graph
Contains a key credential associated with an application or a service principal. The **keyCredentials** property of the [application](application.md) and [servicePrincipal](serviceprincipal.md) entities is a collection of **keyCredential**.
+To add a keyCredential using Microsoft Graph, see [Add a certificate to an app using Microsoft Graph](/graph/applications-how-to-add-certificate).
+ ## Properties | Property | Type |Description| |:|:--|:-|
v1.0 Keycredentialconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/keycredentialconfiguration.md
+
+ Title: "keyCredentialConfiguration resource type"
+description: "Key credential configuration complex type to configure key credential restriction, maxLifetime, and enforcement date"
+ms.localizationpriority: medium
+++
+# keyCredentialConfiguration resource type
+
+Namespace: microsoft.graph
+
+Key credential configuration object that contains properties to configure restrictions such as restricting the lifetime of key secrets.
+
+## Properties
+
+| Property | Type | Description |
+| :- | : | :-- |
+| restrictionType | appKeyCredentialRestrictionType | The type of restriction being applied. Possible values are `asymmetricKeyLifetime`, `unknownFutureValue`. Each value of restrictionType can be used only once per policy. |
+| maxLifeTime | Duration |Value that can be used as the maximum duration in days, hours, minutes, or seconds from the date of key creation, for which the key is valid. Defined in ISO 8601 format for Durations. For example, `P4DT12H30M5S` represents a duration of four days, twelve hours, thirty minutes, and five seconds. This property is required when **restrictionType** is set to `keyLifetime`. |
+| restrictForAppsCreatedAfterDateTime | DateTimeOffset | Timestamp when the policy is enforced for all apps created on or after the specified date. For existing applications, the enforcement date would be back dated. To apply to all applications regardless of their creation date, this property would be `null`. Nullable. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.keyCredentialConfiguration"
+}
+-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.keyCredentialConfiguration",
+ "restrictionType": {
+ "@odata.type": "microsoft.graph.appKeyCredentialRestrictionType"
+ },
+ "maxLifetime": "String (duration)",
+ "restrictForAppsCreatedAfterDateTime": "DateTimeOffset"
+}
+```
v1.0 Linkedresource https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/linkedresource.md
Title: "linkedResource resource type"
-description: "Represents the source of the todoTask"
+description: "Represents an item in a partner application related to a todoTask."
ms.localizationpriority: medium ms.prod: "outlook"
Represents an item in a partner application related to a [todoTask](./todotask.m
![Linked resource in task details pane](/graph/images/todo-linkedresource-taskdetail.png)
-Some **linkedResource** objects are not associated with any web URLs, in which case, the **webUrl** property is not required. For example, the linked item can be from a custom business app or native platform app, such as an SMS app on a mobile phone. Here is how a **linkedResource** appears with and without a URL.
+Some **linkedResource** objects are not associated with any web URLs, in which case, the **webUrl** property is not required. For example, the linked item can be from a custom business app or native platform app, such as an SMS app on a mobile phone. The following is how a **linkedResource** appears with and without a URL.
![Linked resource with and without URL](/graph/images/todo-linkedresource.png)
Some **linkedResource** objects are not associated with any web URLs, in which c
|[Create linkedResource](../api/todotask-post-linkedresources.md)|[linkedResource](../resources/linkedresource.md)|Create a new linkedResources object.| |[Get linkedResource](../api/linkedresource-get.md)|[linkedResource](../resources/linkedresource.md)|Read the properties and relationships of a [linkedResource](../resources/linkedresource.md) object.| |[Update linkedResource](../api/linkedresource-update.md)|[linkedResource](../resources/linkedresource.md)|Update the properties of a [linkedResource](../resources/linkedresource.md) object.|
-|[Delete linkedResource](../api/linkedresource-delete.md)|None|Deletes a [linkedResource](../resources/linkedresource.md) object.|
+|[Delete linkedResource](../api/linkedresource-delete.md)|None|Delete a [linkedResource](../resources/linkedresource.md) object.|
## Properties |Property|Type|Description| |:|:|:|
-|applicationName|String|Field indicating the app name of the source that is sending the **linkedResource**.|
-|displayName|String|Field indicating the title of the **linkedResource**.|
-|externalId|String|Id of the object that is associated with this task on the third-party/partner system.|
+|applicationName|String|The app name of the source that sends the **linkedResource**.|
+|displayName|String|The title of the **linkedResource**.|
+|externalId|String|ID of the object that is associated with this task on the third-party/partner system.|
|id|String|Server generated ID for the **linkedResource**. Inherited from [entity](../resources/entity.md).| |webUrl|String|Deep link to the **linkedResource**.|
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.linkedResource",
- "id": "String (identifier)",
- "webUrl": "String",
"applicationName": "String", "displayName": "String",
- "externalId": "String"
+ "externalId": "String",
+ "id": "String (identifier)",
+ "webUrl": "String"
} ```---
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/microsoftauthenticatorauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Microsoft Authenticator authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
Represents a Microsoft Authenticator authentication methods policy. Authenticati
## Properties |Property|Type|Description| |:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The authentication method policy identifier.| |featureSettings|[microsoftAuthenticatorFeatureSettings](../resources/microsoftauthenticatorfeaturesettings.md)|A collection of Microsoft Authenticator settings such as application context and location context, and whether they are enabled for all users or specific users only.| |state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration", "id": "String (identifier)",
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
+ "featureSettings": {
+ "@odata.type": "microsoft.graph.microsoftAuthenticatorFeatureSettings"
+ }
} ```
v1.0 Passwordcredentialconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/passwordcredentialconfiguration.md
+
+ Title: "passwordCredentialConfiguration resource type"
+description: "Password credential configuration complex type to configure password credential restriction, maxLifetime, and enforcement date"
+
+ms.localizationpriority: medium
++
+# passwordCredentialConfiguration resource type
+
+Namespace: microsoft.graph
+
+Password credential configuration object that contains properties to configure restrictions such as blocking or restricting lifetimes of password secrets.
+
+## Properties
+
+| Property | Type | Description |
+| :- | : | : |
+| restrictionType | appCredentialRestrictionType | The type of restriction being applied. The possible values are: `passwordAddition`, `passwordLifetime`, `symmetricKeyAddition`, `symmetricKeyLifetime`,`customPasswordAddition`, `unknownFutureValue`. Each value of restrictionType can be used only once per policy. |
+| maxLifeTime | Duration | Value that can be used as the maximum number for setting password expiration time in days, hours, minutes or seconds. Defined in ISO 8601 format for Durations. For example, "P4DT12H30M5S" represents a duration of four days, twelve hours, thirty minutes, and five seconds. This property is required when restriction type is set to `passwordLifetime`. |
+| restrictForAppsCreatedAfterDateTime | DateTimeOffset | Enforces the policy for an app created on or after the enforcement date. For existing applications, the enforcement date would be back dated. To apply to all applications, enforcement datetime would be `null`. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.passwordCredentialConfiguration"
+}
+-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.passwordCredentialConfiguration",
+ "restrictionType": {
+ "@odata.type": "microsoft.graph.appCredentialRestrictionType"
+ },
+ "maxLifetime": "String (duration)",
+ "restrictForAppsCreatedAfterDateTime": "DateTimeOffset"
+}
+```
v1.0 Policyroot https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/policyroot.md
None
|:|:-|:| | activityBasedTimeoutPolicies | [activityBasedTimeoutPolicy](activitybasedtimeoutpolicy.md) collection | The policy that controls the idle time out for web sessions for applications. | | adminConsentRequestPolicy | [adminConsentRequestPolicy](adminconsentrequestpolicy.md) | The policy by which consent requests are created and managed for the entire tenant. |
+| appManagementPolicies | [appManagementPolicy](appmanagementpolicy.md) collection | The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy. |
| authenticationFlowsPolicy | [authenticationFlowsPolicy](authenticationflowspolicy.md) | The policy configuration of the self-service sign-up experience of external users. | | authenticationMethodsPolicy | [authenticationMethodsPolicy](authenticationmethodspolicy.md) | The authentication methods and the users that are allowed to use them to sign in and perform multi-factor authentication (MFA) in Azure Active Directory (Azure AD). | | authorizationPolicy | [authorizationPolicy](authorizationpolicy.md) collection | The policy that controls Azure AD authorization settings. | | claimsMappingPolicies | [claimsMappingPolicy](claimsmappingpolicy.md) collection | The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application. | | conditionalAccessPolicies | [conditionalAccessPolicy](conditionalaccesspolicy.md) | The custom rules that define an access scenario. | | crossTenantAccessPolicy | [crossTenantAccessPolicy](crosstenantaccesspolicy.md) | The custom rules that define an access scenario when interacting with external Azure AD tenants. |
+| defaultAppManagementPolicy | [tenantAppManagementPolicy](tenantappmanagementpolicy.md) | The tenant-wide policy that enforces app management restrictions for all applications and service principals. |
| featureRolloutPolicies | [featureRolloutPolicy](featurerolloutpolicy.md) collection | The feature rollout policy associated with a directory object. | | homeRealmDiscoveryPolicies | [homeRealmDiscoveryPolicy](homerealmdiscoverypolicy.md) collection | The policy to control Azure AD authentication behavior for federated users. | | identitySecurityDefaultsEnforcementPolicy | [identitySecurityDefaultsEnforcementPolicy](identitysecuritydefaultsenforcementpolicy.md) | The policy that represents the security defaults that protect against common attacks. |
v1.0 Quota https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/quota.md
Title: quota ms.localizationpriority: medium
-description: "The quota resource provides details about space constrains on a drive resource."
+description: "The quota resource provides details about space constraints on a drive resource."
ms.prod: files doc_type: resourcePageType
doc_type: resourcePageType
Namespace: microsoft.graph
-The **quota** resource provides details about space constrains on a [drive](drive.md) resource.
+The **quota** resource provides details about space constraints on a [drive](drive.md) resource. In OneDrive Personal, the values reflect the total/used unified storage quota across multiple Microsoft services.
## JSON representation
v1.0 Requestsignatureverification https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/requestsignatureverification.md
+
+ Title: "requestSignatureVerification resource type"
+description: "Specifies whether this application requires Azure AD to verify the signed authentication requests."
+
+ms.localizationpriority: medium
++
+# requestSignatureVerification resource type
+
+Namespace: microsoft.graph
+
+Specifies whether this application requires Azure AD to verify the signed authentication requests.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|allowedWeakAlgorithms|weakAlgorithms|Specifies which weak algorithms are allowed. <br><br> The possible values are: `rsaSha1`, `unknownFutureValue`.|
+|isSignedRequestRequired|Boolean|Specifies whether signed authentication requests for this application should be required.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.requestSignatureVerification"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.requestSignatureVerification",
+ "isSignedRequestRequired": "Boolean",
+ "allowedWeakAlgorithms": "String"
+}
+```
+
v1.0 Security Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/security-api-overview.md
Alerts from the following providers are available via this **alert** resource. S
| Security provider | <p align="center">GET alert</p>| <p align="center">PATCH alert</p>| <p align="center">Subscribe to alert</p>| |:|:|:--|:|
-|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) ****| <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
+|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
|Microsoft 365 <ul><li> [Default](/office365/securitycompliance/alert-policies#default-alert-policies)</li> <li>[Cloud App Security](/office365/securitycompliance/anomaly-detection-policies-in-ocas)</li><li>Custom Alert</li></ul> | <p align="center">&#x2713;</p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | | [Microsoft Defender for Cloud Apps](/cloud-app-security/monitor-alerts) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> | |[Microsoft Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/attack-simulations) **| <p align="center">&#x2713;</p> | <p align="center">&#x2713;</p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> |
Alerts from the following providers are available via this **alert** resource. S
\*\*\* Microsoft Defender for Identity alerts are available via the Microsoft Defender for Cloud Apps integration. This means you will get Microsoft Defender for Identity alerts only if you have joined Unified SecOps and connected Microsoft Defender for Identity into Microsoft Defender for Cloud Apps. Learn more about [how to integrate Microsoft Defender for Identity and Microsoft Defender for Cloud Apps](/defender-for-identity/mcas-integration).
-\*\*\*\* Azure AD Identity Protection alerts only include user object IDs. The **userPrincipalName** (UPN) property is not included in GET request responses. This issue does not impact any of the other providers. For details and a workaround, see [Known issues](/graph/known-issues#upn-missing-in-identity-protection-security-alerts).
- ## Attack simulation and training [Attack simulation and training](/microsoft-365/security/office-365-security/attack-simulation-training) is part of [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-worldwide&preserve-view=true). This service lets users in a tenant experience a realistic benign phishing attack and learn from it. Social engineering simulation and training experiences for end users help reduce the risk of users being breached via those attack techniques. The attack simulation and training API enables tenant administrators to view launched [simulation](simulation.md) exercises and trainings, and get [reports](report-m365defender-reports-overview.md) on derived insights into online behaviors of users in the phishing simulations.
v1.0 Service Communications Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/service-communications-api-overview.md
For more information about access tokens, app registration, and delegated and ap
Delegated permissions are needed to access the service communications API on behalf of a signed-in user. Customer-facing canvas applications, such as the [Microsoft 365 admin center](https://admin.microsoft.com/Adminportal/Home?source=applauncher#/homepage) (accessible only to admin roles), can call the service communications API to get the service health and service announcements data for the signed-in user's tenant, _on behalf of the signed-in user_. Users can find out whether their subscribed servies are healthy or have issues. They can also learn about any current service issues affecting their tenants.
+#### Role-based access control for delegation access
+
+Service communications API also apply the role-based access control (RBAC) to identify whether the signed-in user who is on-behalf has required Azure Active Directory (AAD) role. The signed-in user who is on-behalf of must have at least one of the admin roles.
+
+For more information about the AAD administrator roles, see:
+* [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles)
+* [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference)
+* [Roles in Microsoft 365, including Azure AD, service-specific and cross-service roles](/azure/active-directory/roles/concept-understand-roles#how-azure-ad-roles-are-different-from-other-microsoft-365-roles)
++ ### Access service communications API without user Application permissions are needed to access the service communications API without a signed-in user. Applications that run as backend services, such as monitoring or alert services, can call the service communications API with their own identity and not on behalf of a user. These backend services can build custom monitoring/alert pipelines and call the service communications API to get service health and service announcements data.
The service communications API is available on Microsoft Graph national clouds.
|Microsoft Graph global service| https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/| |Microsoft Graph for US Government L4 (GccHigh)|https://graph.microsoft.us/v1.0/admin/serviceAnnouncement/| |Microsoft Graph for US Government L5 (DoD)|https://dod-graph.microsoft.us/v1.0/admin/serviceAnnouncement/|
-|Microsoft Graph Germany|https://graph.microsoft.de/v1.0/admin/serviceAnnouncement/|
|Microsoft Graph China operated by 21Vianet|https://microsoftgraph.chinacloudapi.cn/v1.0/admin/serviceAnnouncement/| For details about national cloud availability, see [Microsoft Graph national clouds](/graph/deployments).
v1.0 Serviceprincipal https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/serviceprincipal.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|servicePrincipalNames|String collection|Contains the list of **identifiersUris**, copied over from the associated [application](application.md). Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Azure AD. For example,<ul><li>Client apps can specify a resource URI which is based on the values of this property to acquire an access token, which is the URI returned in the ΓÇ£audΓÇ¥ claim.</li></ul><br>The any operator is required for filter expressions on multi-valued properties. Not nullable. <br><br> Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).| |servicePrincipalType|String|Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Azure AD internally. The **servicePrincipalType** property can be set to three different values: <ul><li>__Application__ - A service principal that represents an application or service. The **appId** property identifies the associated app registration, and matches the **appId** of an [application](application.md), possibly from a different tenant. If the associated app registration is missing, tokens are not issued for the service principal.</li><li>__ManagedIdentity__ - A service principal that represents a [managed identity](/azure/active-directory/managed-identities-azure-resources/overview). Service principals representing managed identities can be granted access and permissions, but cannot be updated or modified directly.</li><li>__Legacy__ - A service principal that represents an app created before app registrations, or through legacy experiences. Legacy service principal can have credentials, service principal names, reply URLs, and other properties which are editable by an authorized user, but does not have an associated app registration. The **appId** value does not associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.</li><li>__SocialIdp__ - For internal use. </ul>| | signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. Read-only. <br><br>Supported values are:<ul><li>`AzureADMyOrg`: Users with a Microsoft work or school account in my organizationΓÇÖs Azure AD tenant (single-tenant).</li><li>`AzureADMultipleOrgs`: Users with a Microsoft work or school account in any organizationΓÇÖs Azure AD tenant (multi-tenant).</li><li>`AzureADandPersonalMicrosoftAccount`: Users with a personal Microsoft account, or a work or school account in any organizationΓÇÖs Azure AD tenant.</li><li>`PersonalMicrosoftAccount`: Users with a personal Microsoft account only.</li></ul> |
-|tags|String collection| Custom strings that can be used to categorize and identify the service principal. Not nullable. <br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`). |
+|tags|String collection| Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated [application](application.md) entity's **tags** property.<br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`). |
| tokenEncryptionKeyId |String|Specifies the keyId of a public key from the keyCredentials collection. When configured, Azure AD issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.| | verifiedPublisher | [verifiedPublisher](verifiedPublisher.md) | Specifies the verified publisher of the application which this service principal represents.
This resource supports using [delta query](/graph/delta-query-overview) to track
| Relationship | Type |Description| |:|:--|:-|
+|appManagementPolicies|[appManagementPolicy](../resources/appManagementPolicy.md) collection| The appManagementPolicy applied to this application.|
|appRoleAssignedTo|[appRoleAssignment](approleassignment.md)|App role assignments for this app or service, granted to users, groups, and other service principals. Supports `$expand`.| |appRoleAssignments|[appRoleAssignment](approleassignment.md) collection|App role assignment for another app or service, granted to this service principal. Supports `$expand`.| |claimsMappingPolicies|[claimsMappingPolicy](claimsmappingpolicy.md) collection|The claimsMappingPolicies assigned to this service principal. Supports `$expand`.|
v1.0 Signinactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/signinactivity.md
+
+ Title: "signInActivity resource type"
+description: "Provides the last interactive or non-interactive sign-in time for a specific user."
+ms.localizationpriority: medium
+++
+# signInActivity resource type
+
+Namespace: microsoft.graph
+
+Provides the last interactive or non-interactive sign-in time for a specific [user](user.md). Since signInActivity describes a property of the user object, Azure AD stores sign in activity for your users for as long as the user object exists.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+|lastSignInDateTime|DateTimeOffset|The last interactive sign-in date and time for a specific user. You can use this field to calculate the last time a user signed in to the directory with an interactive authentication method. This field can be used to build reports, such as inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains interactive sign-ins going back to April 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
+|lastSignInRequestId|String|Request identifier of the last interactive sign-in performed by this user.|
+|lastNonInteractiveSignInDateTime|DateTimeOffset|The last non-interactive sign-in date for a specific user. You can use this field to calculate the last time a client signed in to the directory on behalf of a user. Because some users may use clients to access tenant resources rather than signing into your tenant directly, you can use the non-interactive sign-in date to along with lastSignInDateTime to identify inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains non-interactive sign-ins going back to May 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
+|lastNonInteractiveSignInRequestId|String|Request identifier of the last non-interactive sign-in performed by this user.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.signInActivity",
+ "baseType": null
+}-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.signInActivity",
+ "lastSignInDateTime": "String (timestamp)",
+ "lastSignInRequestId": "String",
+ "lastNonInteractiveSignInDateTime": "String (timestamp)",
+ "lastNonInteractiveSignInRequestId": "String"
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "signInActivity resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Smsauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/smsauthenticationmethodconfiguration.md
+
+ Title: "smsAuthenticationMethodConfiguration resource type"
+description: "Represents a text message authentication methods policy."
+
+ms.localizationpriority: medium
++
+# smsAuthenticationMethodConfiguration resource type
+
+Namespace: microsoft.graph
+
+Represents a text message authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get](../api/smsauthenticationmethodconfiguration-get.md)|[smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md)|Read the properties and relationships of a smsAuthenticationMethodConfiguration object.|
+|[Update](../api/smsauthenticationmethodconfiguration-update.md)|None|Update the properties of a smsAuthenticationMethodConfiguration object.|
+|[Delete](../api/smsauthenticationmethodconfiguration-delete.md)|None|Reverts the smsAuthenticationMethodConfiguration object to its default configuration.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|id|String|The authentication method policy identifier.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|includeTargets|[smsAuthenticationMethodTarget](../resources/smsauthenticationmethodtarget.md) collection|A collection of groups that are enabled to use the authentication method.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.smsAuthenticationMethodConfiguration",
+ "baseType": "microsoft.graph.authenticationMethodConfiguration",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "String (identifier)",
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
+}
+```
+
v1.0 Smsauthenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/smsauthenticationmethodtarget.md
+
+ Title: "smsAuthenticationMethodTarget resource type"
+description: "A collection of groups enabled to use the text message authentication methods policy."
+
+ms.localizationpriority: medium
++
+# smsAuthenticationMethodTarget resource type
+Namespace: microsoft.graph
+
+A collection of groups enabled to use the [text message authentication methods policy](../resources/smsAuthenticationMethodConfiguration.md) in Azure AD.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Object ID of an Azure AD user or group.|
+|isRegistrationRequired|Boolean|Determines whether the user is enforced to register the authentication method. **Not supported**.|
+|isUsableForSignIn|Boolean|Determines if users can use this authentication method to sign in to Azure AD. `true` if users can use this method for primary authentication, otherwise `false`.|
+|targetType|authenticationMethodTargetType|Possible values are: `user`, `group`, and `unknownFutureValue`. From December 2022, targeting individual users using `user` is no longer recommended. Existing targets will remain but we recommend to move the individual users to a targeted group. Inherited from [authenticationMethodTarget](authenticationMethodTarget.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.smsAuthenticationMethodTarget",
+ "baseType": "microsoft.graph.authenticationMethodTarget",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodTarget",
+ "id": "String (identifier)",
+ "targetType": "String",
+ "isRegistrationRequired": "Boolean",
+ "isUsableForSignIn": "Boolean"
+}
+```
+
v1.0 Softwareoathauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/softwareoathauthenticationmethodconfiguration.md
+
+ Title: "softwareOathAuthenticationMethodConfiguration resource type"
+description: "Represents the authentication policy for a third-party software OATH authentication method."
+
+ms.localizationpriority: medium
++
+# softwareOathAuthenticationMethodConfiguration resource type
+
+Namespace: microsoft.graph
+
+Represents the authentication policy for a third-party software OATH authentication method. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
++
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get softwareOathAuthenticationMethodConfiguration](../api/softwareoathauthenticationmethodconfiguration-get.md)|[softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md)|Read the properties and relationships of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object.|
+|[Update softwareOathAuthenticationMethodConfiguration](../api/softwareoathauthenticationmethodconfiguration-update.md)|None|Update the properties of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object.|
+|[Delete softwareOathAuthenticationMethodConfiguration](../api/softwareoathauthenticationmethodconfiguration-delete.md)|None|Reverts the [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object to its default configuration.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|id|String|The authentication method policy identifier.|
+|state|authenticationMethodState|Represents whether users can register this authentication method. The possible values are: `enabled`, `disabled`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|includeTargets|[authenticationMethodTarget](../resources/authenticationmethodtarget.md) collection| A collection of groups that are enabled to use the authentication method. Expanded by default.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "baseType": "microsoft.graph.authenticationMethodConfiguration",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "id": "String (identifier)",
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
+}
+```
+
v1.0 Subscription https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/subscription.md
For the possible resource path values for each supported resource, see [Use the
### Maximum length of subscription per resource type
-| Resource | Maximum expiration time |
-|:--|:-|
-| Security **alert** | 43200 minutes (under 30 days) |
-| Teams **callRecord** | 4230 minutes (under 3 days) |
-| Teams **channel** | 60 minutes (1 hour) |
-| Teams **chat** | 60 minutes (1 hour) |
-| Teams **chatMessage** | 60 minutes (1 hour) |
-| Teams **conversationMember** | 60 minutes (1 hour) |
-| Teams **team** | 60 minutes (1 hour) |
-| Group **conversation** | 4230 minutes (under 3 days) |
-| OneDrive **driveItem** | 42300 minutes (under 30 days) |
-| SharePoint **list** | 42300 minutes (under 30 days) |
-| Outlook **message**, **event**, **contact** | 4230 minutes (under 3 days) |
-| **user**, **group**, other directory resources | 41760 minutes (under 29 days) |
-| **presence** | 60 minutes (1 hour) |
-| Print **printer** | 4230 minutes (under 3 days) |
-| Print **printTaskDefinition** | 4230 minutes (under 3 days) |
-| **todoTask** | 4230 minutes (under 3 days) |
---
-> **Note:** Existing applications and new applications should not exceed the supported value. In the future, any requests to create or renew a subscription beyond the maximum value will fail.
## Relationships
Here is a JSON representation of the resource.
"notificationQueryOptions": "String", "notificationUrlAppId": "String" }
-```
+```
v1.0 Teamworktag https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/teamworktag.md
Inherits from [entity](../resources/entity.md).
## Properties |Property|Type|Description| |:|:|:|
-|description|String|The description of the tag as it will appear to the user in Microsoft Teams.|
+|description|String|The description of the tag as it will appear to the user in Microsoft Teams. A **teamworkTag** can't have more than 200 **teamworkTagMembers**.|
|displayName|String|The name of the tag as it will appear to the user in Microsoft Teams.| |id|String|The unique identifier for the tag. Inherited from [entity](../resources/entity.md).| |memberCount|Int32|The number of users assigned to the tag.|
The following is a JSON representation of the resource.
``` ## See also-- [teamworkTagMember](../resources/teamworktagmember.md)
+- [teamworkTagMember](../resources/teamworktagmember.md)
v1.0 Teamworkuseridentity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/teamworkuseridentity.md
Inherits from [identity](../resources/identity.md).
|displayName|String|Inherited from [identity](../resources/identity.md). Display name of the user. Optional.| |id|String|Inherited from [identity](../resources/identity.md). ID of the user. | |userIdentityType|teamworkUserIdentityType| Type of user. Possible values are: `aadUser`, `onPremiseAadUser`, `anonymousGuest`, `federatedUser`, `personalMicrosoftAccountUser`, `skypeUser`, `phoneUser`, `unknownFutureValue` and `emailUser`.|
+|tenantId|String|Identifier of tenant, which user is part of. Optional. |
## Relationships None.
v1.0 Temporaryaccesspassauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/temporaryaccesspassauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Temporary Access Pass authentication methods policy that defines the configuration settings and users or groups who are enabled to use the [Temporary Access Pass authentication method](temporaryaccesspassauthenticationmethod.md).
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
Represents a Temporary Access Pass authentication methods policy that defines th
|:|:|:| |defaultLength|Int|Default length in characters of a Temporary Access Pass object. Must be between 8 and 48 characters.| |defaultLifetimeInMinutes|Int|Default lifetime in minutes for a Temporary Access Pass. Value can be any integer between the **minimumLifetimeInMinutes** and **maximumLifetimeInMinutes**.|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The identifier of the authentication method policy. Inherited from [entity](entity.md).| |isUsableOnce|Boolean |If `true`, all the passes in the tenant will be restricted to one-time use. If `false`, passes in the tenant can be created to be either one-time use or reusable.| |maximumLifetimeInMinutes|Int|Maximum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 minutes (equivalent to 30 days).|
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration", "id": "String (identifier)", "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
"defaultLifetimeInMinutes": "Integer", "defaultLength": "Integer", "minimumLifetimeInMinutes": "Integer",
v1.0 Tenantappmanagementpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/tenantAppManagementPolicy.md
+
+ Title: "tenantAppManagementPolicy resource type"
+description: "Tenant-wide application authentication method policy to enforce app management restrictions for all applications and service principals."
+
+ms.localizationpriority: medium
++
+# tenantAppManagementPolicy resource type
+
+Namespace: microsoft.graph
+
+Tenant-wide application authentication method policy to enforce app management restrictions for all applications and service principals. This policy applies to all apps and service principals unless overridden when an [appManagementPolicy](../resources/appmanagementpolicy.md) is applied to the object.
+
+Inherits from [policyBase](policybase.md).
+
+## Methods
+
+| Method | Return type | Description |
+| : | : | :- |
+| [Get](../api/tenantAppManagementPolicy-get.md) | [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) | Read the properties of the default app management policy set for applications and service principals. |
+| [Update](../api/tenantAppManagementPolicy-update.md) | None | Updates the default app management policy for applications and service principals. |
+
+## Properties
+
+| Property | Type | Description |
+| : | :-- | :- |
+| applicationRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all application objects in the tenant. |
+| description | String | The description of the default policy. Inherited from [policyBase](policybase.md). |
+| displayName | String | The display name of the default policy. Inherited from [policyBase](policybase.md). |
+| id | String | The default policy identifier. |
+| isEnabled | Boolean | Denotes whether the policy is enabled. Default value is `false`. |
+| servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.tenantAppManagementPolicy",
+ "baseType": "microsoft.graph.policyBase",
+ "openType": false
+}
+-->
+
+```json
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/defaultAppManagementPolicy",
+ "id": "string (identifier)",
+ "description": "string",
+ "displayName": "string",
+ "isEnabled": false,
+ "applicationRestrictions": {
+ "@odata.type":"microsoft.graph.appManagementConfiguration"
+ },
+ "servicePrincipalRestrictions": {
+ "@odata.type":"microsoft.graph.appManagementConfiguration"
+ }
+}
+```
v1.0 Tokenlifetimepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/tokenlifetimepolicy.md
Inherits from [stsPolicy](stsPolicy.md).
| [Update tokenLifetimePolicy](../api/tokenlifetimepolicy-update.md) | None | Update a tokenLifetimePolicy object. | | [Delete tokenLifetimePolicy](../api/tokenlifetimepolicy-delete.md) | None | Delete a tokenLifetimePolicy object. | | [List appliesTo](../api/tokenlifetimepolicy-list-appliesto.md) | [directoryObject](directoryobject.md) collection | Get the list of directoryObjects that this policy has been applied to. |
+| [Assign tokenLifetimePolicy](../api/application-post-tokenlifetimepolicies.md) | None | Assign a tokenLifetimePolicy object to an [application](application.md) or [servicePrincipal](serviceprincipal.md) object. |
+| [List assigned tokenLifetimePolicy](../api/application-list-tokenlifetimepolicies.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) collection | List the tokenLifetimePolicy objects that are assigned to an [application](application.md) or [servicePrincipal](serviceprincipal.md) object. |
+| [Remove tokenLifetimePolicy](../api/application-delete-tokenlifetimepolicies.md) | None | Remove a tokenLifetimePolicy object from an [application](application.md) or [servicePrincipal](serviceprincipal.md) object. |
## Properties
Inherits from [stsPolicy](stsPolicy.md).
|id|String| Unique identifier for this policy. Read-only.| |isOrganizationDefault|Boolean|If set to `true`, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is `false`.| - ### Properties of a token lifetime policy definition+ The properties below form the JSON object that represents a token lifetime policy. This JSON object must be **converted to a string with quotations escaped** to be inserted into the **definition** property. An example is shown below in JSON format: <!-- {
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/user.md
This resource supports:
|schools|String collection|A list for the user to enumerate the schools they have attended. <br><br>Returned only on `$select`.| |securityIdentifier| String | Security identifier (SID) of the user, used in Windows scenarios. <br><br>Read-only. Returned by default. <br>Supports `$select` and `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`). | |showInAddressList|Boolean|**Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead.** Represents whether the user should be included in the Outlook global address list. See [Known issue](/graph/known-issues#showinaddresslist-property-is-out-of-sync-with-microsoft-exchange).|
+|signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties. <br><br>**Note:** <br/><li>Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<li>When you specify `$select=signInActivity` or `$filter=signInActivity` while [listing users](../api/user-list.md), the maximum page size is 120 users. Requests with `$top` set higher than 120 will fail. Requests with $top set higher than 120 will fail.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
|signInSessionsValidFromDateTime|DateTimeOffset| Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. Read-only. Use [revokeSignInSessions](../api/user-revokesigninsessions.md) to reset. <br><br>Returned only on `$select`.| |skills|String collection|A list for the user to enumerate their skills. <br><br>Returned only on `$select`.| |state|String|The state or province in the user's address. Maximum length is 128 characters. <br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values).|
The following is a JSON representation of the resource.
"schools": ["String"], "securityIdentifier": "String", "showInAddressList": true,
+ "signInActivity": {"@odata.type": "microsoft.graph.signInActivity"},
"signInSessionsValidFromDateTime": "String (timestamp)", "skills": ["String"], "state": "String",
v1.0 Voiceauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/voiceauthenticationmethodconfiguration.md
+
+ Title: "voiceAuthenticationMethodConfiguration resource type"
+description: "Represents a voice call authenticaiton methods policy"
+
+ms.localizationpriority: medium
++
+# voiceAuthenticationMethodConfiguration resource type
+
+Namespace: microsoft.graph
+
+Represents a voice call authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get voiceAuthenticationMethodConfiguration](../api/voiceauthenticationmethodconfiguration-get.md)|[voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md)|Read the properties and relationships of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object.|
+|[Update voiceAuthenticationMethodConfiguration](../api/voiceauthenticationmethodconfiguration-update.md)|None|Update the properties of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object.|
+|[Delete voiceAuthenticationMethodConfiguration](../api/voiceauthenticationmethodconfiguration-delete.md)|None|Revert the [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object to its default configuration.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|id|String|The authentication method policy identifier.|
+|isOfficePhoneAllowed|Boolean|`true` if users can register office phones, otherwise, `false`. |
+|state|authenticationMethodState|Represents whether users can register this authentication method. The possible values are: `enabled`, `disabled`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|includeTargets|[voiceAuthenticationMethodTarget](../resources/voiceauthenticationmethodtarget.md) collection|A collection of groups that are enabled to use the authentication method. Expanded by default.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "baseType": "microsoft.graph.authenticationMethodConfiguration",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "id": "String (identifier)",
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
+ "isOfficePhoneAllowed": "Boolean"
+}
+```
+
v1.0 Voiceauthenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/voiceauthenticationmethodtarget.md
+
+ Title: "voiceAuthenticationMethodTarget resource type"
+description: "A collection of groups enabled to use voice call authentication method via policy."
+
+ms.localizationpriority: medium
++
+# voiceAuthenticationMethodTarget resource type
+
+Namespace: microsoft.graph
+
+A collection of groups enabled to use voice call authentication via the [voice call authentication methods policy](../resources/voiceAuthenticationMethodConfiguration.md) in Azure AD.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Object ID of an Azure AD group.|
+|isRegistrationRequired|Boolean|Determines whether the user is enforced to register the authentication method. **Not supported**.|
+|targetType|authenticationMethodTargetType|Possible values are: `group`, and `unknownFutureValue`. From December 2022, targeting individual users using `user` is no longer recommended. Existing targets will remain but we recommend to move the individual users to a targeted group. Inherited from [authenticationMethodTarget](authenticationMethodTarget.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.voiceAuthenticationMethodTarget",
+ "baseType": "microsoft.graph.authenticationMethodTarget",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodTarget",
+ "id": "String (identifier)",
+ "targetType": "String",
+ "isRegistrationRequired": "Boolean"
+}
+```
+
v1.0 X509certificateauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/x509certificateauthenticationmethodconfiguration.md
Inherits from [authenticationMethodConfiguration](../resources/authenticationmet
|:|:|:| |authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. | |certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The identifier for the authentication method policy. The value is always `X509Certificate`. Inherited from |state|authenticationMethodState|The possible values are: `enabled`, `disabled`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
The following is a JSON representation of the resource.
{ "@odata.type": "microsoft.graph.x509CertificateUserBinding" }
+ ],
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
], "id": "String (identifier)", "state": "String"
v1.0 Toc.Yml https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/toc.yml a/api-reference/v1.0/toc.yml
items:
href: resources/intune-apps-win32lobappruleoperator.md - name: Win32 LOB app rule type href: resources/intune-apps-win32lobappruletype.md
+ - name: Windows AppX
+ href: resources/intune-apps-windowsappx.md
+ items:
+ - name: List
+ href: api/intune-apps-windowsappx-list.md
+ - name: Get
+ href: api/intune-apps-windowsappx-get.md
+ - name: Create
+ href: api/intune-apps-windowsappx-create.md
+ - name: Delete
+ href: api/intune-apps-windowsappx-delete.md
+ - name: Update
+ href: api/intune-apps-windowsappx-update.md
- name: Windows AppX app assignment settings href: resources/intune-apps-windowsappxappassignmentsettings.md - name: Windows architecture
items:
- name: Overview displayName: Azure AD, Microsoft identity platform, Identity and access href: resources/azure-ad-overview.md
- - name: Customer relationship management
- items:
- - name: Granular delegated admin privileges
- items:
- - name: Overview
- displayName: GDAP, Partner Center, CSP, VAR
- href: resources/delegatedadminrelationships-api-overview.md
- - name: Delegated admin relationships
- href: resources/delegatedadminrelationship.md
- items:
- - name: Create
- href: api/tenantrelationship-post-delegatedadminrelationships.md
- - name: List
- href: api/tenantrelationship-list-delegatedadminrelationships.md
- - name: Get
- href: api/delegatedadminrelationship-get.md
- - name: Update
- href: api/delegatedadminrelationship-update.md
- - name: Delete
- href: api/delegatedadminrelationship-delete.md
- - name: Delegated admin access assignments
- href: resources/delegatedadminaccessassignment.md
- items:
- - name: Create
- href: api/delegatedadminrelationship-post-accessassignments.md
- - name: List
- href: api/delegatedadminrelationship-list-accessassignments.md
- - name: Get
- href: api/delegatedadminaccessassignment-get.md
- - name: Update
- href: api/delegatedadminaccessassignment-update.md
- - name: Delete
- href: api/delegatedadminaccessassignment-delete.md
- - name: Delegated admin relationship requests
- href: resources/delegatedadminrelationshiprequest.md
- items:
- - name: Create
- href: api/delegatedadminrelationship-post-requests.md
- - name: List
- href: api/delegatedadminrelationship-list-requests.md
- - name: Get
- href: api/delegatedadminrelationshiprequest-get.md
- - name: Delegated admin relationship operations
- href: resources/delegatedadminrelationshipoperation.md
- items:
- - name: List
- href: api/delegatedadminrelationship-list-operations.md
- - name: Get
- href: api/delegatedadminrelationshipoperation-get.md
- - name: Delegated admin customer
- href: resources/delegatedadmincustomer.md
- items:
- - name: List
- href: api/tenantrelationship-list-delegatedadmincustomers.md
- - name: Get
- href: api/delegatedadmincustomer-get.md
- - name: Service management details
- href: resources/delegatedadminservicemanagementdetail.md
- items:
- - name: List
- href: api/delegatedadmincustomer-list-servicemanagementdetails.md
- name: Directory management items: - name: Administrative unit
items:
href: api/onpremisesdirectorysynchronization-get.md - name: Update href: api/onpremisesdirectorysynchronization-update.md
- - name: Identity and sign-in
+ - name: Governance
+ href: resources/identitygovernance-overview.md
+ displayName: Identity Governance, Access reviews, Entitlement Management, Terms of Use, Privileged Identity Management
items:
- - name: Authentication methods
+ - name: Access reviews
+ href: resources/accessreviewsv2-overview.md
items:
- - name: Overview
- href: resources/authenticationmethods-overview.md
- - name: Authentication methods
- href: resources/authenticationmethod.md
- items:
- - name: List
- href: api/authentication-list-methods.md
- - name: FIDO2 security keys
- href: resources/fido2authenticationmethod.md
- items:
- - name: List
- href: api/fido2authenticationmethod-list.md
- - name: Get
- href: api/fido2authenticationmethod-get.md
- - name: Delete
- href: api/fido2authenticationmethod-delete.md
- - name: Microsoft Authenticator
- href: resources/microsoftauthenticatorauthenticationmethod.md
+ - name: Access review schedule definition
+ href: resources/accessreviewscheduledefinition.md
items: - name: List
- href: api/microsoftauthenticatorauthenticationmethod-list.md
+ href: api/accessreviewset-list-definitions.md
- name: Get
- href: api/microsoftauthenticatorauthenticationmethod-get.md
+ href: api/accessreviewscheduledefinition-get.md
+ - name: Create
+ href: api/accessreviewset-post-definitions.md
- name: Delete
- href: api/microsoftauthenticatorauthenticationmethod-delete.md
- - name: Software OATH token
- href: resources/softwareOathAuthenticationMethod.md
+ href: api/accessreviewscheduledefinition-delete.md
+ - name: Update
+ href: api/accessreviewscheduledefinition-update.md
+ - name: Filter by current user
+ href: api/accessreviewscheduledefinition-filterbycurrentuser.md
+ - name: Access review instance
+ href: resources/accessreviewinstance.md
items: - name: List
- href: api/authentication-list-softwareoathmethods.md
+ href: api/accessreviewscheduledefinition-list-instances.md
- name: Get
- href: api/softwareOathAuthenticationMethod-get.md
- - name: Delete
- href: api/softwareOathAuthenticationMethod-delete.md
- - name: Windows Hello for Business
- href: resources/windowshelloforbusinessauthenticationmethod.md
+ href: api/accessreviewinstance-get.md
+ - name: Update
+ href: api/accessreviewinstance-update.md
+ - name: Filter by current user
+ href: api/accessreviewinstance-filterbycurrentuser.md
+ - name: Send reminder
+ href: api/accessreviewinstance-sendreminder.md
+ - name: Stop
+ href: api/accessreviewinstance-stop.md
+ - name: Accept recommendations
+ href: api/accessreviewinstance-acceptrecommendations.md
+ - name: Apply decisions
+ href: api/accessreviewinstance-applydecisions.md
+ - name: Batch record decisions
+ href: api/accessreviewinstance-batchrecorddecisions.md
+ - name: Reset decisions
+ href: api/accessreviewinstance-resetdecisions.md
+ - name: List contacted reviewers
+ href: api/accessreviewinstance-list-contactedreviewers.md
+ - name: Access review stage
+ href: resources/accessreviewstage.md
items: - name: List
- href: api/windowshelloforbusinessauthenticationmethod-list.md
+ href: api/accessreviewinstance-list-stages.md
- name: Get
- href: api/windowshelloforbusinessauthenticationmethod-get.md
- - name: Delete
- href: api/windowshelloforbusinessauthenticationmethod-delete.md
- - name: Phone
- href: resources/phoneauthenticationmethod.md
+ href: api/accessreviewstage-get.md
+ - name: Update
+ href: api/accessreviewstage-update.md
+ - name: Filter by current user
+ href: api/accessreviewstage-filterbycurrentuser.md
+ - name: Stop
+ href: api/accessreviewstage-stop.md
+ - name: Access review instance decision item
+ displayName: access review decisions
+ href: resources/accessreviewinstancedecisionitem.md
items:
- - name: List
- href: api/authentication-list-phonemethods.md
+ - name: List decisions from an instance
+ href: api/accessreviewinstance-list-decisions.md
+ - name: List decisions from a stage of an instance
+ href: api/accessreviewstage-list-decisions.md
+ - name: Filter by current user
+ href: api/accessreviewinstancedecisionitem-filterbycurrentuser.md
- name: Get
- href: api/phoneauthenticationmethod-get.md
+ href: api/accessreviewinstancedecisionitem-get.md
- name: Update
- href: api/phoneauthenticationmethod-update.md
- - name: Delete
- href: api/phoneauthenticationmethod-delete.md
- - name: Add
- href: api/authentication-post-phonemethods.md
- - name: Enable SMS sign-in
- href: api/phoneauthenticationmethod-enablesmssignin.md
- - name: Disable SMS sign-in
- href: api/phoneauthenticationmethod-disablesmssignin.md
- - name: Email
- href: resources/emailauthenticationmethod.md
+ href: api/accessreviewinstancedecisionitem-update.md
+ - name: Access review history definition
+ href: resources/accessreviewhistorydefinition.md
items:
+ - name: Get
+ href: api/accessreviewhistorydefinition-get.md
- name: List
- href: api/authentication-list-emailmethods.md
+ href: api/accessreviewset-list-historydefinitions.md
+ - name: Create
+ href: api/accessreviewset-post-historydefinitions.md
+ - name: Access review history instance
+ href: resources/accessreviewhistoryinstance.md
+ items:
+ - name: List
+ href: api/accessreviewhistorydefinition-list-instances.md
+ - name: Generate download URI
+ displayName: Downloadable access review history report
+ href: api/accessreviewhistoryinstance-generatedownloaduri.md
+ - name: Consent requests
+ href: resources/consentrequests-overview.md
+ items:
+ - name: Admin consent request policy
+ href: resources/adminconsentrequestpolicy.md
+ items:
- name: Get
- href: api/emailauthenticationmethod-get.md
+ href: api/adminconsentrequestpolicy-get.md
- name: Update
- href: api/emailauthenticationmethod-update.md
- - name: Delete
- href: api/emailauthenticationmethod-delete.md
- - name: Add
- href: api/authentication-post-emailmethods.md
- - name: Certificate-based auth configuration
- displayName: CBA
- href: resources/certificatebasedauthconfiguration.md
+ href: api/adminconsentrequestpolicy-update.md
+ - name: App consent requests
+ href: resources/appconsentrequest.md
items: - name: List
- href: api/certificatebasedauthconfiguration-list.md
- - name: Create
- href: api/certificatebasedauthconfiguration-post-certificatebasedauthconfiguration.md
+ href: api/appconsentapprovalroute-list-appconsentrequests.md
- name: Get
- href: api/certificatebasedauthconfiguration-get.md
- - name: Delete
- href: api/certificatebasedauthconfiguration-delete.md
- - name: Password
- href: resources/passwordauthenticationmethod.md
+ href: api/appconsentrequest-get.md
+ - name: Filter by current user
+ href: api/appconsentrequest-filterByCurrentUser.md
+ - name: User consent requests
+ href: resources/userconsentrequest.md
items: - name: List
- href: api/authentication-list-passwordmethods.md
+ href: api/appconsentrequest-list-userconsentrequests.md
- name: Get
- href: api/passwordauthenticationmethod-get.md
- - name: Reset
- href: api/authenticationmethod-resetpassword.md
- - name: Get operation status
- href: api/longrunningoperation-get.md
- - name: Temporary Access Pass
- displayName: TAP
- href: resources/temporaryaccesspassauthenticationmethod.md
+ href: api/userconsentrequest-get.md
+ - name: Filter by current user
+ href: api/userconsentrequest-filterByCurrentUser.md
+ - name: Entitlement management
+ href: resources/entitlementmanagement-overview.md
+ items:
+ - name: Access package
+ href: resources/accesspackage.md
items: - name: List
- href: api/authentication-list-temporaryaccesspassmethods.md
+ href: api/entitlementmanagement-list-accesspackages.md
- name: Create
- href: api/authentication-post-temporaryaccesspassmethods.md
+ href: api/entitlementmanagement-post-accesspackages.md
- name: Get
- href: api/temporaryaccesspassauthenticationmethod-get.md
+ href: api/accesspackage-get.md
+ - name: Update
+ href: api/accesspackage-update.md
- name: Delete
- href: api/temporaryaccesspassauthenticationmethod-delete.md
- - name: Conditional Access
- items:
- - name: Conditional Access
- href: resources/conditionalaccessroot.md
- - name: Policies
+ href: api/accesspackage-delete.md
+ - name: Filter by current user
+ href: api/accesspackage-filterbycurrentuser.md
+ - name: Get applicable policy requirements
+ href: api/accesspackage-getapplicablepolicyrequirements.md
+ - name: List incompatible access packages
+ href: api/accesspackage-list-incompatibleaccesspackages.md
+ - name: Add incompatible access package
+ href: api/accesspackage-post-incompatibleaccesspackage.md
+ - name: Remove incompatible access package
+ href: api/accesspackage-delete-incompatibleaccesspackage.md
+ - name: List incompatible groups
+ href: api/accesspackage-list-incompatiblegroups.md
+ - name: Add incompatible group
+ href: api/accesspackage-post-incompatiblegroup.md
+ - name: Remove incompatible group
+ href: api/accesspackage-delete-incompatiblegroup.md
+ - name: List access packages incompatible with
+ href: api/accesspackage-list-accesspackagesincompatiblewith.md
+ - name: Access package assignment
+ href: resources/accesspackageassignment.md
items:
- - name: Conditional Access policy
- href: resources/conditionalaccesspolicy.md
- name: List
- href: api/conditionalaccessroot-list-policies.md
- - name: Create
- href: api/conditionalaccessroot-post-policies.md
+ href: api/entitlementmanagement-list-assignments.md
- name: Get
- href: api/conditionalaccesspolicy-get.md
- - name: Update
- href: api/conditionalaccesspolicy-update.md
- - name: Delete
- href: api/conditionalaccesspolicy-delete.md
- - name: Named locations
+ href: api/accesspackageassignment-get.md
+ - name: Check additional access
+ href: api/accesspackageassignment-additionalaccess.md
+ - name: Filter by current user
+ href: api/accesspackageassignment-filterbycurrentuser.md
+ - name: Reprocess
+ href: api/accesspackageassignment-reprocess.md
+ - name: Access package assignment request approval
items:
- - name: Named location
+ - name: Approval
+ href: resources/approval.md
+ - name: Get
+ href: api/approval-get.md
+ - name: Filter by current user
+ href: api/approval-filterbycurrentuser.md
+ - name: Approval stage
items:
- - name: Named location
- href: resources/namedlocation.md
+ - name: Approval stage
+ href: resources/approvalstage.md
- name: List
- href: api/conditionalaccessroot-list-namedlocations.md
+ href: api/approval-list-stages.md
- name: Get
- href: api/namedlocation-get.md
- - name: Delete
- href: api/namedlocation-delete.md
- - name: Country named location
- items:
- - name: Country named location
- href: resources/countrynamedlocation.md
- - name: List
- href: api/conditionalaccessroot-list-namedlocations.md
- - name: Create
- href: api/conditionalaccessroot-post-namedlocations.md
- - name: Get
- href: api/countrynamedlocation-get.md
- - name: Update
- href: api/countrynamedlocation-update.md
- - name: Delete
- href: api/countrynamedlocation-delete.md
- - name: IP named location
- items:
- - name: IP named location
- href: resources/ipnamedlocation.md
- - name: List
- href: api/conditionalaccessroot-list-namedlocations.md
- - name: Create
- href: api/conditionalaccessroot-post-namedlocations.md
- - name: Get
- href: api/ipnamedlocation-get.md
- - name: Update
- href: api/ipnamedlocation-update.md
- - name: Delete
- href: api/ipnamedlocation-delete.md
- - name: Authentication context
+ href: api/approvalstage-get.md
+ - name: Update
+ href: api/approvalstage-update.md
+ - name: Access package assignment request
+ href: resources/accesspackageassignmentrequest.md
items:
- - name: Authentication context class reference
- href: resources/authenticationcontextclassreference.md
- name: List
- href: api/conditionalaccessroot-list-authenticationcontextclassreferences.md
- - name: Create or update
- href: api/authenticationcontextclassreference-update.md
+ href: api/entitlementmanagement-list-assignmentrequests.md
+ - name: Create
+ href: api/entitlementmanagement-post-assignmentrequests.md
- name: Get
- href: api/authenticationcontextclassreference-get.md
+ href: api/accesspackageassignmentrequest-get.md
- name: Delete
- href: api/authenticationcontextclassreference-delete.md
- - name: Templates
+ href: api/accesspackageassignmentrequest-delete.md
+ - name: Filter by current user
+ href: api/accesspackageassignmentrequest-filterbycurrentuser.md
+ - name: Cancel
+ href: api/accesspackageassignmentrequest-cancel.md
+ - name: Reprocess
+ href: api/accesspackageassignmentrequest-reprocess.md
+ - name: Access package catalog
+ href: resources/accesspackagecatalog.md
items:
- - name: Conditional access template
- href: resources/conditionalAccessTemplate.md
- name: List
- href: api/conditionalaccessroot-list-templates.md
+ href: api/entitlementmanagement-list-catalogs.md
+ - name: Create
+ href: api/entitlementmanagement-post-catalogs.md
- name: Get
- href: api/conditionalaccesstemplate-get.md
- - name: Cross-tenant access
- items:
- - name: Overview
- href: resources/crosstenantaccesspolicy-overview.md
- - name: Policy
+ href: api/accesspackagecatalog-get.md
+ - name: Update
+ href: api/accesspackagecatalog-update.md
+ - name: Delete
+ href: api/accesspackagecatalog-delete.md
+ - name: Connected organization
+ href: resources/connectedorganization.md
items:
- - name: Cross-tenant access policy
- href: resources/crosstenantaccesspolicy.md
+ - name: List
+ href: api/entitlementmanagement-list-connectedorganizations.md
+ - name: Create
+ href: api/entitlementmanagement-post-connectedorganizations.md
- name: Get
- href: api/crosstenantaccesspolicy-get.md
+ href: api/connectedorganization-get.md
- name: Update
- href: api/crosstenantaccesspolicy-update.md
- - name: Default settings
+ href: api/connectedorganization-update.md
+ - name: Delete
+ href: api/connectedorganization-delete.md
+ - name: List external sponsors
+ href: api/connectedorganization-list-externalsponsors.md
+ - name: List internal sponsors
+ href: api/connectedorganization-list-internalsponsors.md
+ - name: Add external sponsors
+ href: api/connectedorganization-post-externalsponsors.md
+ - name: Add internal sponsors
+ href: api/connectedorganization-post-internalsponsors.md
+ - name: Remove external sponsors
+ href: api/connectedorganization-delete-externalsponsors.md
+ - name: Remove internal sponsors
+ href: api/connectedorganization-delete-internalsponsors.md
+ - name: Entitlement management settings
+ href: resources/entitlementmanagementsettings.md
items:
- - name: Cross-tenant access default settings
- href: resources/crosstenantaccesspolicyconfigurationdefault.md
- name: Get
- href: api/crosstenantaccesspolicyconfigurationdefault-get.md
+ href: api/entitlementmanagementsettings-get.md
- name: Update
- href: api/crosstenantaccesspolicyconfigurationdefault-update.md
- - name: Reset to system default
- href: api/crosstenantaccesspolicyconfigurationdefault-resettosystemdefault.md
- - name: Partner settings
+ href: api/entitlementmanagementsettings-update.md
+ - name: Access package assignment policy
+ href: resources/accesspackageassignmentpolicy.md
items:
- - name: Cross-tenant access partner settings
- href: resources/crosstenantaccesspolicyconfigurationpartner.md
- name: List
- href: api/crosstenantaccesspolicy-list-partners.md
+ href: api/entitlementmanagement-list-assignmentpolicies.md
- name: Create
- href: api/crosstenantaccesspolicy-post-partners.md
+ href: api/entitlementmanagement-post-assignmentpolicies.md
- name: Get
- href: api/crosstenantaccesspolicyconfigurationpartner-get.md
+ href: api/accesspackageassignmentpolicy-get.md
- name: Update
- href: api/crosstenantaccesspolicyconfigurationpartner-update.md
+ href: api/accesspackageassignmentpolicy-update.md
- name: Delete
- href: api/crosstenantaccesspolicyconfigurationpartner-delete.md
- - name: Data policy operation
- href: resources/datapolicyoperation.md
- items:
- - name: Get data policy operation
- href: api/datapolicyoperation-get.md
- - name: Delegated permission grant
- items:
- - name: OAuth 2.0 permission grant
- href: resources/oauth2permissiongrant.md
- - name: List
- href: api/oauth2permissiongrant-list.md
- - name: Create
- href: api/oauth2permissiongrant-post.md
- - name: Get
- href: api/oauth2permissiongrant-get.md
- - name: Update
- href: api/oauth2permissiongrant-update.md
- - name: Delete
- href: api/oauth2permissiongrant-delete.md
- - name: Get delta
- href: api/oauth2permissiongrant-delta.md
- - name: Identity protection
- href: resources/identityprotection-overview.md
+ href: api/accesspackageassignmentpolicy-delete.md
+ - name: Privileged Identity Management
+ displayName: Privileged Identity Management, PIM, Identity Governance
+ href: resources/privilegedidentitymanagementv3-overview.md
items:
- - name: Risk detection
- href: resources/riskdetection.md
+ - name: Role assignment schedule requests
+ href: resources/unifiedroleassignmentschedulerequest.md
items: - name: List
- href: api/riskdetection-list.md
+ href: api/rbacapplication-list-roleassignmentschedulerequests.md
+ - name: Create
+ href: api/rbacapplication-post-roleassignmentschedulerequests.md
- name: Get
- href: api/riskdetection-get.md
- - name: Risky user
- href: resources/riskyuser.md
- items:
- - name: List risky users
- href: api/riskyuser-list.md
- - name: Get risky user
- href: api/riskyuser-get.md
- - name: List history
- href: api/riskyuser-list-history.md
- - name: Get history
- href: api/riskyuser-get-riskyuserhistoryitem.md
- - name: Confirm compromised
- href: api/riskyuser-confirmcompromised.md
- - name: Dismiss
- href: api/riskyuser-dismiss.md
- - name: Service principal risk detection
+ href: api/unifiedroleassignmentschedulerequest-get.md
+ - name: Cancel
+ href: api/unifiedroleassignmentschedulerequest-cancel.md
+ - name: Filter by current user
+ href: api/unifiedroleassignmentschedulerequest-filterbycurrentuser.md
+ - name: Role assignment schedules
+ href: resources/unifiedroleassignmentschedule.md
items:
- - name: Risk detection
- href: resources/serviceprincipalriskdetection.md
- name: List
- href: api/identityprotectionroot-list-serviceprincipalriskdetections.md
+ href: api/rbacapplication-list-roleassignmentschedules.md
- name: Get
- href: api/serviceprincipalriskdetection-get.md
- - name: Risky service principal
+ href: api/unifiedroleassignmentschedule-get.md
+ - name: Filter by current user
+ href: api/unifiedroleassignmentschedule-filterbycurrentuser.md
+ - name: Role assignment schedule instances
+ href: resources/unifiedroleassignmentscheduleinstance.md
items:
- - name: Risky service principal
- href: resources/riskyserviceprincipal.md
- - name: List risky service principals
- href: api/identityprotectionroot-list-riskyserviceprincipals.md
+ - name: List
+ href: api/rbacapplication-list-roleassignmentscheduleinstances.md
+ - name: Get
+ href: api/unifiedroleassignmentscheduleinstance-get.md
+ - name: Filter by current user
+ href: api/unifiedroleassignmentscheduleinstance-filterbycurrentuser.md
+ - name: Role eligibility schedule requests
+ href: resources/unifiedroleeligibilityschedulerequest.md
+ items:
+ - name: List
+ href: api/rbacapplication-list-roleeligibilityschedulerequests.md
+ - name: Create
+ href: api/rbacapplication-post-roleeligibilityschedulerequests.md
+ - name: Get
+ href: api/unifiedroleeligibilityschedulerequest-get.md
+ - name: Cancel
+ href: api/unifiedroleeligibilityschedulerequest-cancel.md
+ - name: Filter by current user
+ href: api/unifiedroleeligibilityschedulerequest-filterbycurrentuser.md
+ - name: Role eligibility schedules
+ href: resources/unifiedroleeligibilityschedule.md
+ items:
+ - name: List
+ href: api/rbacapplication-list-roleeligibilityschedules.md
+ - name: Get
+ href: api/unifiedroleeligibilityschedule-get.md
+ - name: Filter by current user
+ href: api/unifiedroleeligibilityschedule-filterbycurrentuser.md
+ - name: Role eligibility schedule instances
+ href: resources/unifiedroleeligibilityscheduleinstance.md
+ items:
+ - name: List
+ href: api/rbacapplication-list-roleeligibilityscheduleinstances.md
+ - name: Get
+ href: api/unifiedroleeligibilityscheduleinstance-get.md
+ - name: Filter by current user
+ href: api/unifiedroleeligibilityscheduleinstance-filterbycurrentuser.md
+ - name: Role management policies
+ items:
+ - name: Policies and rules
+ href: resources/unifiedrolemanagementpolicy.md
+ - name: List
+ href: api/policyroot-list-rolemanagementpolicies.md
+ - name: Get
+ href: api/unifiedrolemanagementpolicy-get.md
+ - name: List rules
+ href: api/unifiedrolemanagementpolicy-list-rules.md
+ - name: Get rule
+ href: api/unifiedrolemanagementpolicyrule-get.md
+ - name: Update rule
+ href: api/unifiedrolemanagementpolicyrule-update.md
+ - name: Role management policy assignments
+ href: resources/unifiedrolemanagementpolicyassignment.md
+ items:
+ - name: List
+ href: api/policyroot-list-rolemanagementpolicyassignments.md
+ - name: Get
+ href: api/unifiedrolemanagementpolicyassignment-get.md
+ - name: Terms of use
+ items:
+ - name: Agreement
+ href: resources/agreement.md
+ - name: List
+ href: api/termsofusecontainer-list-agreements.md
+ - name: Create
+ href: api/termsofusecontainer-post-agreements.md
+ - name: Get
+ href: api/agreement-get.md
+ - name: Update
+ href: api/agreement-update.md
+ - name: Delete
+ href: api/agreement-delete.md
+ - name: Agreement acceptances
+ href: resources/agreementacceptance.md
+ items:
+ - name: List acceptances
+ href: api/user-list-agreementacceptances.md
+ - name: List acceptance status
+ href: api/agreement-list-acceptances.md
+ - name: Agreement files
+ items:
+ - name: Default agreement file
+ href: resources/agreementfile.md
+ - name: Localized agreement files
+ href: resources/agreementfilelocalization.md
+ - name: Get default file
+ href: api/agreementfile-get.md
+ - name: Create localized files
+ href: api/agreement-post-files.md
+ - name: List localized files
+ href: api/agreement-list-files.md
+ - name: Identity and sign-in
+ items:
+ - name: Authentication methods
+ items:
+ - name: Overview
+ href: resources/authenticationmethods-overview.md
+ - name: Authentication methods
+ href: resources/authenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-methods.md
+ - name: FIDO2 security keys
+ href: resources/fido2authenticationmethod.md
+ items:
+ - name: List
+ href: api/fido2authenticationmethod-list.md
+ - name: Get
+ href: api/fido2authenticationmethod-get.md
+ - name: Delete
+ href: api/fido2authenticationmethod-delete.md
+ - name: Microsoft Authenticator
+ href: resources/microsoftauthenticatorauthenticationmethod.md
+ items:
+ - name: List
+ href: api/microsoftauthenticatorauthenticationmethod-list.md
+ - name: Get
+ href: api/microsoftauthenticatorauthenticationmethod-get.md
+ - name: Delete
+ href: api/microsoftauthenticatorauthenticationmethod-delete.md
+ - name: Software OATH token
+ href: resources/softwareOathAuthenticationMethod.md
+ items:
+ - name: List
+ href: api/authentication-list-softwareoathmethods.md
+ - name: Get
+ href: api/softwareOathAuthenticationMethod-get.md
+ - name: Delete
+ href: api/softwareOathAuthenticationMethod-delete.md
+ - name: Windows Hello for Business
+ href: resources/windowshelloforbusinessauthenticationmethod.md
+ items:
+ - name: List
+ href: api/windowshelloforbusinessauthenticationmethod-list.md
+ - name: Get
+ href: api/windowshelloforbusinessauthenticationmethod-get.md
+ - name: Delete
+ href: api/windowshelloforbusinessauthenticationmethod-delete.md
+ - name: Phone
+ href: resources/phoneauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-phonemethods.md
+ - name: Get
+ href: api/phoneauthenticationmethod-get.md
+ - name: Update
+ href: api/phoneauthenticationmethod-update.md
+ - name: Delete
+ href: api/phoneauthenticationmethod-delete.md
+ - name: Add
+ href: api/authentication-post-phonemethods.md
+ - name: Enable SMS sign-in
+ href: api/phoneauthenticationmethod-enablesmssignin.md
+ - name: Disable SMS sign-in
+ href: api/phoneauthenticationmethod-disablesmssignin.md
+ - name: Email
+ href: resources/emailauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-emailmethods.md
+ - name: Get
+ href: api/emailauthenticationmethod-get.md
+ - name: Update
+ href: api/emailauthenticationmethod-update.md
+ - name: Delete
+ href: api/emailauthenticationmethod-delete.md
+ - name: Add
+ href: api/authentication-post-emailmethods.md
+ - name: Certificate-based auth configuration
+ displayName: CBA
+ href: resources/certificatebasedauthconfiguration.md
+ items:
+ - name: List
+ href: api/certificatebasedauthconfiguration-list.md
+ - name: Create
+ href: api/certificatebasedauthconfiguration-post-certificatebasedauthconfiguration.md
+ - name: Get
+ href: api/certificatebasedauthconfiguration-get.md
+ - name: Delete
+ href: api/certificatebasedauthconfiguration-delete.md
+ - name: Password
+ href: resources/passwordauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-passwordmethods.md
+ - name: Get
+ href: api/passwordauthenticationmethod-get.md
+ - name: Reset
+ href: api/authenticationmethod-resetpassword.md
+ - name: Get operation status
+ href: api/longrunningoperation-get.md
+ - name: Temporary Access Pass
+ displayName: TAP
+ href: resources/temporaryaccesspassauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-temporaryaccesspassmethods.md
+ - name: Create
+ href: api/authentication-post-temporaryaccesspassmethods.md
+ - name: Get
+ href: api/temporaryaccesspassauthenticationmethod-get.md
+ - name: Delete
+ href: api/temporaryaccesspassauthenticationmethod-delete.md
+ - name: Conditional Access
+ items:
+ - name: Conditional Access
+ href: resources/conditionalaccessroot.md
+ - name: Policies
+ items:
+ - name: Conditional Access policy
+ href: resources/conditionalaccesspolicy.md
+ - name: List
+ href: api/conditionalaccessroot-list-policies.md
+ - name: Create
+ href: api/conditionalaccessroot-post-policies.md
+ - name: Get
+ href: api/conditionalaccesspolicy-get.md
+ - name: Update
+ href: api/conditionalaccesspolicy-update.md
+ - name: Delete
+ href: api/conditionalaccesspolicy-delete.md
+ - name: Named locations
+ items:
+ - name: Named location
+ items:
+ - name: Named location
+ href: resources/namedlocation.md
+ - name: List
+ href: api/conditionalaccessroot-list-namedlocations.md
+ - name: Get
+ href: api/namedlocation-get.md
+ - name: Delete
+ href: api/namedlocation-delete.md
+ - name: Country named location
+ items:
+ - name: Country named location
+ href: resources/countrynamedlocation.md
+ - name: List
+ href: api/conditionalaccessroot-list-namedlocations.md
+ - name: Create
+ href: api/conditionalaccessroot-post-namedlocations.md
+ - name: Get
+ href: api/countrynamedlocation-get.md
+ - name: Update
+ href: api/countrynamedlocation-update.md
+ - name: Delete
+ href: api/countrynamedlocation-delete.md
+ - name: IP named location
+ items:
+ - name: IP named location
+ href: resources/ipnamedlocation.md
+ - name: List
+ href: api/conditionalaccessroot-list-namedlocations.md
+ - name: Create
+ href: api/conditionalaccessroot-post-namedlocations.md
+ - name: Get
+ href: api/ipnamedlocation-get.md
+ - name: Update
+ href: api/ipnamedlocation-update.md
+ - name: Delete
+ href: api/ipnamedlocation-delete.md
+ - name: Authentication context
+ items:
+ - name: Authentication context class reference
+ href: resources/authenticationcontextclassreference.md
+ - name: List
+ href: api/conditionalaccessroot-list-authenticationcontextclassreferences.md
+ - name: Create or update
+ href: api/authenticationcontextclassreference-update.md
+ - name: Get
+ href: api/authenticationcontextclassreference-get.md
+ - name: Delete
+ href: api/authenticationcontextclassreference-delete.md
+ - name: Templates
+ items:
+ - name: Conditional access template
+ href: resources/conditionalAccessTemplate.md
+ - name: List
+ href: api/conditionalaccessroot-list-templates.md
+ - name: Get
+ href: api/conditionalaccesstemplate-get.md
+ - name: Cross-tenant access
+ items:
+ - name: Overview
+ href: resources/crosstenantaccesspolicy-overview.md
+ - name: Policy
+ items:
+ - name: Cross-tenant access policy
+ href: resources/crosstenantaccesspolicy.md
+ - name: Get
+ href: api/crosstenantaccesspolicy-get.md
+ - name: Update
+ href: api/crosstenantaccesspolicy-update.md
+ - name: Default settings
+ items:
+ - name: Cross-tenant access default settings
+ href: resources/crosstenantaccesspolicyconfigurationdefault.md
+ - name: Get
+ href: api/crosstenantaccesspolicyconfigurationdefault-get.md
+ - name: Update
+ href: api/crosstenantaccesspolicyconfigurationdefault-update.md
+ - name: Reset to system default
+ href: api/crosstenantaccesspolicyconfigurationdefault-resettosystemdefault.md
+ - name: Partner settings
+ items:
+ - name: Cross-tenant access partner settings
+ href: resources/crosstenantaccesspolicyconfigurationpartner.md
+ - name: List
+ href: api/crosstenantaccesspolicy-list-partners.md
+ - name: Create
+ href: api/crosstenantaccesspolicy-post-partners.md
+ - name: Get
+ href: api/crosstenantaccesspolicyconfigurationpartner-get.md
+ - name: Update
+ href: api/crosstenantaccesspolicyconfigurationpartner-update.md
+ - name: Delete
+ href: api/crosstenantaccesspolicyconfigurationpartner-delete.md
+ - name: Data policy operation
+ href: resources/datapolicyoperation.md
+ items:
+ - name: Get data policy operation
+ href: api/datapolicyoperation-get.md
+ - name: Delegated permission grant
+ items:
+ - name: OAuth 2.0 permission grant
+ href: resources/oauth2permissiongrant.md
+ - name: List
+ href: api/oauth2permissiongrant-list.md
+ - name: Create
+ href: api/oauth2permissiongrant-post.md
+ - name: Get
+ href: api/oauth2permissiongrant-get.md
+ - name: Update
+ href: api/oauth2permissiongrant-update.md
+ - name: Delete
+ href: api/oauth2permissiongrant-delete.md
+ - name: Get delta
+ href: api/oauth2permissiongrant-delta.md
+ - name: Identity protection
+ href: resources/identityprotection-overview.md
+ items:
+ - name: Risk detection
+ href: resources/riskdetection.md
+ items:
+ - name: List
+ href: api/riskdetection-list.md
+ - name: Get
+ href: api/riskdetection-get.md
+ - name: Risky user
+ href: resources/riskyuser.md
+ items:
+ - name: List risky users
+ href: api/riskyuser-list.md
+ - name: Get risky user
+ href: api/riskyuser-get.md
+ - name: List history
+ href: api/riskyuser-list-history.md
+ - name: Get history
+ href: api/riskyuser-get-riskyuserhistoryitem.md
+ - name: Confirm compromised
+ href: api/riskyuser-confirmcompromised.md
+ - name: Dismiss
+ href: api/riskyuser-dismiss.md
+ - name: Service principal risk detection
+ items:
+ - name: Risk detection
+ href: resources/serviceprincipalriskdetection.md
+ - name: List
+ href: api/identityprotectionroot-list-serviceprincipalriskdetections.md
+ - name: Get
+ href: api/serviceprincipalriskdetection-get.md
+ - name: Risky service principal
+ items:
+ - name: Risky service principal
+ href: resources/riskyserviceprincipal.md
+ - name: List risky service principals
+ href: api/identityprotectionroot-list-riskyserviceprincipals.md
- name: Get risky service principal href: api/riskyserviceprincipal-get.md - name: List history
items:
href: api/activitybasedtimeoutpolicy-update.md - name: Delete href: api/activitybasedtimeoutpolicy-delete.md
+ - name: Application authentication method policy
+ items:
+ - name: Overview
+ href: resources/applicationauthenticationmethodpolicy.md
+ - name: Tenant app management policy
+ items:
+ - name: Tenant app management policy
+ href: resources/tenantappmanagementpolicy.md
+ - name: Get
+ href: api/tenantappmanagementpolicy-get.md
+ - name: Update
+ href: api/tenantappmanagementpolicy-update.md
+ - name: App management policy
+ items:
+ - name: App management policy
+ href: resources/appmanagementpolicy.md
+ - name: List
+ href: api/appmanagementpolicy-list.md
+ - name: Get
+ href: api/appmanagementpolicy-get.md
+ - name: Create
+ href: api/appmanagementpolicy-post.md
+ - name: Update
+ href: api/appmanagementpolicy-update.md
+ - name: Delete
+ href: api/appmanagementpolicy-delete.md
+ - name: Create applies to
+ href: api/appmanagementpolicy-post-appliesto.md
+ - name: List applies to
+ href: api/appmanagementpolicy-list-appliesto.md
+ - name: Delete applies to
+ href: api/appmanagementpolicy-delete-appliesto.md
- name: Authentication flows policy items: - name: Authentication flows policy
items:
items: - name: Overview href: resources/authenticationmethodspolicies-overview.md
- - name: Authentication method policy
+ - name: Authentication methods policy
href: resources/authenticationmethodspolicy.md items: - name: Get href: api/authenticationmethodspolicy-get.md - name: Update href: api/authenticationmethodspolicy-update.md
+ - name: Email policy
+ href: resources/emailauthenticationmethodconfiguration.md
+ items:
+ - name: Get
+ href: api/emailauthenticationmethodconfiguration-get.md
+ - name: Update
+ href: api/emailauthenticationmethodconfiguration-update.md
+ - name: Delete
+ href: api/emailauthenticationmethodconfiguration-delete.md
- name: FIDO2 policy href: resources/fido2authenticationmethodconfiguration.md items:
items:
href: api/temporaryaccesspassauthenticationmethodconfiguration-update.md - name: Delete href: api/temporaryaccesspassauthenticationmethodconfiguration-delete.md
- - name: Email policy
- href: resources/emailauthenticationmethodconfiguration.md
+ - name: Text Message policy
+ href: resources/smsAuthenticationMethodConfiguration.md
items: - name: Get
- href: api/emailauthenticationmethodconfiguration-get.md
+ href: api/smsAuthenticationMethodConfiguration-get.md
- name: Update
- href: api/emailauthenticationmethodconfiguration-update.md
+ href: api/smsAuthenticationMethodConfiguration-update.md
- name: Delete
- href: api/emailauthenticationmethodconfiguration-delete.md
+ href: api/smsAuthenticationMethodConfiguration-delete.md
+ - name: Third-party software OATH policy
+ href: resources/softwareoathAuthenticationMethodConfiguration.md
+ items:
+ - name: Get
+ href: api/softwareoathAuthenticationMethodConfiguration-get.md
+ - name: Update
+ href: api/softwareoathAuthenticationMethodConfiguration-update.md
+ - name: Delete
+ href: api/softwareoathAuthenticationMethodConfiguration-delete.md
+ - name: Voice call policy
+ href: resources/voiceAuthenticationMethodConfiguration.md
+ items:
+ - name: Get
+ href: api/voiceAuthenticationMethodConfiguration-get.md
+ - name: Update
+ href: api/voiceAuthenticationMethodConfiguration-update.md
+ - name: Delete
+ href: api/voiceAuthenticationMethodConfiguration-delete.md
- name: X509 certificate displayName: certificate-based authentication, CBA href: resources/x509Certificateauthenticationmethodconfiguration.md items: - name: Get
- href: api/x509certificateauthenticationmethodconfiguration-get.md
- - name: Update
- href: api/x509certificateauthenticationmethodconfiguration-update.md
- - name: Delete
- href: api/x509certificateauthenticationmethodconfiguration-delete.md
- - name: Authorization policy
- href: resources/authorizationpolicy.md
- items:
- - name: Get
- href: api/authorizationpolicy-get.md
- - name: Update
- href: api/authorizationpolicy-update.md
- - name: Claims mapping policy
- href: resources/claimsmappingpolicy.md
- items:
- - name: Create
- href: api/claimsmappingpolicy-post-claimsmappingpolicies.md
- - name: List
- href: api/claimsmappingpolicy-list.md
- - name: Get
- href: api/claimsmappingpolicy-get.md
- - name: Update
- href: api/claimsmappingpolicy-update.md
- - name: Delete
- href: api/claimsmappingpolicy-delete.md
- - name: List applied to applications
- href: api/claimsmappingpolicy-list-appliesto.md
- - name: Feature rollout policy
- href: resources/featurerolloutpolicy.md
- items:
- - name: List
- href: api/featurerolloutpolicies-list.md
- - name: Create
- href: api/featurerolloutpolicies-post.md
- - name: Get
- href: api/featurerolloutpolicy-get.md
- - name: Update
- href: api/featurerolloutpolicy-update.md
- - name: Delete
- href: api/featurerolloutpolicy-delete.md
- - name: Create appliesTo
- href: api/featurerolloutpolicy-post-appliesto.md
- - name: Delete appliesTo
- href: api/featurerolloutpolicy-delete-appliesto.md
- - name: Home realm discovery policy
- href: resources/homerealmdiscoverypolicy.md
- items:
- - name: List
- href: api/homerealmdiscoverypolicy-list.md
- - name: Create
- href: api/homerealmdiscoverypolicy-post-homerealmdiscoverypolicies.md
- - name: Get
- href: api/homerealmdiscoverypolicy-get.md
- - name: Update
- href: api/homerealmdiscoverypolicy-update.md
- - name: Delete
- href: api/homerealmdiscoverypolicy-delete.md
- - name: List applied to applications
- href: api/homerealmdiscoverypolicy-list-appliesto.md
- - name: Token issuance policy
- href: resources/tokenissuancepolicy.md
- items:
- - name: List
- href: api/tokenissuancepolicy-list.md
- - name: Create
- href: api/tokenissuancepolicy-post-tokenissuancepolicy.md
- - name: Get
- href: api/tokenissuancepolicy-get.md
- - name: Update
- href: api/tokenissuancepolicy-update.md
- - name: Delete
- href: api/tokenissuancepolicy-delete.md
- - name: List applied to applications
- href: api/tokenissuancepolicy-list-appliesto.md
- - name: Token lifetime policy
- href: resources/tokenlifetimepolicy.md
- items:
- - name: List
- href: api/tokenlifetimepolicy-list.md
- - name: Create
- href: api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
- - name: Get
- href: api/tokenlifetimepolicy-get.md
- - name: Update
- href: api/tokenlifetimepolicy-update.md
- - name: Delete
- href: api/tokenlifetimepolicy-delete.md
- - name: List applied to applications
- href: api/tokenlifetimepolicy-list-appliesto.md
- - name: Security defaults policy
- href: resources/identitysecuritydefaultsenforcementpolicy.md
- items:
- - name: Get
- href: api/identitysecuritydefaultsenforcementpolicy-get.md
- - name: Update
- href: api/identitysecuritydefaultsenforcementpolicy-update.md
- - name: User flows
- items:
- - name: Self-service sign up user flows
- items:
- - name: Self-service sign up user flow
- href: resources/b2xidentityuserflow.md
- - name: List
- href: api/identitycontainer-list-b2xuserflows.md
- - name: Create
- href: api/identitycontainer-post-b2xuserflows.md
- - name: Get
- href: api/b2xidentityuserflow-get.md
- - name: Delete
- href: api/b2xidentityuserflow-delete.md
- - name: List identity providers
- href: api/b2xidentityuserflow-list-identityproviders.md
- - name: Add identity provider
- href: api/b2xidentityuserflow-post-identityproviders.md
- - name: Remove identity provider
- href: api/b2xidentityuserflow-delete-identityproviders.md
- - name: List user attribute assignments
- href: api/b2xidentityuserflow-list-userattributeassignments.md
- - name: Create user attribute assignment
- href: api/b2xidentityuserflow-post-userattributeassignments.md
- - name: List languages
- href: api/b2xidentityuserflow-list-languages.md
- - name: Get API connectors configuration
- href: api/b2xidentityuserflow-get-apiConnectorConfiguration.md
- - name: Configure an API connector
- href: api/b2xidentityuserflow-put-apiConnectorConfiguration.md
- - name: User flow attributes
- items:
- - name: User flow attribute
- href: resources/identityuserflowattribute.md
- - name: List
- href: api/identityuserflowattribute-list.md
- - name: Create
- href: api/identityuserflowattribute-post.md
- - name: Get
- href: api/identityuserflowattribute-get.md
- - name: Update
- href: api/identityuserflowattribute-update.md
- - name: Delete
- href: api/identityuserflowattribute-delete.md
- - name: User flow attribute assignment
- items:
- - name: User flow attribute assignment
- href: resources/identityuserflowattributeassignment.md
- - name: Get
- href: api/identityuserflowattributeassignment-get.md
- - name: Update
- href: api/identityuserflowattributeassignment-update.md
- - name: Delete
- href: api/identityuserflowattributeassignment-delete.md
- - name: User flow language configuration
+ href: api/x509certificateauthenticationmethodconfiguration-get.md
+ - name: Update
+ href: api/x509certificateauthenticationmethodconfiguration-update.md
+ - name: Delete
+ href: api/x509certificateauthenticationmethodconfiguration-delete.md
+ - name: Authorization policy
+ href: resources/authorizationpolicy.md
items:
- - name: User flow language configuration
- href: resources/userflowlanguageconfiguration.md
- - name: Get
- href: api/userflowlanguageconfiguration-get.md
- - name: List default pages
- href: api/userflowlanguageconfiguration-list-defaultpages.md
- - name: List overrides pages
- href: api/userflowlanguageconfiguration-list-overridespages.md
- - name: User flow language page
- href: resources/userflowlanguagepage.md
- name: Get
- href: api/userflowlanguagepage-get.md
+ href: api/authorizationpolicy-get.md
- name: Update
- href: api/userflowlanguagepage-put.md
- - name: Delete
- href: api/userflowlanguagepage-delete.md
- - name: API connectors
+ href: api/authorizationpolicy-update.md
+ - name: Claims mapping policy
+ href: resources/claimsmappingpolicy.md
items:
- - name: API connector
- href: resources/identityapiconnector.md
- - name: List
- href: api/identityapiconnector-list.md
- name: Create
- href: api/identityapiconnector-create.md
+ href: api/claimsmappingpolicy-post-claimsmappingpolicies.md
+ - name: List
+ href: api/claimsmappingpolicy-list.md
- name: Get
- href: api/identityapiconnector-get.md
+ href: api/claimsmappingpolicy-get.md
- name: Update
- href: api/identityapiconnector-update.md
- - name: Upload a client certificate
- href: api/identityapiconnector-uploadclientcertificate.md
+ href: api/claimsmappingpolicy-update.md
- name: Delete
- href: api/identityapiconnector-delete.md
- - name: Governance
- href: resources/identitygovernance-overview.md
- displayName: Identity Governance, Access reviews, Entitlement Management, Terms of Use, Privileged Identity Management
- items:
- - name: Access reviews
- href: resources/accessreviewsv2-overview.md
- items:
- - name: Access review schedule definition
- href: resources/accessreviewscheduledefinition.md
+ href: api/claimsmappingpolicy-delete.md
+ - name: List applied to applications
+ href: api/claimsmappingpolicy-list-appliesto.md
+ - name: Feature rollout policy
+ href: resources/featurerolloutpolicy.md
items: - name: List
- href: api/accessreviewset-list-definitions.md
- - name: Get
- href: api/accessreviewscheduledefinition-get.md
+ href: api/featurerolloutpolicies-list.md
- name: Create
- href: api/accessreviewset-post-definitions.md
- - name: Delete
- href: api/accessreviewscheduledefinition-delete.md
- - name: Update
- href: api/accessreviewscheduledefinition-update.md
- - name: Filter by current user
- href: api/accessreviewscheduledefinition-filterbycurrentuser.md
- - name: Access review instance
- href: resources/accessreviewinstance.md
- items:
- - name: List
- href: api/accessreviewscheduledefinition-list-instances.md
+ href: api/featurerolloutpolicies-post.md
- name: Get
- href: api/accessreviewinstance-get.md
+ href: api/featurerolloutpolicy-get.md
- name: Update
- href: api/accessreviewinstance-update.md
- - name: Filter by current user
- href: api/accessreviewinstance-filterbycurrentuser.md
- - name: Send reminder
- href: api/accessreviewinstance-sendreminder.md
- - name: Stop
- href: api/accessreviewinstance-stop.md
- - name: Accept recommendations
- href: api/accessreviewinstance-acceptrecommendations.md
- - name: Apply decisions
- href: api/accessreviewinstance-applydecisions.md
- - name: Batch record decisions
- href: api/accessreviewinstance-batchrecorddecisions.md
- - name: Reset decisions
- href: api/accessreviewinstance-resetdecisions.md
- - name: List contacted reviewers
- href: api/accessreviewinstance-list-contactedreviewers.md
- - name: Access review stage
- href: resources/accessreviewstage.md
+ href: api/featurerolloutpolicy-update.md
+ - name: Delete
+ href: api/featurerolloutpolicy-delete.md
+ - name: Create appliesTo
+ href: api/featurerolloutpolicy-post-appliesto.md
+ - name: Delete appliesTo
+ href: api/featurerolloutpolicy-delete-appliesto.md
+ - name: Home realm discovery policy
+ href: resources/homerealmdiscoverypolicy.md
items: - name: List
- href: api/accessreviewinstance-list-stages.md
- - name: Get
- href: api/accessreviewstage-get.md
- - name: Update
- href: api/accessreviewstage-update.md
- - name: Filter by current user
- href: api/accessreviewstage-filterbycurrentuser.md
- - name: Stop
- href: api/accessreviewstage-stop.md
- - name: Access review instance decision item
- displayName: access review decisions
- href: resources/accessreviewinstancedecisionitem.md
- items:
- - name: List decisions from an instance
- href: api/accessreviewinstance-list-decisions.md
- - name: List decisions from a stage of an instance
- href: api/accessreviewstage-list-decisions.md
- - name: Filter by current user
- href: api/accessreviewinstancedecisionitem-filterbycurrentuser.md
+ href: api/homerealmdiscoverypolicy-list.md
+ - name: Create
+ href: api/homerealmdiscoverypolicy-post-homerealmdiscoverypolicies.md
- name: Get
- href: api/accessreviewinstancedecisionitem-get.md
+ href: api/homerealmdiscoverypolicy-get.md
- name: Update
- href: api/accessreviewinstancedecisionitem-update.md
- - name: Access review history definition
- href: resources/accessreviewhistorydefinition.md
+ href: api/homerealmdiscoverypolicy-update.md
+ - name: Delete
+ href: api/homerealmdiscoverypolicy-delete.md
+ - name: List applied to applications
+ href: api/homerealmdiscoverypolicy-list-appliesto.md
+ - name: Token issuance policy
+ href: resources/tokenissuancepolicy.md
items:
- - name: Get
- href: api/accessreviewhistorydefinition-get.md
- name: List
- href: api/accessreviewset-list-historydefinitions.md
+ href: api/tokenissuancepolicy-list.md
- name: Create
- href: api/accessreviewset-post-historydefinitions.md
- - name: Access review history instance
- href: resources/accessreviewhistoryinstance.md
- items:
- - name: List
- href: api/accessreviewhistorydefinition-list-instances.md
- - name: Generate download URI
- displayName: Downloadable access review history report
- href: api/accessreviewhistoryinstance-generatedownloaduri.md
- - name: Consent requests
- href: resources/consentrequests-overview.md
- items:
- - name: Admin consent request policy
- href: resources/adminconsentrequestpolicy.md
- items:
+ href: api/tokenissuancepolicy-post-tokenissuancepolicy.md
- name: Get
- href: api/adminconsentrequestpolicy-get.md
+ href: api/tokenissuancepolicy-get.md
- name: Update
- href: api/adminconsentrequestpolicy-update.md
- - name: App consent requests
- href: resources/appconsentrequest.md
- items:
- - name: List
- href: api/appconsentapprovalroute-list-appconsentrequests.md
- - name: Get
- href: api/appconsentrequest-get.md
- - name: Filter by current user
- href: api/appconsentrequest-filterByCurrentUser.md
- - name: User consent requests
- href: resources/userconsentrequest.md
- items:
- - name: List
- href: api/appconsentrequest-list-userconsentrequests.md
- - name: Get
- href: api/userconsentrequest-get.md
- - name: Filter by current user
- href: api/userconsentrequest-filterByCurrentUser.md
- - name: Entitlement management
- href: resources/entitlementmanagement-overview.md
- items:
- - name: Access package
- href: resources/accesspackage.md
+ href: api/tokenissuancepolicy-update.md
+ - name: Delete
+ href: api/tokenissuancepolicy-delete.md
+ - name: List applied to applications
+ href: api/tokenissuancepolicy-list-appliesto.md
+ - name: Token lifetime policy
+ href: resources/tokenlifetimepolicy.md
items: - name: List
- href: api/entitlementmanagement-list-accesspackages.md
+ href: api/tokenlifetimepolicy-list.md
- name: Create
- href: api/entitlementmanagement-post-accesspackages.md
+ href: api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
- name: Get
- href: api/accesspackage-get.md
+ href: api/tokenlifetimepolicy-get.md
- name: Update
- href: api/accesspackage-update.md
+ href: api/tokenlifetimepolicy-update.md
- name: Delete
- href: api/accesspackage-delete.md
- - name: Filter by current user
- href: api/accesspackage-filterbycurrentuser.md
- - name: Get applicable policy requirements
- href: api/accesspackage-getapplicablepolicyrequirements.md
- - name: List incompatible access packages
- href: api/accesspackage-list-incompatibleaccesspackages.md
- - name: Add incompatible access package
- href: api/accesspackage-post-incompatibleaccesspackage.md
- - name: Remove incompatible access package
- href: api/accesspackage-delete-incompatibleaccesspackage.md
- - name: List incompatible groups
- href: api/accesspackage-list-incompatiblegroups.md
- - name: Add incompatible group
- href: api/accesspackage-post-incompatiblegroup.md
- - name: Remove incompatible group
- href: api/accesspackage-delete-incompatiblegroup.md
- - name: List access packages incompatible with
- href: api/accesspackage-list-accesspackagesincompatiblewith.md
- - name: Access package assignment
- href: resources/accesspackageassignment.md
- items:
- - name: List
- href: api/entitlementmanagement-list-assignments.md
- - name: Get
- href: api/accesspackageassignment-get.md
- - name: Check additional access
- href: api/accesspackageassignment-additionalaccess.md
- - name: Filter by current user
- href: api/accesspackageassignment-filterbycurrentuser.md
- - name: Reprocess
- href: api/accesspackageassignment-reprocess.md
- - name: Access package assignment request approval
+ href: api/tokenlifetimepolicy-delete.md
+ - name: List applied to applications
+ href: api/tokenlifetimepolicy-list-appliesto.md
+ - name: Security defaults policy
+ href: resources/identitysecuritydefaultsenforcementpolicy.md
items:
- - name: Approval
- href: resources/approval.md
- name: Get
- href: api/approval-get.md
- - name: Filter by current user
- href: api/approval-filterbycurrentuser.md
- - name: Approval stage
- items:
- - name: Approval stage
- href: resources/approvalstage.md
- - name: List
- href: api/approval-list-stages.md
- - name: Get
- href: api/approvalstage-get.md
- - name: Update
- href: api/approvalstage-update.md
- - name: Access package assignment request
- href: resources/accesspackageassignmentrequest.md
+ href: api/identitysecuritydefaultsenforcementpolicy-get.md
+ - name: Update
+ href: api/identitysecuritydefaultsenforcementpolicy-update.md
+ - name: User flows
+ items:
+ - name: Self-service sign up user flows
items:
+ - name: Self-service sign up user flow
+ href: resources/b2xidentityuserflow.md
- name: List
- href: api/entitlementmanagement-list-assignmentrequests.md
+ href: api/identitycontainer-list-b2xuserflows.md
- name: Create
- href: api/entitlementmanagement-post-assignmentrequests.md
+ href: api/identitycontainer-post-b2xuserflows.md
- name: Get
- href: api/accesspackageassignmentrequest-get.md
+ href: api/b2xidentityuserflow-get.md
- name: Delete
- href: api/accesspackageassignmentrequest-delete.md
- - name: Filter by current user
- href: api/accesspackageassignmentrequest-filterbycurrentuser.md
- - name: Cancel
- href: api/accesspackageassignmentrequest-cancel.md
- - name: Reprocess
- href: api/accesspackageassignmentrequest-reprocess.md
- - name: Access package catalog
- href: resources/accesspackagecatalog.md
+ href: api/b2xidentityuserflow-delete.md
+ - name: List identity providers
+ href: api/b2xidentityuserflow-list-identityproviders.md
+ - name: Add identity provider
+ href: api/b2xidentityuserflow-post-identityproviders.md
+ - name: Remove identity provider
+ href: api/b2xidentityuserflow-delete-identityproviders.md
+ - name: List user attribute assignments
+ href: api/b2xidentityuserflow-list-userattributeassignments.md
+ - name: Create user attribute assignment
+ href: api/b2xidentityuserflow-post-userattributeassignments.md
+ - name: List languages
+ href: api/b2xidentityuserflow-list-languages.md
+ - name: Get API connectors configuration
+ href: api/b2xidentityuserflow-get-apiConnectorConfiguration.md
+ - name: Configure an API connector
+ href: api/b2xidentityuserflow-put-apiConnectorConfiguration.md
+ - name: User flow attributes
items:
+ - name: User flow attribute
+ href: resources/identityuserflowattribute.md
- name: List
- href: api/entitlementmanagement-list-catalogs.md
+ href: api/identityuserflowattribute-list.md
- name: Create
- href: api/entitlementmanagement-post-catalogs.md
+ href: api/identityuserflowattribute-post.md
- name: Get
- href: api/accesspackagecatalog-get.md
+ href: api/identityuserflowattribute-get.md
- name: Update
- href: api/accesspackagecatalog-update.md
+ href: api/identityuserflowattribute-update.md
- name: Delete
- href: api/accesspackagecatalog-delete.md
- - name: Connected organization
- href: resources/connectedorganization.md
+ href: api/identityuserflowattribute-delete.md
+ - name: User flow attribute assignment
items:
- - name: List
- href: api/entitlementmanagement-list-connectedorganizations.md
- - name: Create
- href: api/entitlementmanagement-post-connectedorganizations.md
+ - name: User flow attribute assignment
+ href: resources/identityuserflowattributeassignment.md
- name: Get
- href: api/connectedorganization-get.md
+ href: api/identityuserflowattributeassignment-get.md
- name: Update
- href: api/connectedorganization-update.md
+ href: api/identityuserflowattributeassignment-update.md
- name: Delete
- href: api/connectedorganization-delete.md
- - name: List external sponsors
- href: api/connectedorganization-list-externalsponsors.md
- - name: List internal sponsors
- href: api/connectedorganization-list-internalsponsors.md
- - name: Add external sponsors
- href: api/connectedorganization-post-externalsponsors.md
- - name: Add internal sponsors
- href: api/connectedorganization-post-internalsponsors.md
- - name: Remove external sponsors
- href: api/connectedorganization-delete-externalsponsors.md
- - name: Remove internal sponsors
- href: api/connectedorganization-delete-internalsponsors.md
- - name: Entitlement management settings
- href: resources/entitlementmanagementsettings.md
+ href: api/identityuserflowattributeassignment-delete.md
+ - name: User flow language configuration
items:
+ - name: User flow language configuration
+ href: resources/userflowlanguageconfiguration.md
- name: Get
- href: api/entitlementmanagementsettings-get.md
+ href: api/userflowlanguageconfiguration-get.md
+ - name: List default pages
+ href: api/userflowlanguageconfiguration-list-defaultpages.md
+ - name: List overrides pages
+ href: api/userflowlanguageconfiguration-list-overridespages.md
+ - name: User flow language page
+ href: resources/userflowlanguagepage.md
+ - name: Get
+ href: api/userflowlanguagepage-get.md
- name: Update
- href: api/entitlementmanagementsettings-update.md
- - name: Access package assignment policy
- href: resources/accesspackageassignmentpolicy.md
+ href: api/userflowlanguagepage-put.md
+ - name: Delete
+ href: api/userflowlanguagepage-delete.md
+ - name: API connectors
items:
+ - name: API connector
+ href: resources/identityapiconnector.md
- name: List
- href: api/entitlementmanagement-list-assignmentpolicies.md
+ href: api/identityapiconnector-list.md
- name: Create
- href: api/entitlementmanagement-post-assignmentpolicies.md
+ href: api/identityapiconnector-create.md
- name: Get
- href: api/accesspackageassignmentpolicy-get.md
+ href: api/identityapiconnector-get.md
- name: Update
- href: api/accesspackageassignmentpolicy-update.md
+ href: api/identityapiconnector-update.md
+ - name: Upload a client certificate
+ href: api/identityapiconnector-uploadclientcertificate.md
- name: Delete
- href: api/accesspackageassignmentpolicy-delete.md
- - name: Privileged Identity Management
- displayName: Privileged Identity Management, PIM, Identity Governance
- href: resources/privilegedidentitymanagementv3-overview.md
+ href: api/identityapiconnector-delete.md
+ - name: Partner customer administration
+ items:
+ - name: Granular delegated admin privileges
items:
- - name: Role assignment schedule requests
- href: resources/unifiedroleassignmentschedulerequest.md
+ - name: Overview
+ displayName: GDAP, Partner Center, CSP, VAR
+ href: resources/delegatedadminrelationships-api-overview.md
+ - name: Delegated admin relationships
+ href: resources/delegatedadminrelationship.md
items:
- - name: List
- href: api/rbacapplication-list-roleassignmentschedulerequests.md
- name: Create
- href: api/rbacapplication-post-roleassignmentschedulerequests.md
- - name: Get
- href: api/unifiedroleassignmentschedulerequest-get.md
- - name: Cancel
- href: api/unifiedroleassignmentschedulerequest-cancel.md
- - name: Filter by current user
- href: api/unifiedroleassignmentschedulerequest-filterbycurrentuser.md
- - name: Role assignment schedules
- href: resources/unifiedroleassignmentschedule.md
- items:
- - name: List
- href: api/rbacapplication-list-roleassignmentschedules.md
- - name: Get
- href: api/unifiedroleassignmentschedule-get.md
- - name: Filter by current user
- href: api/unifiedroleassignmentschedule-filterbycurrentuser.md
- - name: Role assignment schedule instances
- href: resources/unifiedroleassignmentscheduleinstance.md
- items:
+ href: api/tenantrelationship-post-delegatedadminrelationships.md
- name: List
- href: api/rbacapplication-list-roleassignmentscheduleinstances.md
+ href: api/tenantrelationship-list-delegatedadminrelationships.md
- name: Get
- href: api/unifiedroleassignmentscheduleinstance-get.md
- - name: Filter by current user
- href: api/unifiedroleassignmentscheduleinstance-filterbycurrentuser.md
- - name: Role eligibility schedule requests
- href: resources/unifiedroleeligibilityschedulerequest.md
+ href: api/delegatedadminrelationship-get.md
+ - name: Update
+ href: api/delegatedadminrelationship-update.md
+ - name: Delete
+ href: api/delegatedadminrelationship-delete.md
+ - name: Delegated admin access assignments
+ href: resources/delegatedadminaccessassignment.md
items:
- - name: List
- href: api/rbacapplication-list-roleeligibilityschedulerequests.md
- name: Create
- href: api/rbacapplication-post-roleeligibilityschedulerequests.md
- - name: Get
- href: api/unifiedroleeligibilityschedulerequest-get.md
- - name: Cancel
- href: api/unifiedroleeligibilityschedulerequest-cancel.md
- - name: Filter by current user
- href: api/unifiedroleeligibilityschedulerequest-filterbycurrentuser.md
- - name: Role eligibility schedules
- href: resources/unifiedroleeligibilityschedule.md
- items:
+ href: api/delegatedadminrelationship-post-accessassignments.md
- name: List
- href: api/rbacapplication-list-roleeligibilityschedules.md
+ href: api/delegatedadminrelationship-list-accessassignments.md
- name: Get
- href: api/unifiedroleeligibilityschedule-get.md
- - name: Filter by current user
- href: api/unifiedroleeligibilityschedule-filterbycurrentuser.md
- - name: Role eligibility schedule instances
- href: resources/unifiedroleeligibilityscheduleinstance.md
+ href: api/delegatedadminaccessassignment-get.md
+ - name: Update
+ href: api/delegatedadminaccessassignment-update.md
+ - name: Delete
+ href: api/delegatedadminaccessassignment-delete.md
+ - name: Delegated admin relationship requests
+ href: resources/delegatedadminrelationshiprequest.md
items:
+ - name: Create
+ href: api/delegatedadminrelationship-post-requests.md
- name: List
- href: api/rbacapplication-list-roleeligibilityscheduleinstances.md
+ href: api/delegatedadminrelationship-list-requests.md
- name: Get
- href: api/unifiedroleeligibilityscheduleinstance-get.md
- - name: Filter by current user
- href: api/unifiedroleeligibilityscheduleinstance-filterbycurrentuser.md
- - name: Role management policies
+ href: api/delegatedadminrelationshiprequest-get.md
+ - name: Delegated admin relationship operations
+ href: resources/delegatedadminrelationshipoperation.md
items:
- - name: Policies and rules
- href: resources/unifiedrolemanagementpolicy.md
- name: List
- href: api/policyroot-list-rolemanagementpolicies.md
+ href: api/delegatedadminrelationship-list-operations.md
- name: Get
- href: api/unifiedrolemanagementpolicy-get.md
- - name: List rules
- href: api/unifiedrolemanagementpolicy-list-rules.md
- - name: Get rule
- href: api/unifiedrolemanagementpolicyrule-get.md
- - name: Update rule
- href: api/unifiedrolemanagementpolicyrule-update.md
- - name: Role management policy assignments
- href: resources/unifiedrolemanagementpolicyassignment.md
+ href: api/delegatedadminrelationshipoperation-get.md
+ - name: Delegated admin customer
+ href: resources/delegatedadmincustomer.md
items: - name: List
- href: api/policyroot-list-rolemanagementpolicyassignments.md
+ href: api/tenantrelationship-list-delegatedadmincustomers.md
- name: Get
- href: api/unifiedrolemanagementpolicyassignment-get.md
- - name: Terms of use
- items:
- - name: Agreement
- href: resources/agreement.md
- - name: List
- href: api/termsofusecontainer-list-agreements.md
- - name: Create
- href: api/termsofusecontainer-post-agreements.md
- - name: Get
- href: api/agreement-get.md
- - name: Update
- href: api/agreement-update.md
- - name: Delete
- href: api/agreement-delete.md
- - name: Agreement acceptances
- href: resources/agreementacceptance.md
- items:
- - name: List acceptances
- href: api/user-list-agreementacceptances.md
- - name: List acceptance status
- href: api/agreement-list-acceptances.md
- - name: Agreement files
- items:
- - name: Default agreement file
- href: resources/agreementfile.md
- - name: Localized agreement files
- href: resources/agreementfilelocalization.md
- - name: Get default file
- href: api/agreementfile-get.md
- - name: Create localized files
- href: api/agreement-post-files.md
- - name: List localized files
- href: api/agreement-list-files.md
+ href: api/delegatedadmincustomer-get.md
+ - name: Service management details
+ href: resources/delegatedadminservicemanagementdetail.md
+ items:
+ - name: List
+ href: api/delegatedadmincustomer-list-servicemanagementdetails.md
- name: Mail displayName: Outlook, Outlook mail items: