Updates from: 05/20/2023 01:26:05
Service Microsoft Docs article Related commit history on GitHub Change details
v1.0 Accesspackage Getapplicablepolicyrequirements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackage-getapplicablepolicyrequirements.md
POST /identityGovernance/entitlementManagement/accessPackages/b15419bb-5ffc-ea11
-- #### Response <!-- {
v1.0 Accesspackageassignmentpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentpolicy-update.md
The following table shows the properties that are required when you update an [a
|Property|Type|Description| |:|:|:|
-|displayName|String|The display name of the policy.|
-|description|String|The description of the policy.|
-|canExtend|Boolean|Indicates whether a user can extend the access package assignment duration after approval.|
-|durationInDays|Int32|The number of days in which assignments from this policy last until they are expired.|
-|expirationDateTime|DateTimeOffset|The expiration date for assignments created in this policy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`|
-|requestorSettings|[requestorSettings](../resources/requestorsettings.md)|Who can request this access package from this policy.|
-|requestApprovalSettings|[approvalSettings](../resources/approvalsettings.md)|Who must approve requests for access package in this policy.|
-|accessReviewSettings|[assignmentReviewSettings](../resources/assignmentreviewsettings.md)|Who must review, and how often, the assignments to the access package from this policy. This property is null if reviews are not required.|
+|displayName|String|The display name of the policy. Required.|
+|description|String|The description of the policy. Required.|
+|canExtend|Boolean|Indicates whether a user can extend the access package assignment duration after approval. Required.|
+|durationInDays|Int32|The number of days in which assignments from this policy last until they are expired. Required.|
+|expirationDateTime|DateTimeOffset|The expiration date for assignments created in this policy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Required.|
+|requestorSettings|[requestorSettings](../resources/requestorsettings.md)|Who can request this access package from this policy. Required.|
+|requestApprovalSettings|[approvalSettings](../resources/approvalsettings.md)|Who must approve requests for access package in this policy. Required.|
+|accessReviewSettings|[assignmentReviewSettings](../resources/assignmentreviewsettings.md)|Who must review, and how often, the assignments to the access package from this policy. This property is null if reviews are not required. Required.|
## Response
v1.0 Accesspackageassignmentrequestworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequestworkflowextension-delete.md
DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-
- ### Response The following is an example of the response <!-- {
v1.0 Accesspackageassignmentworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentworkflowextension-delete.md
DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-
- ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Accesspackagecatalog Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-get.md
GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/ac
[!INCLUDE [sample-code](../includes/snippets/php/get-accesspackagecatalog-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Accesspackagecatalog List Customaccesspackageworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-list-customaccesspackageworkflowextensions.md
GET /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7
- ### Response >**Note:** The response object shown here might be shortened for readability. <!-- {
v1.0 Accesspackagecatalog Post Accesspackagecustomworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-post-accesspackagecustomworkflowextensions.md
POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/a
Content-Type: application/json {
- "value":{
- "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
- "displayName":"test_action_0124_email",
- "description":"this is for graph testing only",
- "endpointConfiguration":{
- "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
- "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
- "resourceGroupName":"test",
- "logicAppWorkflowName":"elm-extension-email"
- },
- "authenticationConfiguration":{
- "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
- },
- "callbackConfiguration":{
- "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
- "durationBeforeTimeout":"PT1H"
- }
- }
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "test",
+ "logicAppWorkflowName": "elm-extension-email"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout": "PT1H"
+ }
} ```
v1.0 Accessreviewscheduledefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewscheduledefinition-delete.md
DELETE https://graph.microsoft.com/beta/identityGovernance/accessReviews/definit
[!INCLUDE [sample-code](../includes/snippets/php/delete-accessreviewscheduledefinition-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Appmanagementpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appManagementPolicy-list-appliesTo.md
List application and service principal objects assigned an [appManagementPolicy]
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | :-- | | Delegated (work or school account) | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
v1.0 Application Delete Tokenissuancepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-delete-tokenissuancepolicies.md
Remove a [tokenIssuancePolicy](../resources/tokenissuancepolicy.md) from an [app
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application Delete Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-delete-tokenlifetimepolicies.md
Remove a [tokenLifetimePolicy](../resources/tokenlifetimepolicy.md) from an [app
One of the following sets of permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application List Tokenissuancepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-list-tokenissuancepolicies.md
List the [tokenIssuancePolicy](../resources/tokenissuancepolicy.md) objects that
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application List Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-list-tokenlifetimepolicies.md
List the [tokenLifetimePolicy](../resources/tokenlifetimepolicy.md) objects that
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-list.md
Get the list of [applications](../resources/application.md) in this organization
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |: |:- | | Delegated (work or school account) | Application.Read.All, Application.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
v1.0 Application Post Calls https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-calls.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | Calls.JoinGroupCalls.Chat*, Calls.JoinGroupCallAsGuest.All, Calls.JoinGroupCall.All, Calls.Initiate.All, Calls.InitiateGroupCall.All |
-> **Notes:** For a call with app-hosted media, you need the Calls.AccessMedia.All or the Calls.AccessMedia.Chat* permission in addition to one of the permissions listed.
->
-> Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+> **Notes:**
+> - For a call with app-hosted media, you need the Calls.AccessMedia.All permission in addition to one of the permissions listed in the previous table.
+> - Cloud Video Interop solutions that are [Certified for Microsoft Teams](/MicrosoftTeams/cloud-video-interop) have permission to call this API to join meetings for which they have meeting join links, similar to external users joining through a browser.
+> - Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
## HTTP request <!-- { "blockType": "ignored" } -->
POST https://bot.contoso.com/callback
Content-Type: application/json ```
+##### Delta roster disabled (default)
+ <!-- { "blockType": "example", "@odata.type": "microsoft.graph.commsNotifications",
Content-Type: application/json
} ```
+##### Delta roster enabled
+
+<!-- {
+ "blockType": "example",
+ "@odata.type": "microsoft.graph.commsNotifications",
+ "truncated": true
+}-->
+```json
+{
+ "@odata.type": "#microsoft.graph.commsNotifications",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.commsNotification",
+ "changeType": "updated",
+ "resource": "/app/calls/421f7700-f4ad-4ea9-a3fc-c1d2195675ad/participants",
+ "resourceUrl": "/communications/calls/421f7700-f4ad-4ea9-a3fc-c1d2195675ad/participants",
+ "resourceData": [
+ {
+ "@odata.type": "#microsoft.graph.deltaParticipants",
+ "participants": [
+ {
+ "@odata.type": "#microsoft.graph.participant",
+ "info": {
+ "@odata.type": "#microsoft.graph.participantInfo",
+ "identity": {
+ "@odata.type": "#microsoft.graph.identitySet",
+ "user": {
+ "@odata.type": "#microsoft.graph.identity",
+ "displayName": "John",
+ "id": "112f7296-5fa4-42ca-bae8-6a692b15d4b8"
+ }
+ },
+ "languageId": "en-US"
+ },
+ "mediaStreams": [
+ {
+ "@odata.type": "#microsoft.graph.mediaStream",
+ "mediaType": "audio",
+ "sourceId": "1",
+ "direction": "sendReceive",
+ "serverMuted": false
+ },
+ {
+ "@odata.type": "#microsoft.graph.mediaStream",
+ "mediaType": "video",
+ "sourceId": "2",
+ "direction": "receiveOnly",
+ "serverMuted": false
+ },
+ {
+ "@odata.type": "#microsoft.graph.mediaStream",
+ "mediaType": "videoBasedScreenSharing",
+ "sourceId": "8",
+ "direction": "receiveOnly",
+ "serverMuted": false
+ }
+ ],
+ "isMuted": true,
+ "isInLobby": false,
+ "id": "0d7664b6-6432-43ed-8d27-d9e7adec188c",
+ "rosterSequenceNumber": 1
+ },
+ {
+ "@odata.type": "#microsoft.graph.participant",
+ "info": {
+ "@odata.type": "#microsoft.graph.participantInfo",
+ "identity": {
+ "@odata.type": "#microsoft.graph.identitySet",
+ "application": {
+ "@odata.type": "#microsoft.graph.identity",
+ "displayName": "Calling Bot",
+ "id": "2891555a-92ff-42e6-80fa-6e1300c6b5c6"
+ }
+ }
+ },
+ "mediaStreams": [
+ {
+ "@odata.type": "#microsoft.graph.mediaStream",
+ "mediaType": "audio",
+ "sourceId": "10",
+ "direction": "sendReceive",
+ "serverMuted": false
+ }
+ ],
+ "isMuted": false,
+ "isInLobby": false,
+ "id": "05491616-385f-44a8-9974-18cc5f9933c1",
+ "rosterSequenceNumber": 1,
+ "removedState": {
+ "reason": "Removed from roster"
+ }
+ }
+ ],
+ "sequenceNumber": 1
+ }
+ ]
+ }
+ ]
+}
+```
+ >**Note:** For join meeting scenarios apart from call state notifications, we receive roster notifications. ### Example 6: Join a scheduled meeting with joinMeetingId and passcode
POST https://bot.contoso.com/callback
Content-Type: application/json ```
+##### Delta roster disabled (default)
<!-- { "blockType": "example", "@odata.type": "microsoft.graph.commsNotifications",
Content-Type: application/json
} ```
-> **Note:** The application will not receive the roster for participants in the meeting until its admitted from lobby
+##### Delta roster enabled
+
+<!-- {
+ "blockType": "example",
+ "@odata.type": "microsoft.graph.commsNotifications",
+ "truncated": true
+}-->
+```json
+{
+ "@odata.type": "#microsoft.graph.commsNotifications",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.commsNotification",
+ "changeType": "updated",
+ "resource": "/app/calls/421f7700-f4ad-4ea9-a3fc-c1d2195675ad/participants",
+ "resourceUrl": "/communications/calls/421f7700-f4ad-4ea9-a3fc-c1d2195675ad/participants",
+ "resourceData": [
+ {
+ "@odata.type": "#microsoft.graph.deltaParticipants",
+ "participants": [
+ {
+ "@odata.type": "#microsoft.graph.participant",
+ "info": {
+ "@odata.type": "#microsoft.graph.participantInfo",
+ "identity": {
+ "@odata.type": "#microsoft.graph.identitySet",
+ "guest": {
+ "@odata.type": "#microsoft.graph.identity",
+ "displayName": "Guest User",
+ "id": "d7a3b999-17ac-4bca-9e77-e6a730d2ec2e"
+ }
+ }
+ },
+ "mediaStreams": [
+ {
+ "@odata.type": "#microsoft.graph.mediaStream",
+ "mediaType": "audio",
+ "sourceId": "10",
+ "direction": "sendReceive",
+ "serverMuted": false
+ }
+ ],
+ "isMuted": false,
+ "isInLobby": true,
+ "id": "05491616-385f-44a8-9974-18cc5f9933c1"
+ }
+ ],
+ "sequenceNumber": 2
+ }
+ ]
+ }
+ ]
+}
+```
+
+> **Note:** The application will not receive the roster for participants in the meeting until its admitted from lobby.
### Example 11: Create peer-to-peer PSTN call with service hosted media
v1.0 Application Post Owners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-owners.md
Use this API to add an owner to an application by posting to the owners collecti
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All, Directory.ReadWrite.All |
v1.0 Application Post Tokenissuancepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-tokenissuancepolicies.md
Assign a [tokenIssuancePolicy](../resources/tokenissuancepolicy.md) to an [appli
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-tokenlifetimepolicies.md
Assign a [tokenLifetimePolicy](../resources/tokenlifetimepolicy.md) to an [appli
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Applicationsignindetailedsummary Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/applicationsignindetailedsummary-get.md
Title: "Get applicationSignInDetailedSummary"
-description: "Retrieve the properties and relationships of an applicationSignInDetailSummary object."
+description: "Retrieve the properties and relationships of an applicationSignInDetailedSummary object."
ms.localizationpriority: medium ms.prod: "identity-and-access-reports"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve the properties and relationships of an [applicationSignInDetailSummary](../resources/applicationsignindetailedsummary.md) object.
+Retrieve the properties and relationships of an [applicationSignInDetailedSummary](../resources/applicationsignindetailedsummary.md) object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Appmanagementpolicy Delete Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-delete-appliesto.md
Remove an [appManagementPolicy](../resources/appManagementPolicy.md) policy obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | :-- | | Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE /applications/{id}/appManagementPolicies/$ref
+DELETE /applications/{applicationObjectId}/appManagementPolicies/{appManagementPolicyId}/$ref
+DELETE /servicePrincipals/{servicePrincipalObjectId}/appManagementPolicies/{appManagementPolicyId}/$ref
``` ## Request headers
DELETE /applications/{id}/appManagementPolicies/$ref
## Request body
-In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+Do not supply a request body for this method.
## Response
The following is an example of the request to remove an appManagementPolicy from
}--> ```http
-DELETE https://graph.microsoft.com/beta/applications/{id}/appManagementPolicies/$ref
-Content-type: application/json
-
-{
- "@odata.id":"https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}"
-}
+DELETE https://graph.microsoft.com/beta/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/appManagementPolicies/15942288-d19b-458c-9be4-20377d0a2435/$ref
``` # [C#](#tab/csharp)
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/remove-appliesto-e1-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
The following is an example of the request to remove an appManagementPolicy from
}--> ``` http
-DELETE https://graph.microsoft.com/beta/servicePrincipals/{id}/appManagementPolicies/$ref
-
-{
- "@odata.id":"https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}"
-}
+DELETE https://graph.microsoft.com/beta/servicePrincipals/f284860e-368c-4a1f-8894-77f0a9676fb3/appManagementPolicies/15942288-d19b-458c-9be4-20377d0a2435/$ref
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java)
DELETE https://graph.microsoft.com/beta/servicePrincipals/{id}/appManagementPoli
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php)+
+# [PowerShell](#tab/powershell)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Appmanagementpolicy Post Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-post-appliesto.md
Assign an [appManagementPolicy](../resources/appManagementPolicy.md) policy obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | :-- | | Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
v1.0 Attachment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/attachment-get.md
GET https://graph.microsoft.com/beta/me/messages/AAMkADA1M-zAAA=/attachments/AAM
- #### Response Here is an example of the response. Note: The response object shown here might be shortened for readability. <!-- {
v1.0 Authenticationcombinationconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationcombinationconfiguration-get.md
GET https://graph.microsoft.com/beta/identity/conditionalAccess/authenticationSt
[!INCLUDE [sample-code](../includes/snippets/php/get-authenticationcombinationconfiguration-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Authenticationcombinationconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationcombinationconfiguration-update.md
Content-length: 130
[!INCLUDE [sample-code](../includes/snippets/php/update-authenticationcombinationconfiguration-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Authenticationconditionapplication Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationconditionapplication-delete.md
+
+ Title: "Delete authenticationConditionApplication (from a user flow)"
+description: "Remove an application from an externalUsersSelfServiceSignupEventsFlow."
+
+ms.localizationpriority: medium
++
+# Delete authenticationConditionApplication (from a user flow)
+Namespace: microsoft.graph
++
+Remove or unlink [an application](../resources/authenticationconditionapplication.md) from an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object. This disables the authentication experience that's defined by the user flow for the application.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/conditions/applications/includeApplications/{appId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+Do not supply a request body for this method.
++
+## Response
+
+If successful, this method returns a `204 No Content` response code. If unsuccessful, a `4xx` error will be returned with specific details.
+
+## Examples
+
+#### Request
+The following is an example of a request. `63856651-13d9-4784-9abf-20758d509e19` representes the **appId** of the application, also known as the client ID, not the object ID.
+<!-- {
+ "blockType": "request",
+ "name": "delete_includeApplications"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/conditions/applications/includeApplications/63856651-13d9-4784-9abf-20758d509e19
+```
++
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Authenticationconditionsapplications List Includeapplications https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationconditionsapplications-list-includeapplications.md
+
+ Title: "List includeApplications (for a user flow)"
+description: "List applications for an externalusersselfservicesignupeventsflow."
+
+ms.localizationpriority: medium
++
+# List includeApplications (for a user flow)
+Namespace: microsoft.graph
++
+List the applications linked to an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object. These are the applications for which the authentication experience that's defined by the user flow is enabled.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/conditions/applications/includeApplications/
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` and a collection of [identityUserFlowAttribute](../resources/identityuserflowattribute.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request to retrieve the list of applications associated with a user flow.
+<!-- {
+ "blockType": "request",
+ "name": "get_includeApplications"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/conditions/applications/includeApplications/
+```
+
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationConditionApplication"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('0313cc37-d421-421d-857b-87804d61e33e')/conditions/applications/includeApplications",
+ "value": [
+ {
+ "appId": "63856651-13d9-4784-9abf-20758d509e19"
+ }
+ ]
+}
+```
v1.0 Authenticationconditionsapplications Post Includeapplications https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationconditionsapplications-post-includeapplications.md
+
+ Title: "Add includeApplication (to a user flow)"
+description: "Add application to an externalusersselfservicesignupeventsflow."
+
+ms.localizationpriority: medium
++
+# Add includeApplication (to a user flow)
+Namespace: microsoft.graph
++
+Add or link an application to an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object. This enables the authentication experience that's defined by the user flow to be enabled for the application. An application can only be linked to one user flow.
++
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/conditions/applications/includeApplications
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, provide a JSON representation of the **appId** of the application to associate with the user flow.
+
+## Response
+
+If successful, this method returns a `201 Created` response code and a new [authenticationConditionApplication](../resources/authenticationconditionapplication.md) object in the response body. If unsuccessful, a `4xx` error will be returned with specific details.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "post_includeapplications"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/conditions/applications/includeApplications
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.authenticationConditionApplication",
+ "appId": "63856651-13d9-4784-9abf-20758d509e19"
+}
+
+```
++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "@odata.type": "microsoft.graph.authenticationConditionApplication",
+ "truncated": true,
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('0313cc37-d421-421d-857b-87804d61e33e')/conditions/applications/includeApplications/$entity",
+ "appId": "63856651-13d9-4784-9abf-20758d509e19"
+}
+```
v1.0 Authenticationeventlistener Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationeventlistener-delete.md
+
+ Title: "Delete authenticationEventListener"
+description: "Deletes an authenticationEventListener object."
+
+ms.localizationpriority: medium
++
+# Delete authenticationEventListener
+Namespace: microsoft.graph
++
+Deletes an [authenticationEventListener](../resources/authenticationeventlistener.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identity/authenticationEventListeners/{authenticationEventListenerId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_authenticationeventlistener"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/identity/authenticationEventListeners/c7a1f2c5-3d36-4b3f-b75c-143af30a5246
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Authenticationeventlistener Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationeventlistener-get.md
+
+ Title: "Get authenticationEventListener"
+description: "Read the properties and relationships of an authenticationEventListener object."
+
+ms.localizationpriority: medium
++
+# Get authenticationEventListener
+Namespace: microsoft.graph
++
+Read the properties and relationships of an [authenticationEventListener](../resources/authenticationeventlistener.md) object. The **@odata.type** property in the response object indicates the type of the authenticationEventListener object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.Read.All, EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported|
+|Application|EventListener.Read.All, EventListener.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/authenticationEventListeners/{authenticationEventListenerId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [authenticationEventListener](../resources/authenticationeventlistener.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_authenticationeventlistener"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/customAuthenticationExtensions/6fc5012e-7665-43d6-9708-4370863f4e6e
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationEventListener"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/customAuthenticationExtensions/$entity",
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "id": "6fc5012e-7665-43d6-9708-4370863f4e6e",
+ "displayName": "onTokenIssuanceStartCustomExtension",
+ "description": "Fetch additional claims from custom user store",
+ "clientConfiguration": null,
+ "behaviorOnError": null,
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://authenticationeventsAPI.contoso.com/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ },
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://authenticationeventsAPI.contoso.com"
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "claimIdInApiResponse": "DateOfBirth"
+ },
+ {
+ "claimIdInApiResponse": "CustomRoles"
+ }
+ ]
+}
+```
+
v1.0 Authenticationeventlistener Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationeventlistener-update.md
+
+ Title: "Update authenticationEventListener"
+description: "Update the properties of an authenticationEventListener object."
+
+ms.localizationpriority: medium
++
+# Update authenticationEventListener
+Namespace: microsoft.graph
++
+Update the properties of an [authenticationEventListener](../resources/authenticationeventlistener.md) object. You must specify the **@odata.type** property and the value of the [authenticationEventListener](../resources/authenticationeventlistener.md) object type to update.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /identity/authenticationEventListeners/{authenticationEventListenerId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+You must specify the **@odata.type** property and the value of the [authenticationEventListener](../resources/authenticationeventlistener.md) object type to update. For example, `"@odata.type": "#microsoft.graph.onTokenIssuanceStartListener"`.
+
+|Property|Type|Description|
+|:|:|:|
+|authenticationEventsFlowId|String|The identifier of the authentication events flow. Optional.|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|The conditions on which this authenticationEventListener should trigger. Optional.|
+|handler|[onAttributeCollectionHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be updated for the **onAttributeCollectionListener** listener type.|
+|handler|[onAuthenticationMethodLoadStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be updated for the **onAuthenticationMethodLoadStartListener** listener type.|
+|handler|[onInteractiveAuthFlowStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be updated for the **onInteractiveAuthFlowStartListener** listener type.|
+|handler|[onTokenIssuanceStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be updated for the **onTokenIssuanceStartListener** listener type.|
+|handler|[onUserCreateStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be updated for the **onUserCreateStartListener** listener type.|
+|priority|Int32|The priority of this handler. Between 0 (lower priority) and 1000 (higher priority). Required.|
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request to update an authentication event listener's trigger conditions or priority:
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_authenticationeventlistener"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/identity/authenticationEventListeners/990d94e5-cc8f-4c4b-97b4-27e2678aac28
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartListener",
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false
+ }
+ },
+ "priority": 500
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Authenticationeventsflow Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationeventsflow-delete.md
+
+ Title: "Delete authenticationEventsFlow"
+description: "Delete an authenticationEventsFlow object."
+
+ms.localizationpriority: medium
++
+# Delete authenticationEventsFlow
+Namespace: microsoft.graph
++
+Delete a specific [authenticationEventsFlow](../resources/authenticationeventsflow.md) resource by ID. Only [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object types are available.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "delete_authenticationeventsflow"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e
+```
++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Authenticationeventsflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationeventsflow-get.md
+
+ Title: "Get authenticationEventsFlow"
+description: "Read the properties and relationships of an authenticationEventsFlow object."
+
+ms.localizationpriority: medium
++
+# Get authenticationEventsFlow
+Namespace: microsoft.graph
++
+Retrieve the properties and relationships of a specific [authenticationEventsFlow](../resources/authenticationeventsflow.md) object by ID. Only [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object types are available.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.Read.All, EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.Read.All, EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/authenticationEventsFlows/{authenticationEventsFlow-id}
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [authenticationEventsFlow](../resources/authenticationeventsflow.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request to retrieve a specific External Identities user flow.
+<!-- {
+ "blockType": "request",
+ "name": "get_authenticationeventsflow"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e
+```
++
+### Response
+The following is an example of the response. In this example, the user flow retrieved is named "Woodgrove Drive Users Flow" and is set up to:
+
+- Allow users to create a local email with password account, or sign up with their Google or Facebook identity
+- Collect **Display Name** and **Favorite Color**
+- Create a "Member" user type.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationEventsFlow"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "0313cc37-d421-421d-857b-87804d61e33e",
+ "displayName": "Woodgrove Drive User Flow",
+ "description": "For onboarding consumers to the Woodgrove Drive application",
+ "priority": 50,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('0313cc37-d421-421d-857b-87804d61e33e')/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications",
+ "includeApplications": []
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Google-OAUTH",
+ "displayName": "Google",
+ "identityProviderType": "Google",
+ "clientId": "137004260525-q8j2cp9hqceqa6hpvaa346e04g92tn8m.apps.googleusercontent.com",
+ "clientSecret": "******"
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Facebook-OAUTH",
+ "displayName": "Facebook",
+ "identityProviderType": "Facebook",
+ "clientId": "236028191057849",
+ "clientSecret": "******"
+ }
+ ]
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "accessPackages": [],
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "label": "Favorite color",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ }
+ ]
+ }
+ ]
+ },
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "displayName": "Favorite color",
+ "description": "what is your favorite color",
+ "userFlowAttributeType": "custom",
+ "dataType": "string"
+ }
+ ]
+ },
+ "onUserCreateStart": {
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "member",
+ "accessPackages": []
+ }
+ }
+}
+```
+
v1.0 Authenticationeventsflow Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationeventsflow-update.md
+
+ Title: "Update authenticationEventsFlow"
+description: "Update the properties of an authenticationEventsFlow object."
+
+ms.localizationpriority: medium
++
+# Update authenticationEventsFlow
+Namespace: microsoft.graph
++
+Update the properties of an [authenticationEventsFlow](../resources/authenticationeventsflow.md) object. Only the [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object type is supported.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /identity/authenticationEventsFlows/{authenticationEventsFlow-id}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+You must include the **@odata.type** property with a value of the specific user flow type in the body. For example, `"@odata.type": "#microsoft.graph.externalUsersSelfServiceSignupEventsFlow"`.
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|The unique identifier for the entity. Read-only. |
+|displayName|String|The display name for the events policy. |
+|description|String|The description of the events policy.|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|The conditions representing the context of the authentication request which is used to decide whether the events policy is invoked. |
+|priority|Int32|The priority to use for each individual event of the events policy. If multiple competing listeners for an event have the same priority, one is chosen and an error is silently logged. |
+|onInteractiveAuthFlowStart|[onInteractiveAuthFlowStartHandler](../resources/oninteractiveauthflowstarthandler.md)|The configuration for what to invoke for the onInteractiveAuthFlowStart event. |
+|onAuthenticationMethodLoadStart|[onAuthenticationMethodLoadStartHandler](../resources/onauthenticationmethodloadstarthandler.md)|The configuration for what to invoke for the onAuthenticationMethodLoadStart event. Must have at least one identity provider linked.|
+|onAttributeCollection|[onAttributeCollectionHandler](../resources/onattributecollectionhandler.md)|The configuration for what to invoke for the onAttributeCollection event.|
+|onUserCreateStart|[onUserCreateStartHandler](../resources/onusercreatestarthandler.md)|The configuration for what to invoke for the onUserCreateStart event.|
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. If unsuccessful, a `4xx` error will be returned with specific details.
+
+## Examples
+
+### Example 1: Update the display name and priority of an authenticationEventsFlow
+
+#### Request
+The following is an example of a request that updates the display name of a specific external identities user flow ( an authentication event type), as well as the priority for all the listeners associated with the policy.
+
+<!-- {
+ "blockType": "request",
+ "name": "update_authenticationeventsflow"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "displayName": "New user flow description",
+ "priority": 200
+}
+```
++
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Update the onAttributeCollection event of a self-service sign up user flow
+
+Add city (built-in attribute) as an attribute to be collected during the attribute collection step of a self-service sign up user flow. You must specify in the **inputs** object all attributes that you want to retain, otherwise they are removed from the user flow.
+
+#### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "update_authenticationeventsflow_onattributecollection"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "city",
+ "label": "City",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "label": "Favorite color",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
+
+#### Response
+
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
+### Example 3: Remove an attribute collected during a self-service sign up user flow
+
+Remove city as an attribute to be collected during the attribute collection step of a self-service sign up user flow. By excluding the city attribute from the request body, the attribute will be removed from the user flow.
+
+#### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "update_authenticationeventsflow_onattributecollection"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "label": "Favorite color",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
+
+#### Response
+
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Authenticationmethodmodedetail Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodmodedetail-get.md
GET https://graph.microsoft.com/beta/identity/conditionalAccess/authenticationSt
[!INCLUDE [sample-code](../includes/snippets/php/get-authenticationmethodmodedetail-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Authenticationmethodsroot List Userregistrationdetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodsroot-list-userregistrationdetails.md
Get a list of the authentication methods registered for the user as defined in t
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|UserAuthenticationMethod.Read.All and AuditLog.Read.All|
v1.0 Authenticationmethodsroot Usersregisteredbyfeature https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodsroot-usersregisteredbyfeature.md
If successful, this function returns a `200 OK` response code and a [userRegistr
GET https://graph.microsoft.com/beta/reports/authenticationMethods/usersRegisteredByFeature(includedUserTypes='all',includedUserRoles='all') ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
- # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/reports/authenticationMethods/usersRegister
[!INCLUDE [sample-code](../includes/snippets/javascript/authenticationmethodsroot-usersregisteredbyfeature-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PHP](#tab/php)
- ### Response
v1.0 Authenticationmethodsroot Usersregisteredbymethod https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodsroot-usersregisteredbymethod.md
If successful, this function returns a `200 OK` response code and a [userRegistr
GET https://graph.microsoft.com/beta/reports/authenticationMethods/usersRegisteredByMethod(includedUserTypes='all',includedUserRoles='all') ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
- # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/reports/authenticationMethods/usersRegister
[!INCLUDE [sample-code](../includes/snippets/javascript/authenticationmethodsroot-usersregisteredbymethod-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PHP](#tab/php)
- ### Response
v1.0 Authenticationstrengthpolicy Delete Combinationconfigurations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationstrengthpolicy-delete-combinationconfigurations.md
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/identity/conditionalAccess/authenticationStrength/policies/0e371351-6419-4c8a-8047-61eef0212ffb/combinationConfigurations/6cbbcfd0-5054-4a59-a10e-2d21fe09305d/$ref ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
- # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
DELETE https://graph.microsoft.com/beta/identity/conditionalAccess/authenticatio
[!INCLUDE [sample-code](../includes/snippets/javascript/delete-authenticationcombinationconfiguration-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Authenticationstrengthpolicy List Combinationconfigurations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationstrengthpolicy-list-combinationconfigurations.md
GET https://graph.microsoft.com/beta/identity/conditionalAccess/authenticationSt
[!INCLUDE [sample-code](../includes/snippets/php/list-authenticationcombinationconfiguration-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Authenticationstrengthpolicy Post Combinationconfigurations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationstrengthpolicy-post-combinationconfigurations.md
Content-length: 130
[!INCLUDE [sample-code](../includes/snippets/php/create-authenticationcombinationconfiguration-from--php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Authenticationstrengthroot List Authenticationmethodmodes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationstrengthroot-list-authenticationmethodmodes.md
GET https://graph.microsoft.com/beta/identity/conditionalAccess/authenticationSt
[!INCLUDE [sample-code](../includes/snippets/php/list-authenticationmethodmodedetail-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- #### Response
GET https://graph.microsoft.com/beta/identity/conditionalAccess/authenticationSt
[!INCLUDE [snippet-not-available](../includes/snippets/snippet-not-available.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- #### Response
v1.0 Authenticationstrengthroot List Policies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationstrengthroot-list-policies.md
Content-Type: application/json
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_authenticationstrengthpolicy_filter_allowedCombinations"
The following is an example of a request.
GET https://graph.microsoft.com/beta/policies/authenticationStrengthPolicies?$filter=allowedCombinations/any(x:x has 'sms, password') ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ #### Response The following is an example of the response
Content-Type: application/json
} ] }
-```
+```
v1.0 Authorizationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authorizationpolicy-update.md
In the request body, supply the values for relevant fields that should be update
| Property | Type | Description | |:-|:|:|
-|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
-|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowEmailVerifiedUsersToJoinOrganization|Boolean| Indicates whether a user can join the tenant by email validation. |
-|allowUserConsentForRiskyApps|Boolean| Indicates whether [user consent for risky apps](/azure/active-directory/manage-apps/configure-risk-based-step-up-consent) is allowed. It is recommended to keep this as `false`. |
-|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell, set this property to `true`. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
+|allowUserConsentForRiskyApps|Boolean| Indicates whether [user consent for risky apps](/azure/active-directory/manage-apps/configure-risk-based-step-up-consent) is allowed. Default value is `false`. We recommend that you keep the value set to `false`.|
+|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email-based subscriptions. |
+|allowedToUseSSPR|Boolean| Indicates whether users can use the Self-Serve Password Reset feature on the tenant. |
+|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell, set this property to `true`. This also disables user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure Active Directory Connect or Microsoft Graph. |
|defaultUserRolePermissions|[defaultUserRolePermissions](../resources/defaultUserRolePermissions.md)| Specifies certain customizable permissions for default user role. | |description|String| Description of this policy. | |displayName|String| Display name for this policy. |
-|enabledPreviewFeatures|Collection(string)| List of features enabled for private preview on the tenant. |
+|enabledPreviewFeatures|String collection| List of features enabled for private preview on the tenant. |
|guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Refer to [List unifiedRoleDefinitions](./rbacapplication-list-roledefinitions.md) to find the list of available role templates. Only supported roles today are User (`a0b1b346-4d3e-4e8b-98f8-753987be4970`), Guest User (`10dae51f-b6af-4016-8d66-8c2a99b929b3`), and Restricted Guest User (`2af84b1e-32c8-42b7-82bc-daa82404023b`). | |permissionGrantPolicyIdsAssignedToDefaultUserRole | String collection | Indicates whether user consent to apps is allowed, and if it is, which [app consent policy](/azure/active-directory/manage-apps/manage-app-consent-policies) governs the permission for users to grant consent. Values should be in the format `managePermissionGrantsForSelf.{id}`, where `{id}` is the **id** of a built-in or custom [app consent policy](/azure/active-directory/manage-apps/manage-app-consent-policies). An empty list indicates user consent to apps is disabled. |
v1.0 B2cidentityuserflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/b2cidentityuserflow-get.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [b2cIdentityUserFlow](../resources/b2cidentityuserflow.md) in the response body.
+If successful, this method returns a `200 OK` response code and a [b2cIdentityUserFlow](../resources/b2cidentityuserflow.md) object in the response body.
## Example
v1.0 B2cidentityuserflow List Identityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/b2cidentityuserflow-list-identityproviders.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityProviders](../resources/identityprovider.md) in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [identityProvider](../resources/identityprovider.md) objects in the response body.
## Example
v1.0 B2cidentityuserflow List Userflowidentityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/b2cidentityuserflow-list-userflowidentityproviders.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityProviders](../resources/identityproviderbase.md) in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [identityProviderBase](../resources/identityproviderbase.md) objects in the response body.
## Example
v1.0 B2xidentityuserflow Delete Userflowidentityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/b2xidentityuserflow-delete-userflowidentityproviders.md
The work or school account needs to belong to one of the following roles:
<!-- { "blockType": "ignored" } --> ```http
-DELETE/identity/b2xUserFlows/{userflow-id}/userflowIdentityProviders/{id}/$ref
+DELETE /identity/b2xUserFlows/{userflow-id}/userflowIdentityProviders/{id}/$ref
``` ## Request headers
v1.0 B2xidentityuserflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/b2xidentityuserflow-get.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [b2xIdentityUserFlow](../resources/b2xidentityuserflow.md) in the response body.
+If successful, this method returns a `200 OK` response code and a [b2xIdentityUserFlow](../resources/b2xidentityuserflow.md) object in the response body.
## Example
v1.0 B2xidentityuserflow List Identityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/b2xidentityuserflow-list-identityproviders.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityProviders](../resources/identityprovider.md) in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [identityProvider](../resources/identityprovider.md) objects in the response body.
## Example
v1.0 B2xidentityuserflow List Userflowidentityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/b2xidentityuserflow-list-userflowidentityproviders.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityProviders](../resources/identityproviderbase.md) in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [identityProviderBase](../resources/identityproviderbase.md) objects in the response body.
## Example
v1.0 Basetask Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/basetask-delete.md
DELETE /me/tasks/lists/AAMkAGVjMzJmMWZjLTgyYjgtNGIyNi1hOGQ0LWRjMjNmMGRmOWNiYQAu/
- ### Response **Note:** The response object shown here might be shortened for readability. <!-- {
v1.0 Call Subscribetotone https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/call-subscribetotone.md
Content-Length: 46
[!INCLUDE [sample-code](../includes/snippets/php/call-subscribetotone-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ##### Response
v1.0 Callrecords Callrecord Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/callrecords-callrecord-get.md
Content-type: application/json
"startDateTime": "2020-02-25T18:52:21.2169889Z", "endDateTime": "2020-02-25T18:52:46.7640013Z", "id": "e523d2ed-2966-4b6b-925b-754a88034cc5",
+ "isTest": false,
"caller": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_2",
+ "cpuName": "Intel(R) Xeon(R) Platinum 8272CL CPU @ 2.60GHz",
+ "cpuCoresCount": 2,
+ "cpuProcessorSpeedInMhz": 2594,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "RTCC/7.0.0.0 UCWA/7.0.0.0 AndroidLync/6.25.0.27 (SM-G930U Android 8.0.0)",
Content-type: application/json
}, "callee": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_4",
+ "cpuName": "Intel(R) Xeon(R) CPU E5-2673 v4 @ 2.30GHz",
+ "cpuCoresCount": 8,
+ "cpuProcessorSpeedInMhz": 2295,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "UCCAPI/16.0.12527.20122 OC/16.0.12527.20194 (Skype for Business)",
Content-type: application/json
"id": "e523d2ed-2966-4b6b-925b-754a88034cc5", "caller": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_4",
+ "cpuName": "Intel(R) Xeon(R) CPU E5-2673 v4 @ 2.30GHz",
+ "cpuCoresCount": 8,
+ "cpuProcessorSpeedInMhz": 2295,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "RTCC/7.0.0.0 UCWA/7.0.0.0 AndroidLync/6.25.0.27 (SM-G930U Android 8.0.0)",
Content-type: application/json
}, "callee": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_4",
+ "cpuName": "Intel(R) Xeon(R) CPU E5-2673 v4 @ 2.30GHz",
+ "cpuCoresCount": 8,
+ "cpuProcessorSpeedInMhz": 2295,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "UCCAPI/16.0.12527.20122 OC/16.0.12527.20194 (Skype for Business)",
Content-type: application/json
"averageBandwidthEstimate": 9965083, "wasMediaBypassed": false, "averageAudioNetworkJitter": "PT0.043S",
- "maxAudioNetworkJitter": "PT0.046S"
+ "maxAudioNetworkJitter": "PT0.046S",
+ "rmsFreezeDuration": null,
+ "averageFreezeDuration": null,
+ "isAudioForwardErrorCorrectionUsed": false
}, { "streamId": "1785122252",
Content-type: application/json
"averageBandwidthEstimate": 15644878, "wasMediaBypassed": false, "averageAudioNetworkJitter": "PT0.266S",
- "maxAudioNetworkJitter": "PT0.474S"
+ "maxAudioNetworkJitter": "PT0.474S",
+ "rmsFreezeDuration": null,
+ "averageFreezeDuration": null,
+ "isAudioForwardErrorCorrectionUsed": null
} ] }
v1.0 Callrecords Session List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/callrecords-session-list.md
Content-type: application/json
], "startDateTime": "2020-02-25T18:52:21.2169889Z", "endDateTime": "2020-02-25T18:52:46.7640013Z",
+ "isTest": false,
"caller": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_1",
+ "cpuName": "AMD EPYC 7452 32-Core Processor",
+ "cpuCoresCount": 8,
+ "cpuProcessorSpeedInMhz": 2346,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "RTCC/7.0.0.0 UCWA/7.0.0.0 AndroidLync/6.25.0.27 (SM-G930U Android 8.0.0)",
Content-type: application/json
}, "callee": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_2",
+ "cpuName": "Intel(R) Xeon(R) Platinum 8272CL CPU @ 2.60GHz",
+ "cpuCoresCount": 2,
+ "cpuProcessorSpeedInMhz": 2594,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "UCCAPI/16.0.12527.20122 OC/16.0.12527.20194 (Skype for Business)",
Content-type: application/json
], "startDateTime": "2020-02-25T18:52:21.2169889Z", "endDateTime": "2020-02-25T18:52:46.7640013Z",
+ "isTest": false,
"caller": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_1",
+ "cpuName": "AMD EPYC 7452 32-Core Processor",
+ "cpuCoresCount": 8,
+ "cpuProcessorSpeedInMhz": 2346,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "RTCC/7.0.0.0 UCWA/7.0.0.0 AndroidLync/6.25.0.27 (SM-G930U Android 8.0.0)",
Content-type: application/json
}, "callee": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_2",
+ "cpuName": "Intel(R) Xeon(R) Platinum 8272CL CPU @ 2.60GHz",
+ "cpuCoresCount": 2,
+ "cpuProcessorSpeedInMhz": 2594,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "UCCAPI/16.0.12527.20122 OC/16.0.12527.20194 (Skype for Business)",
Content-type: application/json
"id": "e523d2ed-2966-4b6b-925b-754a88034cc5", "caller": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_1",
+ "cpuName": "AMD EPYC 7452 32-Core Processor",
+ "cpuCoresCount": 8,
+ "cpuProcessorSpeedInMhz": 2346,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "RTCC/7.0.0.0 UCWA/7.0.0.0 AndroidLync/6.25.0.27 (SM-G930U Android 8.0.0)",
Content-type: application/json
}, "callee": { "@odata.type": "#microsoft.graph.callRecords.participantEndpoint",
+ "name": "machineName_2",
+ "cpuName": "Intel(R) Xeon(R) Platinum 8272CL CPU @ 2.60GHz",
+ "cpuCoresCount": 2,
"userAgent": { "@odata.type": "#microsoft.graph.callRecords.clientUserAgent", "headerValue": "UCCAPI/16.0.12527.20122 OC/16.0.12527.20194 (Skype for Business)",
Content-type: application/json
"averageBandwidthEstimate": 9965083, "wasMediaBypassed": false, "averageAudioNetworkJitter": "PT0.043S",
- "maxAudioNetworkJitter": "PT0.046S"
+ "maxAudioNetworkJitter": "PT0.046S",
+ "rmsFreezeDuration": null,
+ "averageFreezeDuration": null,
+ "isAudioForwardErrorCorrectionUsed": true
}, { "streamId": "1785122252",
Content-type: application/json
"averageBandwidthEstimate": 15644878, "wasMediaBypassed": false, "averageAudioNetworkJitter": "PT0.266S",
- "maxAudioNetworkJitter": "PT0.474S"
+ "maxAudioNetworkJitter": "PT0.474S",
+ "rmsFreezeDuration": null,
+ "averageFreezeDuration": null,
+ "isAudioForwardErrorCorrectionUsed": false
} ] }
v1.0 Channel Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/channel-post-members.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Chat Post Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-post-installedapps.md
Install a [teamsApp](../resources/teamsapp.md) to the specified [chat](../resour
> **Notes**: > - If the chat is associated with an [onlineMeeting](../resources/onlinemeeting.md) instance, then, effectively, the **teamsApp** will get installed to the meeting.
-> - Currently, installing an app that requires resource-specific consent permissions is not supported in application context.
## Permissions
v1.0 Chat Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-post-members.md
content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Chat Teamsappinstallation Upgrade https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-teamsappinstallation-upgrade.md
Upgrade an [app installation](../resources/teamsappinstallation.md) within a [ch
> **Notes**: > - If the chat is associated with an [onlineMeeting](../resources/onlinemeeting.md) instance, then effectively, the **teamsApp** installed in the meeting will get upgraded.
-> - Currently, upgrading an app that requires resource-specific consent permissions is not supported in application context.
## Permissions
v1.0 Chatmessage Setreaction https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-setreaction.md
To set a reaction to a **chatMessage** in a **chat**:
} --> ``` http
-POST /users/{userId}/chats/{chatsId}/messages/{chatMessageId}/setReaction
+POST /chats/{chatId}/messages/{chatMessageId}/setReaction
``` ## Request headers
v1.0 Chatmessage Unsetreaction https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-unsetreaction.md
To unset a reaction to a **chatMessage** in a **chat**:
} --> ``` http
-POST /users/{userId}/chats/{chatId}/messages/{chatMessageId}/unsetReaction
+POST /chats/{chatId}/messages/{chatMessageId}/unsetReaction
``` ## Request headers
v1.0 Claimsmappingpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/claimsmappingpolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/beta/policies/claimsMappingPolicies/{id}/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/policies/claimsMappingPolicies/{id}/applies
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-1-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Cloudpc Getsupportedcloudpcremoteactions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpc-getsupportedcloudpcremoteactions.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | CloudPC.Read.All |
+| Delegated (work or school account) | CloudPC.Read.All, CloudPC.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
-| Application | CloudPC.ReadWrite.All |
+| Application | CloudPC.Read.All, CloudPC.ReadWrite.All |
## HTTP request
v1.0 Cloudpcexportjob Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcexportjob-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|CloudPC.ReadWrite.All|
+|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
|Delegated (personal Microsoft account)|Not supported.|
-|Application|CloudPC.ReadWrite.All|
+|Application|CloudPC.Read.All, CloudPC.ReadWrite.All|
## HTTP request
v1.0 Cloudpcgalleryimage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcgalleryimage-get.md
GET https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/galleryIma
[!INCLUDE [sample-code](../includes/snippets/php/get-cloudpcgalleryimage-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Cloudpcorganizationsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcorganizationsettings-update.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
+|Delegated (work or school account)|CloudPC.ReadWrite.All|
|Delegated (personal Microsoft account)|Not supported.|
-|Application|CloudPC.Read.All, CloudPC.ReadWrite.All|
+|Application|CloudPC.ReadWrite.All|
## HTTP request
v1.0 Cloudpcprovisioningpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcprovisioningpolicy-get.md
Content-Type: application/json
"domainJoinType": "hybridAzureADJoin", "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff" },
+ "domainJoinConfigurations": [
+ {
+ "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff",
+ "type": "hybridAzureADJoin"
+ },
+ {
+ "onPremisesConnectionId": "26e16c71-f210-438b-88ac-d481ccafffff",
+ "type": "hybridAzureADJoin"
+ }
+ ],
"enableSingleSignOn": true, "id": "1d164206-bf41-4fd2-8424-a3192d39ffff", "imageDisplayName": "Image Display Name value",
Content-Type: application/json
"regionName": null, "type": "hybridAzureADJoin" },
+ "domainJoinConfigurations": [
+ {
+ "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff",
+ "type": "hybridAzureADJoin"
+ },
+ {
+ "onPremisesConnectionId": "26e16c71-f210-438b-88ac-d481ccafffff",
+ "type": "hybridAzureADJoin"
+ }
+ ],
"enableSingleSignOn": true, "id": "1d164206-bf41-4fd2-8424-a3192d39ffff", "imageDisplayName": "Image Display Name value",
Content-Type: application/json
"regionName": null, "type": "hybridAzureADJoin" },
+ "domainJoinConfigurations": [
+ {
+ "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff",
+ "type": "hybridAzureADJoin"
+ },
+ {
+ "onPremisesConnectionId": "26e16c71-f210-438b-88ac-d481ccafffff",
+ "type": "hybridAzureADJoin"
+ }
+ ],
"enableSingleSignOn": true, "gracePeriodInHours": 2, "id": "1d164206-bf41-4fd2-8424-a3192d39ffff",
v1.0 Cloudpcreports Post Exportjobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcreports-post-exportjobs.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|CloudPC.ReadWrite.All|
+|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
|Delegated (personal Microsoft account)|Not supported.|
-|Application|CloudPC.ReadWrite.All|
+|Application|CloudPC.Read.All, CloudPC.ReadWrite.All|
## HTTP request
v1.0 Cloudpcusersetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcusersetting-update.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-PATCH /deviceManagement/virtualEndpoint/provisioningPolicies/{id}
+PATCH /deviceManagement/virtualEndpoint/userSettings/{id}
``` ## Request headers
v1.0 Conditionalaccesspolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/conditionalaccesspolicy-delete.md
Delete a [conditionalAccessPolicy](../resources/conditionalaccesspolicy.md) obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Conditionalaccesspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/conditionalaccesspolicy-update.md
Update the properties of a [conditionalAccessPolicy](../resources/conditionalacc
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ConditionalAccess and Application.Read.All |
v1.0 Conditionalaccessroot Post Namedlocations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/conditionalaccessroot-post-namedlocations.md
Create a new [namedLocation](../resources/namedlocation.md) object. Named locati
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Conditionalaccessroot Post Policies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/conditionalaccessroot-post-policies.md
Create a new [conditionalAccessPolicy](../resources/conditionalaccesspolicy.md).
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ConditionalAccess and Application.Read.All |
v1.0 Continuousaccessevaluationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/continuousaccessevaluationpolicy-update.md
Update the properties of a [continuousAccessEvaluationPolicy](../resources/conti
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ConditionalAccess and Application.Read.All |
v1.0 Countrynamedlocation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/countrynamedlocation-delete.md
Delete a [countryNamedLocation](../resources/countryNamedLocation.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Countrynamedlocation Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/countrynamedlocation-update.md
Update the properties of a [countryNamedLocation](../resources/countryNamedLocat
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Crosstenantaccesspolicy List Partners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicy-list-partners.md
Title: "List partners"
-description: "Get a list of all partner configurations within a cross-tenant access policy. You can also use the $expand parameter to list the user synchronization policy for all partner configurations."
+description: "Get a list of all partner configurations within a cross-tenant access policy."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess| ## HTTP request
GET /policies/crossTenantAccessPolicy/partners
``` ## Optional query parameters+ This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters). ## Request headers
If successful, this method returns a `200 OK` response code and a collection of
### Example 1: List all partner configurations within a cross-tenant access policy
+The following example shows how to list all partner configurations within a cross-tenant access policy.
+ #### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners
#### Response
+The following is an example of the response.
+ >**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
Content-Type: application/json
{ "tenantId": "123f4846-ba00-4fd7-ba43-dac1f8f63013", "inboundTrust": null,
- "automaticUserConsentSettings":
- {
+ "automaticUserConsentSettings": {
"inboundAllowed": null, "outboundAllowed": null }, "b2bCollaborationInbound": null, "b2bCollaborationOutbound": null, "b2bDirectConnectOutbound": null,
- "b2bDirectConnectInbound":
- {
- "usersAndGroups":
- {
+ "b2bDirectConnectInbound": {
+ "usersAndGroups": {
"accessType": "allowed", "targets": [ {
Content-Type: application/json
} ] },
- "applications":
- {
+ "applications": {
"accessType": "allowed", "targets": [ {
Content-Type: application/json
### Example 2: List the user synchronization policy for all partner configurations
+The following example uses the `$expand` parameter to list the user synchronization policy for all partner configurations.
+ #### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners?$
#### Response
+The following is an example of the response.
+ >**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
HTTP/1.1 200 OK
Content-Type: application/json {
- "value":
- [
+ "value": [
{ "tenantId": "9c5d131d-b1c3-4fc4-9e3f-c6557947d551",
- "identitySynchronization":
- {
+ "identitySynchronization": {
"tenantId": "9c5d131d-b1c3-4fc4-9e3f-c6557947d551", "displayName": "Fabrikam",
- "userSyncInbound":
- {
+ "userSyncInbound": {
"isSyncAllowed": true } }
v1.0 Crosstenantaccesspolicy Post Partners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicy-post-partners.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.ReadWrite.CrossTenantAccess| ## HTTP request
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the partner-specific configuration for automatic user consent settings. Unless specifically configured, the `inboundAllowed` and `outboundAllowed` properties will be **null** and inherit from the default settings, which is always `false`. |
+| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the partner-specific configuration for automatic user consent settings. Unless specifically configured, the **inboundAllowed** and **outboundAllowed** properties are `null` and inherit from the default settings, which is always `false`. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure B2B direct connect. | | b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B direct connect. | | inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the partner-specific configuration for trusting other Conditional Access claims from external Azure AD organizations. |
-| isServiceProvider | Boolean | Identifies whether the partner-specific configuration is a Cloud Service Provider for your organization. |
+| isServiceProvider | Boolean | Identifies whether the partner-specific configuration is a cloud service provider for your organization. |
| tenantId | String | The tenant identifier for the partner Azure AD organization. Read-only. Key.| ## Response
v1.0 Crosstenantaccesspolicyconfigurationpartner Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationpartner-delete.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.ReadWrite.CrossTenantAccess| ## HTTP request
If successful, this method returns a `204 No Content` response code.
## Examples
-If a configuration includes a [user synchronization policy](../resources/crosstenantidentitysyncpolicypartner.md), you must first [delete the user synchronization policy](./crosstenantidentitysyncpolicypartner-delete.md) before you can delete the partner-specific configuration.
- ### Request
+The following is an example of the request. If a configuration includes a [user synchronization policy](../resources/crosstenantidentitysyncpolicypartner.md), you must first [delete the user synchronization policy](./crosstenantidentitysyncpolicypartner-delete.md) before you can delete the partner-specific configuration.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partner
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
v1.0 Crosstenantaccesspolicyconfigurationpartner Put Identitysynchronization https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationpartner-put-identitysynchronization.md
doc_type: apiPageType
# Create identitySynchronization+ Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
Namespace: microsoft.graph
Create a cross-tenant user synchronization policy for a partner-specific configuration. ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.ReadWrite.CrossTenantAccess| The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
-+ Hybrid Identity Administrator
+* Security Administrator
## HTTP request
PUT /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| |Content-Type|application/json. Required.| ## Request body+ In the request body, supply a JSON representation of the [crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md) object.
-You can specify the following properties when creating a **crossTenantIdentitySyncPolicyPartner**.
+You can specify the following properties when you create a **crossTenantIdentitySyncPolicyPartner**.
|Property|Type|Description| |:|:|:|
-|displayName|String|Display name for the cross-tenant user synchronization policy. Use the name of the partner Azure AD tenant to easily identify the policy. Optional.|
+|displayName|String|Display name for the cross-tenant user synchronization policy. Use the name of the partner Azure Active Directory tenant to easily identify the policy. Optional.|
|userSyncInbound|[crossTenantUserSyncInbound](../resources/crosstenantusersyncinbound.md)|Determines whether users are synchronized from the partner tenant.| -- ## Response If successful, this method returns a `204 No Content` response code.
If successful, this method returns a `204 No Content` response code.
## Examples ### Request+ The following is an example of a request. # [HTTP](#tab/http)
Content-Type: application/json
{ "displayName": "Fabrikam",
- "userSyncInbound":
- {
+ "userSyncInbound": {
"isSyncAllowed": true } }
Content-Type: application/json
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
Content-Type: application/json
``` http HTTP/1.1 204 No Content ```-
v1.0 Crosstenantaccesspolicyconfigurationpartner Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationpartner-update.md
The following example configures the partner-specific policy by setting the inbo
#### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
PATCH https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners
Content-Type: application/json {
- "inboundTrust":
- {
+ "inboundTrust": {
"isMfaAccepted": true, "isCompliantDeviceAccepted": true,
- "isHybridAzureADJoinedDeviceAccepted" : true
+ "isHybridAzureADJoinedDeviceAccepted": true
} } ```
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] #### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
Content-Type: application/json
HTTP/1.1 204 No Content ```
-### Example 2: Configure automaticUserConsent settings
+### Example 2: Configure automaticUserConsent settings
-The following example configures the partner-specific policy by consenting for B2B collaboration on behalf of your users and accepting admin consent for the partner's users.
+The following example configures the partner-specific policy by consenting for B2B collaboration on behalf of your users and accepting admin consent for the users of the partner.
#### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
PATCH https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners
Content-Type: application/json {
- "automaticUserConsentSettings":
- {
+ "automaticUserConsentSettings": {
"inboundAllowed": true, "outboundAllowed": true }
Content-Type: application/json
#### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
v1.0 Crosstenantidentitysyncpolicypartner Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantidentitysyncpolicypartner-delete.md
doc_type: apiPageType
# Delete crossTenantIdentitySyncPolicyPartner+ Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
Namespace: microsoft.graph
Delete the user synchronization policy for a partner-specific configuration. ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.ReadWrite.CrossTenantAccess| The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
-+ Hybrid Identity Administrator
+* Security Administrator
## HTTP request
DELETE /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `204 No Content` response code.
## Examples ### Request+ The following is an example of a request. # [HTTP](#tab/http)
DELETE https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partner
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
DELETE https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partner
``` http HTTP/1.1 204 No Content ```-
v1.0 Crosstenantidentitysyncpolicypartner Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantidentitysyncpolicypartner-get.md
Title: "Get crossTenantIdentitySyncPolicyPartner"
-description: "Read the user synchronization policy of a partner-specific configuration."
+description: "Get the user synchronization policy of a partner-specific configuration."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
doc_type: apiPageType
# Get crossTenantIdentitySyncPolicyPartner+ Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Read the user synchronization policy of a partner-specific configuration.
+Get the user synchronization policy of a partner-specific configuration.
## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess| The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
-+ Hybrid Identity Administrator
+* Security Administrator
## HTTP request
The signed-in user must also be assigned the following minimum [directory role](
GET /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization ```
+## Optional query parameters
+
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+ ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `200 OK` response code and a [crossTenantId
## Examples ### Request+ The following is an example of a request. # [HTTP](#tab/http)
GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners/9
### Response
-The following is an example of the response
+
+The following is an example of the response.
+ >**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
Content-Type: application/json
{ "tenantId": "9c5d131d-b1c3-4fc4-9e3f-c6557947d551", "displayName": "Fabrikam",
- "userSyncInbound":
- {
+ "userSyncInbound": {
"isSyncAllowed": true } } ```-
v1.0 Crosstenantidentitysyncpolicypartner Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantidentitysyncpolicypartner-update.md
doc_type: apiPageType
# Update crossTenantIdentitySyncPolicyPartner+ Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
Namespace: microsoft.graph
Update the user synchronization policy of a partner-specific configuration. ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.ReadWrite.CrossTenantAccess| The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
-+ Hybrid Identity Administrator
+* Security Administrator
## HTTP request
PATCH /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| |Content-Type|application/json. Required.| ## Request body+ [!INCLUDE [table-intro](../../includes/update-property-table-intro.md)] |Property|Type|Description| |:|:|:|
-|displayName|String|Display name for the cross-tenant user synchronization policy. Generally, this should be the tenant name of the partner Azure AD organization. Optional.|
-|userSyncInbound|[crossTenantUserSyncInbound](../resources/crosstenantusersyncinbound.md)|Determines whether users can be synchronized from the partner tenant. If set to `false`, any current user synchronization from the source tenant to the target tenant will stop. There is no impact to existing users that have already been synchronized.|
--
+|displayName|String|Display name for the cross-tenant user synchronization policy. Generally, this should be the tenant name of the partner Azure Active Directory organization. Optional.|
+|userSyncInbound|[crossTenantUserSyncInbound](../resources/crosstenantusersyncinbound.md)|Determines whether users can be synchronized from the partner tenant. `false` causes any current user synchronization from the source tenant to the target tenant to stop. This property has no impact on existing users who have already been synchronized.|
## Response
If successful, this method returns a `204 No Content` response code.
## Examples - ### Request+ The following is an example of a request. # [HTTP](#tab/http)
PATCH https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners
Content-Type: application/json {
- "userSyncInbound":
- {
+ "userSyncInbound": {
"isSyncAllowed": true } }
Content-Type: application/json
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
Content-Type: application/json
``` http HTTP/1.1 204 No Content ```-
v1.0 Customaccesspackageworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customaccesspackageworkflowextension-delete.md
DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-
- ### Response <!-- { "blockType": "response",
v1.0 Customauthenticationextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customauthenticationextension-delete.md
+
+ Title: "Delete customAuthenticationExtension"
+description: "Delete a customAuthenticationExtension object."
+
+ms.localizationpriority: medium
++
+# Delete customAuthenticationExtension
+Namespace: microsoft.graph
++
+Delete a [customAuthenticationExtension](../resources/customauthenticationextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identity/customAuthenticationExtensions/{customAuthenticationExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_customauthenticationextension"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/identity/customAuthenticationExtensions/5c82815a-ee61-4c9b-9f4b-914a708a0c68
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Customauthenticationextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customauthenticationextension-get.md
+
+ Title: "Get customAuthenticationExtension"
+description: "Read the properties and relationships of a customAuthenticationExtension object."
+
+ms.localizationpriority: medium
++
+# Get customAuthenticationExtension
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [customAuthenticationExtension](../resources/customauthenticationextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CustomAuthenticationExtension.Read.All, Application.Read.All, CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CustomAuthenticationExtension.Read.All, Application.Read.All, CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/customAuthenticationExtensions/{customAuthenticationExtensionId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [customAuthenticationExtension](../resources/customauthenticationextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_customauthenticationextension"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/customAuthenticationExtensions/6fc5012e-7665-43d6-9708-4370863f4e6e
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customAuthenticationExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/customAuthenticationExtensions/$entity",
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "id": "6fc5012e-7665-43d6-9708-4370863f4e6e",
+ "displayName": "onTokenIssuanceStartCustomExtension",
+ "description": "Fetch additional claims from custom user store",
+ "clientConfiguration": null,
+ "behaviorOnError": null,
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://authenticationeventsAPI.contoso.com/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ },
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://authenticationeventsAPI.contoso.com"
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "claimIdInApiResponse": "DateOfBirth"
+ },
+ {
+ "claimIdInApiResponse": "CustomRoles"
+ }
+ ]
+}
+```
+
v1.0 Customauthenticationextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customauthenticationextension-update.md
+
+ Title: "Update customAuthenticationExtension"
+description: "Update the properties of a customAuthenticationExtension object."
+
+ms.localizationpriority: medium
++
+# Update customAuthenticationExtension
+Namespace: microsoft.graph
++
+Update the properties of a [customAuthenticationExtension](../resources/customauthenticationextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /identity/customAuthenticationExtensions/{customAuthenticationExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+You must specify the `@odata.type` property when updating a [customAuthenticationExtension](../resources/customauthenticationextension.md) object. For example, to update an [onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md) object type, set the `@odata.type` property to `#microsoft.graph.onTokenIssuanceStartCustomExtension`.
+
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|The authentication configuration for this custom extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|description|String|Description for the custom extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|displayName|String|Display name for the custom extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|Configuration for the API endpoint that the custom extension will call. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
++
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_customauthenticationextension"
+}
+-->
+``` http
+PATCH hhttps://graph.microsoft.com/beta/identity/customAuthenticationExtensions/6fc5012e-7665-43d6-9708-4370863f4e6e
+Content-Type: application/json
+Content-length: 468
+
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "displayName": "onTokenIssuanceStartCustomExtension",
+ "description": "Fetch additional claims from custom user store",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://authenticationeventsAPI.contoso.com"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://authenticationeventsAPI.contoso.com/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "claimIdInApiResponse": "DateOfBirth"
+ },
+ {
+ "claimIdInApiResponse": "CustomRoles"
+ }
+ ]
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Customauthenticationextension Validateauthenticationconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customauthenticationextension-validateauthenticationconfiguration.md
+
+ Title: "customAuthenticationExtension: validateAuthenticationConfiguration"
+description: "An API to check validity of the endpoint and authentication configuration for a customAuthenticationExtension."
+
+ms.localizationpriority: medium
++
+# customAuthenticationExtension: validateAuthenticationConfiguration
+Namespace: microsoft.graph
++
+An API to check validity of the endpoint and and authentication configuration for a customAuthenticationExtension.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+
+## HTTP request
+
+To validate the endpoint and authentication configuration for a customAuthenticationExtension by its ID.
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/customAuthenticationExtensions/{customAuthenticationExtensionId}/validateAuthenticationConfiguration
+```
+
+To validate the endpoint and authentication configuration that's specified in the request body for a customAuthenticationExtension. The custom authentication extension object may not exist yet and you can use this endpoint to validate the configuration before creating the custom authentication extension.
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/customAuthenticationExtensions/validateAuthenticationConfiguration
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+In the request body, supply JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action. Supply a endpointConfiguration and authenticationConfiguration if querying at the root level. Otherwise, for a specific custom extension, do not supply a request body for this method.
+
+|Parameter|Type|Description|
+|:|:|:|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The HTTP endpoint for the custom authentication extension to be validated.|
+|authenticationConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The authentication configuration for the custom authenticaion extension to validate.|
+
+## Response
+
+If successful, this action returns a `200 OK` response code and a [authenticationConfigurationValidation](../resources/authenticationconfigurationvalidation.md) in the response body.
+
+## Examples
+
+### Example 1: Supply and validate a potential custom authentication extension configuration
+
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "customauthenticationextensionthis.validateauthenticationconfiguration"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/customAuthenticationExtensions/validateAuthenticationConfiguration
+Content-Type: application/json
+
+{
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://australia.contoso.com/users"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://extensibilityapi.azurwebsites.net/f9c5dc6b-d72b-4226-8ccd-801f7a290428"
+ }
+}
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationConfigurationValidation"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.authenticationConfigurationValidation",
+ "errors": [
+ {
+ "code": "IncorrectResourceIdFormat",
+ "message": "ResourceId should be in the format of 'api://{fully qualified domain name}/{appid}'"
+ },
+ {
+ "code": "DomainNameDoesNotMatch",
+ "message": "The fully qualified domain name in resourceId should match that of the targetUrl"
+ },
+ {
+ "code": "ServicePrincipalNotFound",
+ "message": "The appId of the resourceId should correspond to a real service principal in the tenant"
+ }
+ ],
+ "warnings": [
+ {
+ "code": "PermissionNotGrantedToServicePrincipal",
+ "message": "The permission CustomAuthenticationExtensions.Receive.Payload is not granted to the service principal of the resource app"
+ },
+ ]
+}
+```
++
+### Example 2: Validate the configuration of a specific existing custom authentication extension
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "customauthenticationextensionthis.validateauthenticationconfiguration_byId"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/customAuthenticationExtensions/9f39f3bb-457c-4a2a-8099-0e480e7ea142/validateAuthenticationConfiguration
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationConfigurationValidation"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.authenticationConfigurationValidation",
+ "errors": [
+ {
+ "code": "IncorrectResourceIdFormat",
+ "message": "ResourceId should be in the format of 'api://{fully qualified domain name}/{appid}'"
+ },
+ {
+ "code": "DomainNameDoesNotMatch",
+ "message": "The fully qualified domain name in resourceId should match that of the targetUrl"
+ },
+ {
+ "code": "ServicePrincipalNotFound",
+ "message": "The appId of the resourceId should correspond to a real service principal in the tenant"
+ }
+ ],
+ "warnings": [
+ {
+ "code": "PermissionNotGrantedToServicePrincipal",
+ "message": "The permission CustomAuthenticationExtensions.Receive.Payload is not granted to the service principal of the resource app"
+ },
+ ]
+}
+```
++
v1.0 Datapolicyoperation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/datapolicyoperation-get.md
Retrieve the properties of the dataPolicyOperation object.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.Export.All and User.Read.All |
v1.0 Devicelocalcredentialinfo Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/devicelocalcredentialinfo-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|DeviceLocalCredential.Read.All|
+|Delegated (work or school account)|DeviceLocalCredential.ReadBasic.All, DeviceLocalCredential.Read.All|
|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceLocalCredential.Read.All|
+|Application|DeviceLocalCredential.ReadBasic.All, DeviceLocalCredential.Read.All|
+
+To access the actual passwords on the device, done by including `$select=credentials` as part of the query parameters, the app must be assigned the *DeviceLocalCredential.Read.All* permission and *DeviceLocalCredential.ReadBasic.All* is insufficient.
[!INCLUDE [rbac-device-local-credentials-apis-read](../includes/rbac-for-apis/rbac-device-local-credentials-apis-read.md)]
v1.0 Devicemanagement Alertrecord Getportalnotifications https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/devicemanagement-alertrecord-getportalnotifications.md
GET https://graph.microsoft.com/beta/deviceManagement/monitoring/alertRecords/ge
[!INCLUDE [sample-code](../includes/snippets/php/alertrecordthisgetportalnotifications-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Devicemanagement Alertrecord Setportalnotificationassent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/devicemanagement-alertrecord-setportalnotificationassent.md
POST https://graph.microsoft.com/beta/deviceManagement/monitoring/alertRecords/6
[!INCLUDE [sample-code](../includes/snippets/php/alertrecordthissetportalnotificationassent-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Deviceregistrationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/deviceregistrationpolicy-update.md
If successful, this method returns a `200 OK` response code and an updated [devi
### Request
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_deviceregistrationpolicy" } --> ``` http
-PUT https://graph.microsoft.com/beta/deviceRegistrationPolicy
+PUT https://graph.microsoft.com/beta/policies/deviceRegistrationPolicy
Content-Type: application/json {
Content-Type: application/json
"allowedUsers": [], "allowedGroups": [] },
- localAdminPassword: {
+ "localAdminPassword": {
"isEnabled": true } } ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
++ ### Response
Content-Type: application/json
"allowedUsers": [], "allowedGroups": [] },
- localAdminPassword: {
+ "localAdminPassword": {
"isEnabled": true } }
v1.0 Directory Deleteditems Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-deleteditems-get.md
The following table shows the least privileged permission or permissions require
## HTTP request <!-- { "blockType": "ignored" } --> ```http
-GET /directory/deleteditems/{id}
+GET /directory/deleteditems/{object-id}
``` ## Optional query parameters
v1.0 Directoryaudit Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryaudit-get.md
Get a specific Azure Active Directory audit log item. This includes an audit log
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Directoryaudit List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryaudit-list.md
Get the list of audit logs generated by Azure Active Directory (Azure AD). This
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Directoryobject Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryobject-delete.md
Title: "Delete directoryObject"
-description: "Delete directoryObject."
+description: "Delete a directory object, for example, a group, user, application, or service principal."
ms.localizationpriority: medium ms.prod: "directory-management"
The following table shows the least privileged permission or permissions require
<!-- { "blockType": "ignored" } --> ```http DELETE /directoryObjects/{id}- ``` ## Request headers
Do not supply a request body for this method.
## Response
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Example
DELETE https://graph.microsoft.com/beta/directoryObjects/ffab4dce-9b82-49a6-b7c7
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
HTTP/1.1 204 No Content
"suppressions": [] } -->--
v1.0 Directoryobject Getmembergroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryobject-getmembergroups.md
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a directory object
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.ReadBasic.All and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read.All and Group.Read.All, Directory.Read.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a user
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.ReadBasic.All and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read.All and Group.Read.All, Directory.Read.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a group
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | : | | Delegated (work or school account) | GroupMember.Read.All, Group.Read.All, Directory.Read.All, Group.ReadWrite.All, Directory.ReadWrite.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a service principal
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.Read.All, Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for an organizational contact
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a device
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Device.Read.All, Directory.Read.All, Directory.ReadWrite.All |
v1.0 Directoryroletemplate Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryroletemplate-get.md
GET https://graph.microsoft.com/beta/directoryRoleTemplates/{id}
[!INCLUDE [sample-code](../includes/snippets/php/get-directoryroletemplate-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ##### Response
v1.0 Drive Sharedwithme https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/drive-sharedwithme.md
-
-description: "Retrieve a collection of DriveItem resources that have been shared with the owner of the Drive."
Previously updated : 09/10/2017 Title: List Files Shared With Me+
+description: "Get a list of driveItem objects that have been shared with the owner of a drive."
+ Title: "drive: sharedWithMe"
ms.localizationpriority: medium ms.prod: "sharepoint" doc_type: apiPageType
-# List items shared with the signed-in user
+
+# drive: sharedWithMe
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve a collection of [DriveItem](../resources/driveitem.md) resources that have been shared with the owner of the [Drive](../resources/drive.md).
+Get a list of [driveItem](../resources/driveitem.md) objects that have been shared with the owner of a [drive](../resources/drive.md).
+
+The **driveItems** returned from the **sharedWithMe** method always include the [**remoteItem**](../resources/remoteitem.md) facet that indicates they are items from a different drive.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
-|Delegated (personal Microsoft account) | Files.Read.All, Files.ReadWrite.All |
-|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
+| Permission type | Permissions (from least to most privileged) |
+|:|:-|
+| Delegated (work or school account) | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
+| Delegated (personal Microsoft account) | Files.Read.All, Files.ReadWrite.All |
+| Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
-**Note:** while the /sharedWithMe request will succeed with Files.Read or Files.ReadWrite permissions, some properties may be missing.
-Additionally, without one of the **All** permissions, shared items returned from this API will not be accessible.
+> **Note:**
+>
+> * A `/sharedWithMe` request succeeds with `Files.Read` or `Files.ReadWrite` permissions; however, some properties might be missing.
+> * You can't access shared items returned from this API if the request doesn't contain one of the `*.All` permissions.
## HTTP request
-<!-- { "blockType": "ignored" } -->
-
-```http
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
GET /me/drive/sharedWithMe ```
+## Request headers
+
+| Name | Description |
+|:--|:--|
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+ ## Response
-If successful, this method returns a collection of [DriveItem](../resources/driveitem.md) resources which contain the DriveItem resources shared with the owner of the drive.
+
+If successful, this method returns a `200 OK` response code and a collection of [driveItem](../resources/driveitem.md) objects in the response body.
+
+By default, this method returns items shared within your own tenant. To include items shared from external tenants, append `?allowexternal=true` to a GET request.
## Examples
-### Request
+### Example 1: Get driveItems shared with me
-# [HTTP](#tab/http)
-<!-- { "blockType": "request", "name": "shared-with-me" } -->
+The following example gets a collection of [driveItem](../resources/driveitem.md) resources that are shared with the owner of the drive.
+
+#### Request
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_driveItems_shared_with_me"
+}
+-->
```msgraph-interactive
-GET /me/drive/sharedWithMe
+GET https://graph.microsoft.com/beta/me/drive/sharedWithMe
```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript)+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-### Response
+#### Response
-In this example, since the drive is the user's default drive, this returns items shared with the signed in user.
+The following is an example of the response that returns items shared with the signed-in user, because the drive is the user's default drive.
-<!-- {"blockType": "response", "@odata.type": "Collection(microsoft.graph.driveItem)", "truncated": true} -->
+<!-- {
+ "blockType": "response",
+ "@odata.type": "Collection(microsoft.graph.driveItem)",
+ "truncated": true
+}
+-->
```http HTTP/1.1 200 OK
Content-Type: application/json
"id": "1991210caf!104" } }
+ },
+ {
+ "id": "1312ghi",
+ "remoteItem": {
+ "id": "987def!654",
+ "name": "January Service Review.pptx",
+ "file": { },
+ "size": 145362,
+ "parentReference": {
+ "driveId": "987def",
+ "id": "987def!321"
+ }
+ }
} ] } ```
-## Remarks
+### Example 2: Get metadata about a shared driveItem object
-DriveItems returned from the **sharedWithMe** action will always include the [**remoteItem**](../resources/remoteitem.md) facet which indicates they are items from a different drive.
-To access the shared DriveItem resource, you will need to make a request using the information provided in **remoteItem** in the following format:
+The following example shows how to access metadata about the shared **driveItem** with the name `January Service Review.pptx` that requires a request using the **driveId** of the **parentReference** within the **remoteItem** object.
-<!-- { "blockType": "ignored", "name": "drives-get-remoteitem" } -->
+#### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "drives-get-remoteitem-metadata",
+ "sampleKeys": ["987def", "987def!654"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/drives/987def/items/987def!654
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "@odata.type": "microsoft.graph.driveItem",
+ "truncated": true
+}
+-->
```http
-GET /drives/{remoteItem-driveId}/items/{remoteItem-id}
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "987def!654",
+ "name": "January Service Review.pptx",
+ "file": { },
+ "size": 145362,
+ "parentReference": {
+ "driveId": "987def",
+ "id": "987def!321"
+ }
+}
```
-By default, **sharedWithMe** returns items shared within your own tenant. To include items shared from external tenants, append `?allowexternal=true` to the GET request.
<!-- {
By default, **sharedWithMe** returns items shared within your own tenant. To inc
] } -->-
v1.0 Driveitem List Children https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/driveitem-list-children.md
GET /me/drive/root/children
- ### List children of a DriveItem with a known ID To retrieve files in the root of the drive, use the `root` relationship on the drive, then access the children relationship.
v1.0 Driveitemversion Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/driveitemversion-get.md
GET /me/drive/items/{item-id}/versions/current
- #### Response This returns a version:
v1.0 Ediscovery Case Close https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-case-close.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/061b9a92-8926-
[!INCLUDE [sample-code](../includes/snippets/php/case-close-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Case Reopen https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-case-reopen.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/061b9a92-8926-
[!INCLUDE [sample-code](../includes/snippets/php/case-reopen-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Case Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-case-update.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-case-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Ediscovery Casesettings Resettodefault https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-casesettings-resettodefault.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/{caseId}/setti
[!INCLUDE [sample-code](../includes/snippets/php/settings-resettodefault-for-caseid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Custodian Activate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-custodian-activate.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/2192ca408ea241
[!INCLUDE [sample-code](../includes/snippets/php/custodian-activate-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Custodian Post Unifiedgroupsources https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-custodian-post-unifiedgroupsources.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-POST /compliance/ediscovery/cases/4c8f8f70-7785-4bd4-b296-c98376a2c5e1/custodians/2192ca408ea2410eba3bec8ae873be6b/unifiedGroupSources
+POST /compliance/ediscovery/cases/{id}/custodians/{id}/unifiedGroupSources
``` ## Request headers
v1.0 Ediscovery Custodian Release https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-custodian-release.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/2192ca408ea241
[!INCLUDE [sample-code](../includes/snippets/php/custodian-release-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Noncustodialdatasource Release https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-noncustodialdatasource-release.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/5b840b94-f821-
[!INCLUDE [sample-code](../includes/snippets/php/noncustodialdatasource-release-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Reviewset Addtoreviewset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-reviewset-addtoreviewset.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/reviewset-addtoreviewset-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Reviewset Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-reviewset-export.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/reviewset-export-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Reviewsetquery Applytags https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-reviewsetquery-applytags.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/reviewsetquery-applytags-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Sourcecollection Estimatestatistics https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-sourcecollection-estimatestatistics.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/{caseId}/sourc
[!INCLUDE [sample-code](../includes/snippets/php/sourcecollection-estimatestatistics-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Sourcecollection Purgedata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-sourcecollection-purgedata.md
POST https://graph.microsoft.com/beta/compliance/ediscovery/cases/{caseId}/sourc
[!INCLUDE [sample-code](../includes/snippets/php/sourcecollectionthispurgedata-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Ediscovery Unifiedgroupsource Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ediscovery-unifiedgroupsource-delete.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-DELETE /compliance/ediscovery/cases/4c8f8f70-7785-4bd4-b296-c98376a2c5e1/custodians/2192ca408ea2410eba3bec8ae873be6b/unifiedGroupSources/33434233-3030-3739-3043-393039324633
+DELETE /compliance/ediscovery/cases/{id}/custodians/{id}/unifiedGroupSources/{id}
``` ## Request headers
v1.0 Educationassignment Activate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignment-activate.md
+
+ Title: "educationAssignment: activate"
+description: "Activate an inactive assignment to signal that the assignment has action items for teachers and students."
+
+ms.localizationpriority: medium
++
+# educationAssignment: activate
+
+Namespace: microsoft.graph
++
+Activate an `inactive` [educationAssignment](../resources/educationassignment.md) to signal that the assignment has further action items for teachers and students. This action can only be performed by a teacher on currently inactive assignments.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | EduAssignments.ReadWriteBasic, EduAssignments.ReadWrite |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+```http
+POST /education/classes/{classId}/assignments/{assignmentId}/activate
+```
+
+## Request headers
+| Header | Value |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [educationAssignment](../resources/educationassignment.md) object with `assigned` status in the response body.
+
+## Example
+
+### Request
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["ffac078e-1b63-42d0-bc2a-d280896e289a","2b8090d7-8de9-4fb4-af5d-2e2f68ae098a"],
+ "name": "post_activateAssignment"
+}-->
+```http
+POST https://graph.microsoft.com/beta/education/classes/ffac078e-1b63-42d0-bc2a-d280896e289a/assignments/2b8090d7-8de9-4fb4-af5d-2e2f68ae098a/activate
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationAssignment"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#educationAssignment",
+ "@odata.type": "#microsoft.graph.educationAssignment",
+ "classId": "ffac078e-1b63-42d0-bc2a-d280896e289a",
+ "displayName": "Check-inactive",
+ "closeDateTime": null,
+ "dueDateTime": "2023-03-26T18:29:00Z",
+ "assignDateTime": null,
+ "assignedDateTime": "2023-03-17T19:41:56.3040589Z",
+ "allowLateSubmissions": true,
+ "resourcesFolderUrl": null,
+ "feedbackResourcesFolderUrl": null,
+ "createdDateTime": "2023-03-17T19:40:33.7277546Z",
+ "lastModifiedDateTime": "2023-03-17T20:06:26.4016594Z",
+ "allowStudentsToAddResourcesToSubmission": true,
+ "status": "assigned",
+ "notificationChannelUrl": null,
+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%22ffac078e-1b63-42d0-bc2a-d280896e289a%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%222b8090d7-8de9-4fb4-af5d-2e2f68ae098a%5C%22%5D%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22assignment-viewer%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",
+ "addToCalendarAction": "none",
+ "addedStudentAction": "none",
+ "id": "2b8090d7-8de9-4fb4-af5d-2e2f68ae098a",
+ "grading": null,
+ "instructions": {
+ "content": "Check-inactive",
+ "contentType": "html"
+ },
+ "assignTo": {
+ "@odata.type": "#microsoft.graph.educationAssignmentClassRecipient"
+ },
+ "createdBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ },
+ "lastModifiedBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "AAAAAAAA-0123-4567-89AB-1B4BB48C3119",
+ "displayName": null
+ }
+ }
+}
+```
v1.0 Educationassignment Deactivate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignment-deactivate.md
+
+ Title: "educationAssignment: deactivate"
+description: "Mark an assigned assignment as inactive to signal that the assignment has no further action items for teachers and students."
+
+ms.localizationpriority: medium
++
+# Deactivate educationAssignment
+
+Namespace: microsoft.graph
++
+Mark an `assigned` [educationAssignment](../resources/educationassignment.md) as `inactive` to signal that the assignment has no further action items for teachers and students. This action can only be performed by a teacher on assigned assignments.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | EduAssignments.ReadWriteBasic, EduAssignments.ReadWrite |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+```http
+POST /education/classes/{classId}/assignments/{assignmentId}/deactivate
+```
+
+## Request headers
+| Header | Value |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+| Prefer | include-unknown-enum-members. Optional. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [educationAssignment](../resources/educationassignment.md) object with `inactive` status in the response body.
+
+## Examples
+`Inactive` is a new status for assignments, you can add the `Prefer` header in your request to get the status, otherwise you will get an `unknownFutureValue` value in the response.
+
+### Example 1: Mark assignment inactive without optional Prefer header
+
+#### Request
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["ffac078e-1b63-42d0-bc2a-d280896e289a","2b8090d7-8de9-4fb4-af5d-2e2f68ae098a"],
+ "name": "post_deactivateAssignment_withoutheader"
+}-->
+```http
+POST https://graph.microsoft.com/beta/education/classes/ffac078e-1b63-42d0-bc2a-d280896e289a/assignments/2b8090d7-8de9-4fb4-af5d-2e2f68ae098a/deactivate
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response when `Prefer: include-unknown-enum-members` is not provided in the request header.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationAssignment"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#educationAssignment",
+ "@odata.type": "#microsoft.graph.educationAssignment",
+ "classId": "ffac078e-1b63-42d0-bc2a-d280896e289a",
+ "displayName": "Check-inactive",
+ "closeDateTime": null,
+ "dueDateTime": "2023-03-26T18:29:00Z",
+ "assignDateTime": null,
+ "assignedDateTime": "2023-03-17T19:41:56.3040589Z",
+ "allowLateSubmissions": true,
+ "resourcesFolderUrl": null,
+ "feedbackResourcesFolderUrl": null,
+ "createdDateTime": "2023-03-17T19:40:33.7277546Z",
+ "lastModifiedDateTime": "2023-03-17T20:46:10.9647739Z",
+ "allowStudentsToAddResourcesToSubmission": true,
+ "status": "unknownFutureValue",
+ "notificationChannelUrl": null,
+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%22ffac078e-1b63-42d0-bc2a-d280896e289a%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%222b8090d7-8de9-4fb4-af5d-2e2f68ae098a%5C%22%5D%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22assignment-viewer%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",
+ "addToCalendarAction": "none",
+ "addedStudentAction": "none",
+ "id": "2b8090d7-8de9-4fb4-af5d-2e2f68ae098a",
+ "grading": null,
+ "instructions": {
+ "content": "Check-inactive",
+ "contentType": "html"
+ },
+ "assignTo": {
+ "@odata.type": "#microsoft.graph.educationAssignmentClassRecipient"
+ },
+ "createdBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ },
+ "lastModifiedBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ }
+}
+```
+
+### Example 2: Mark assignment inactive with optional Prefer header
+#### Request
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["ffac078e-1b63-42d0-bc2a-d280896e289a","2b8090d7-8de9-4fb4-af5d-2e2f68ae098a"],
+ "name": "post_deactivateAssignment_withheader"
+}-->
+```http
+POST https://graph.microsoft.com/beta/education/classes/ffac078e-1b63-42d0-bc2a-d280896e289a/assignments/2b8090d7-8de9-4fb4-af5d-2e2f68ae098a/deactivate
+Prefer: include-unknown-enum-members
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response when the `Prefer: include-unknown-enum-members` is provided in the request header.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationAssignment"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#educationAssignment",
+ "@odata.type": "#microsoft.graph.educationAssignment",
+ "classId": "ffac078e-1b63-42d0-bc2a-d280896e289a",
+ "displayName": "Check-inactive",
+ "closeDateTime": null,
+ "dueDateTime": "2023-03-26T18:29:00Z",
+ "assignDateTime": null,
+ "assignedDateTime": "2023-03-17T19:41:56.3040589Z",
+ "allowLateSubmissions": true,
+ "resourcesFolderUrl": null,
+ "feedbackResourcesFolderUrl": null,
+ "createdDateTime": "2023-03-17T19:40:33.7277546Z",
+ "lastModifiedDateTime": "2023-03-17T20:33:38.8043517Z",
+ "allowStudentsToAddResourcesToSubmission": true,
+ "status": "inactive",
+ "notificationChannelUrl": null,
+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%22ffac078e-1b63-42d0-bc2a-d280896e289a%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%222b8090d7-8de9-4fb4-af5d-2e2f68ae098a%5C%22%5D%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22assignment-viewer%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",
+ "addToCalendarAction": "none",
+ "addedStudentAction": "none",
+ "id": "2b8090d7-8de9-4fb4-af5d-2e2f68ae098a",
+ "grading": null,
+ "instructions": {
+ "content": "Check-inactive",
+ "contentType": "html"
+ },
+ "assignTo": {
+ "@odata.type": "#microsoft.graph.educationAssignmentClassRecipient"
+ },
+ "createdBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ },
+ "lastModifiedBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ }
+}
+```
v1.0 Educationassignment Delete Gradingcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignment-delete-gradingcategory.md
+
+ Title: "Remove gradingCategory"
+description: "Remove gradingCategory from the assignment."
+
+ms.localizationpriority: medium
++
+# Remove gradingCategory
+
+Namespace: microsoft.graph
++
+Remove a [gradingCategory](../resources/educationgradingcategory.md) from an [educationAssignment](../resources/educationassignment.md). Only teachers can perform this operation.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | EduAssignments.ReadWriteBasic, EduAssignments.ReadWrite |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+DELETE /education/classes/{classId}/assignments/{assignmentId}/gradingCategory/$ref
+```
+
+## Request headers
+| Header | Value |
+|:|:--|
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `204` successful response code.
+
+## Example
+
+### Request
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["37d99af7-cfc5-4e3b-8566-f7d40e4a2070", "8bfb6d7f-8634-4f3b-9b6a-b6b6ff663f01"],
+ "name": "delete_gradingCategories"
+}-->
+```http
+DELETE https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignments/0bcb37af-3676-47ef-ae93-8de22ce5ff1d/gradingCategory/$ref
+```
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
v1.0 Educationassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignment-get.md
Get the properties and relationships of an [assignment](../resources/educationas
Students can only see assignments assigned to them; teachers and applications with application permissions can see all assignments in a class.
+You can use the `Prefer` header in your request to get the `inactive` status in case the assignment is deactivated; otherwise, you will get an `unknownFutureValue` value in the response.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
GET /education/classes/{id}/assignments/{id}
This method supports the `$select` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters). - The available `$expand` options for this method are: `categories`, `resources`, `rubric`, `submissions` and `*` which includes all the previous options. ## Request headers | Header | Value | |:|:--| | Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+| Prefer | include-unknown-enum-members. Optional. |
## Request body Don't supply a request body for this method.
Don't supply a request body for this method.
If successful, this method returns a `200 OK` response code and an [educationAssignment](../resources/educationassignment.md) object in the response body. ## Example
-### Request
+
+### Example 1: Get education assignment
+
+#### Request
The following is an example of the request. # [HTTP](#tab/http)
Content-length: 279
} ```
+### Example 2: Get assignment in inactive state with optional Prefer header
+#### Request
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["ffac078e-1b63-42d0-bc2a-d280896e289a","2b8090d7-8de9-4fb4-af5d-2e2f68ae098a"],
+ "name": "get_inactiveAssignment_withheader"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/education/classes/ffac078e-1b63-42d0-bc2a-d280896e289a/assignments/2b8090d7-8de9-4fb4-af5d-2e2f68ae098a
+Prefer: include-unknown-enum-members
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response with status as inactive, when `Prefer: include-unknown-enum-members` is provided in the request header.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationAssignment"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('ffac078e-1b63-42d0-bc2a-d280896e289a')/assignments/$entity",
+ "classId": "ffac078e-1b63-42d0-bc2a-d280896e289a",
+ "displayName": "Check-inactive",
+ "closeDateTime": null,
+ "dueDateTime": "2023-03-26T18:29:00Z",
+ "assignDateTime": null,
+ "assignedDateTime": "2023-03-17T19:41:56.3040589Z",
+ "allowLateSubmissions": true,
+ "resourcesFolderUrl": null,
+ "feedbackResourcesFolderUrl": null,
+ "createdDateTime": "2023-03-17T19:40:33.7277546Z",
+ "lastModifiedDateTime": "2023-03-17T21:03:07.4999252Z",
+ "allowStudentsToAddResourcesToSubmission": true,
+ "status": "inactive",
+ "notificationChannelUrl": null,
+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%22ffac078e-1b63-42d0-bc2a-d280896e289a%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%222b8090d7-8de9-4fb4-af5d-2e2f68ae098a%5C%22%5D%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22assignment-viewer%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",
+ "addToCalendarAction": "none",
+ "addedStudentAction": "none",
+ "id": "2b8090d7-8de9-4fb4-af5d-2e2f68ae098a",
+ "grading": null,
+ "instructions": {
+ "content": "Check-inactive",
+ "contentType": "html"
+ },
+ "assignTo": {
+ "@odata.type": "#microsoft.graph.educationAssignmentClassRecipient"
+ },
+ "createdBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ },
+ "lastModifiedBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ }
+}
+```
+
+## Example 3: Get assignment in inactive state without optional Prefer header
+#### Request
+The following is an example of the request, where the status is `unknownFutureValue`. `Prefer: include-unknown-enum-members` is not provided in the request header.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["ffac078e-1b63-42d0-bc2a-d280896e289a","2b8090d7-8de9-4fb4-af5d-2e2f68ae098a"],
+ "name": "getinactiveAssignment"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/education/classes/ffac078e-1b63-42d0-bc2a-d280896e289a/assignments/2b8090d7-8de9-4fb4-af5d-2e2f68ae098a
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response when `Prefer: include-unknown-enum-members` is not provided in the request header.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationAssignment"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('ffac078e-1b63-42d0-bc2a-d280896e289a')/assignments/$entity",
+ "classId": "ffac078e-1b63-42d0-bc2a-d280896e289a",
+ "displayName": "Check-inactive",
+ "closeDateTime": null,
+ "dueDateTime": "2023-03-26T18:29:00Z",
+ "assignDateTime": null,
+ "assignedDateTime": "2023-03-17T19:41:56.3040589Z",
+ "allowLateSubmissions": true,
+ "resourcesFolderUrl": null,
+ "feedbackResourcesFolderUrl": null,
+ "createdDateTime": "2023-03-17T19:40:33.7277546Z",
+ "lastModifiedDateTime": "2023-03-17T21:03:07.4999252Z",
+ "allowStudentsToAddResourcesToSubmission": true,
+ "status": "unknownFutureValue",
+ "notificationChannelUrl": null,
+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%22ffac078e-1b63-42d0-bc2a-d280896e289a%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%222b8090d7-8de9-4fb4-af5d-2e2f68ae098a%5C%22%5D%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22assignment-viewer%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",
+ "addToCalendarAction": "none",
+ "addedStudentAction": "none",
+ "id": "2b8090d7-8de9-4fb4-af5d-2e2f68ae098a",
+ "grading": null,
+ "instructions": {
+ "content": "Check-inactive",
+ "contentType": "html"
+ },
+ "assignTo": {
+ "@odata.type": "#microsoft.graph.educationAssignmentClassRecipient"
+ },
+ "createdBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ },
+ "lastModifiedBy": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "cb1a4af3-0aba-4679-aa12-9f99bab0b61a",
+ "displayName": null
+ }
+ }
+}
+```
+ <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!--
v1.0 Educationassignment List Gradingcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignment-list-gradingcategory.md
+
+ Title: "List educationGradingCategories"
+description: "Get a list of the educationGradingCategory objects and their properties."
+
+ms.localizationpriority: medium
++
+# List educationGradingCategories
+Namespace: microsoft.graph
++
+Get a list of the [educationGradingCategory](../resources/educationgradingcategory.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EduAssignments.ReadWriteBasic, EduAssignments.ReadWrite|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /education/classes/{educationClassId}/assignmentSettings/gradingCategories
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [educationGradingCategory](../resources/educationgradingcategory.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_educationgradingcategory"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentSettings/gradingCategories
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationGradingCategory"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignmentSettings/$entity",
+ "submissionAnimationDisabled": false,
+ "gradingCategories@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignmentSettings/gradingCategories",
+ "gradingCategories": [
+ {
+ "id": "7625dccd-35e0-4014-a831-06f1b768ec6d",
+ "displayName": "Lab Theory",
+ "percentageWeight": 15
+ },
+ {
+ "id": "92e6b56a-c85c-4928-a18f-62b7b3bd4319",
+ "displayName": "Lab Practice",
+ "percentageWeight": 30
+ },
+ {
+ "id": "4a19d24d-779c-4ee2-93c3-7b7cf815ed94",
+ "displayName": "Attendance",
+ "percentageWeight": 30
+ },
+ {
+ "id": "948f5c3f-12af-47ec-b2a9-6ea225811f0d",
+ "displayName": "Assesstment",
+ "percentageWeight": 25
+ }
+ ]
+}
+```
v1.0 Educationassignment Post Gradingcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignment-post-gradingcategory.md
+
+ Title: "Add gradingCategory"
+description: "Add a gradingCategory to an assignment."
+
+ms.localizationpriority: medium
++
+# Add gradingCategory
+
+Namespace: microsoft.graph
++
+Adds a [gradingCategory](../resources/educationgradingcategory.md) to an [educationAssignment](../resources/educationassignment.md). Only teachers can perform this operation.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | EduAssignments.ReadWriteBasic, EduAssignments.ReadWrite |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+PUT /education/classes/{classId}/assignments/{assignmentId}/gradingCategory/$ref
+```
+
+## Request headers
+| Header | Value |
+|:|:--|
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json |
+
+## Request body
+In the request body, supply the odata.id of the existing [gradingCategory](../resources/educationgradingcategory.md) object to add to this assignment.
+
+## Response
+If successful, this method returns a `204` successful response code with no content in the response body.
+
+## Example
+
+### Request
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["37d99af7-cfc5-4e3b-8566-f7d40e4a2070","452184ea-a358-4a07-92b4-dce44601a612"],
+ "name": "create_educationcategory_from_educationclass"
+}-->
+```http
+PUT https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignments/452184ea-a358-4a07-92b4-dce44601a612/gradingCategory/$ref
+Content-type: application/json
+
+{
+ "@odata.id": "https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentSettings/gradingCategories/fb4a4009-3cc4-4dea-9991-e0a0763659e3"
+}
+```
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+++
+### Response
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 8fcb5dbd-d5aa-4681-8e31-b001d5168d79
+2023-04-19 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "Add a gradingCategory to an assignment",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}
+-->
v1.0 Educationassignmentsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationassignmentsettings-update.md
If successful, this method returns a `200 OK` response code and an updated [educ
## Examples
-### Request
+### Example 1: Update submissionAnimationDisabled
+
+#### Request
# [HTTP](#tab/http) <!-- {
Content-Type: application/json
"submissionAnimationDisabled": true } ```
+### Example 2: Create grading categories
+#### Request
+The following is an example of the request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["37d99af7-cfc5-4e3b-8566-f7d40e4a2070"],
+ "name": "update_gradingCategories"
+}-->
+```http
+PATCH https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentSettings
+Content-type: application/json
+
+{
+ "gradingCategories": [
+ {
+ "displayName": "Lab",
+ "percentageWeight": 10
+ },
+ {
+ "displayName": "Homework",
+ "percentageWeight": 80
+ },
+ {
+ "displayName": "Test",
+ "percentageWeight": 10
+ }
+ ]
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationGradingCategory",
+ "isCollection": false
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignmentSettings/$entity",
+ "submissionAnimationDisabled": false,
+ "gradingCategories@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignmentSettings/gradingCategories",
+ "gradingCategories": [
+ {
+ "id": "8bfb6d7f-8634-4f3b-9b6a-b6b6ff663f01",
+ "displayName": "Lab",
+ "percentageWeight": 10
+ },
+ {
+ "id": "6fd19981-588f-495c-91a8-712a645c95b7",
+ "displayName": "Homework",
+ "percentageWeight": 80
+ },
+ {
+ "id": "54f637a5-2cef-4e48-a88e-028854ca8089",
+ "displayName": "Test",
+ "percentageWeight": 10
+ }
+ ]
+}
+```
+
+### Example 3: Delta payload to delete, modify and add grading categories.
+
+#### Request
+The following is an example of the request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["37d99af7-cfc5-4e3b-8566-f7d40e4a2070"],
+ "name": "update_gradingCategories_delta"
+}-->
+```http
+PATCH https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentSettings
+Content-type: application/json
+
+{
+ "gradingCategories@delta": [
+ {
+ // Change this grading category's name
+ "id": "fb859cd3-943b-4cd6-9bbe-fe1c39eace0e",
+ "displayName": "Lab Test"
+ },
+ {
+ // Delete this grading category
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#gradingCategories/$deletedEntity",
+ "id": "e2a86277-24f9-4f29-8196-8c83fc69d00d",
+ "reason": "deleted"
+ },
+ {
+ // Add a new grading category
+ "displayName": "Lab Practice",
+ "percentageWeight": 30
+ },
+ {
+ "displayName": "Lab Theory",
+ "percentageWeight": 10
+ }
+ ]
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationGradingCategory"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignmentSettings/$entity",
+ "submissionAnimationDisabled": false,
+ "gradingCategories@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignmentSettings/gradingCategories",
+ "gradingCategories": [
+ {
+ "id": "fb4a4009-3cc4-4dea-9991-e0a0763659e3",
+ "displayName": "Homework",
+ "percentageWeight": 30
+ },
+ {
+ "id": "fb859cd3-943b-4cd6-9bbe-fe1c39eace0e",
+ "displayName": "Lab Test",
+ "percentageWeight": 30
+ },
+ {
+ "id": "d47d7a3f-44a1-47e1-8aec-68b028f64b2e",
+ "displayName": "Lab Practice",
+ "percentageWeight": 30
+ },
+ {
+ "id": "021db844-0f03-4483-929d-1c1dbfd4fcb4",
+ "displayName": "Lab Theory",
+ "percentageWeight": 10
+ }
+ ]
+}
+```
+<!-- uuid: 37d99af7-cfc5-4e3b-8566-f7d40e4a2070
+2023-04-18 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "Update educationAssignmentSettings",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": []
+}
+-->
v1.0 Educationclass Get Group https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationclass-get-group.md
Retrieve the Microsoft 365 **group** that corresponds to this **educationClass**
## Permissions A combination of permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | One from EduRoster.ReadBasic, EduRoster.Read, EduRoster.Write plus Directory.Read.All|
v1.0 Educationclass List Schools https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationclass-list-schools.md
GET https://graph.microsoft.com/beta/education/classes/11014/schools
[!INCLUDE [sample-code](../includes/snippets/php/get-schools-1-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Educationclass Post Category https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationclass-post-category.md
The following is an example of the request.
<!-- { "blockType": "request", "sampleKeys": ["9a5e4047-c1dc-4243-9628-580d3c64b80c"],
- "name": "create_educationcategory_from_educationclass"
+ "name": "create_educationcategory_from_class_beta_e1"
}--> ```http POST https://graph.microsoft.com/beta/education/classes/9a5e4047-c1dc-4243-9628-580d3c64b80c/assignmentCategories
Content-type: application/json
} ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
- # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/create-educationcategory-from-educationclass-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PHP](#tab/php)
- ### Response
v1.0 Educationgradingcategory Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationgradingcategory-update.md
+
+ Title: "Update gradingCategory"
+description: "Update a single gradingCategory."
+
+ms.localizationpriority: medium
++
+# Update gradingCategory
+
+Namespace: microsoft.graph
++
+Update a single [gradingCategory](../resources/educationgradingcategory.md) on the [educationAssignmentSettings](../resources/educationassignmentsettings.md). Only teachers can perform this operation.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | EduAssignments.ReadWriteBasic, EduAssignments.ReadWrite |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+PATCH /education/classes/{classId}/assignmentSettings/gradingCategories/{gradingCategoryId}
+```
+
+## Request headers
+| Header | Value |
+|:|:--|
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+In the request body, supply the values for relevant fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
+
+| Property | Type | Description |
+|:-|:|:|
+|displayName|String|The new name for a grading category.|
+
+## Response
+If successful, this method returns a `200 OK` response code and an updated [gradingCategory](../resources/educationgradingcategory.md) object in the response body.
+
+## Example
+
+### Request
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "sampleKeys": ["37d99af7-cfc5-4e3b-8566-f7d40e4a2070", "8bfb6d7f-8634-4f3b-9b6a-b6b6ff663f01"],
+ "name": "update_gradingCategoties"
+}-->
+```http
+PATCH https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070//assignmentSettings/gradingCategories/8bfb6d7f-8634-4f3b-9b6a-b6b6ff663f01
+Content-type: application/json
+
+{
+ "displayName": "Quiz-1"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.educationGradingCategory"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignmentSettings/gradingCategories/$entity",
+ "id": "8bfb6d7f-8634-4f3b-9b6a-b6b6ff663f01",
+ "displayName": "Quiz-1",
+ "percentageWeight": 10
+}
+```
v1.0 Educationschool Get Administrativeunit https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationschool-get-administrativeUnit.md
Retrieve the simple directory **administrativeUnit** that corresponds to this **
## Permissions A combination of permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | One from EduRoster.ReadBasic, EduRoster.Read, EduRoster.Write plus Directory.Read.All|
v1.0 Educationsubmissionresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationsubmissionresource-get.md
GET https://graph.microsoft.com/beta/education/classes/72a7baec-c3e9-4213-a850-f
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Educationuser Get User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationuser-get-user.md
Retrieve the simple directory **user** that corresponds to this **educationUser*
A combination of permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | :-- | | Delegated (work or school account) | One from EduRoster.ReadBasic, EduRoster.Read, EduRoster.Write plus either Directory.Read.All or User.Read |
v1.0 Employeeexperience List Learningproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/employeeexperience-list-learningproviders.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|LearningProvider.Read|
+|Delegated (work or school account)|LearningProvider.Read, LearningProvider.ReadWrite|
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
v1.0 Employeeexperienceuser Post Learningcourseactivities https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/employeeexperienceuser-post-learningcourseactivities.md
doc_type: apiPageType
# Create learningCourseActivity+ Namespace: microsoft.graph + Create a new [learningCourseActivity](../resources/learningcourseactivity.md) object. A learning course activity can be one of two types:
A learning course activity can be one of two types:
Use this method to create either type of activity. ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|Not supported.|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningAssignedCourse.ReadWrite.All, LearningSelfInitiatedCourse.ReadWrite.All|
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | LearningAssignedCourse.ReadWrite.All, LearningSelfInitiatedCourse.ReadWrite.All |
## HTTP request
One of the following permissions is required to call this API. To learn more, in
``` http POST /employeeExperience/learningProviders/{registrationId}/learningCourseActivities ```+ ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| |Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [learningCourseActivity](../resources/learningcourseactivity.md) object.
-Based on the course activity type, you can specify the following properties when creating a **learningCourseActivity**.
+In the request body, use @odata.type to specify the type of [learningCourseActivity](../resources/learningcourseactivity.md) resource that you're creating ([learningAssignment](../resources/learningassignment.md) or [learningSelfInitiated](../resources/learningselfinitiatedcourse.md)), and include the properties of that type, as listed in the following table.
|Property|Type|Description| |:|:|:|
-|@odata.type|String|Indicates whether this is a [learningAssignment](../resources/learningassignment.md) or [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) course activity. Required.|
|assignedDateTime|DateTimeOffset|Assigned date for the course activity. Optional. |
-|assignmentType|assignmentType|The assignment type for the course activity. Possible values are `required`, `recommended`, `UnknownFutureValue`. Required.|
+|assignmentType|assignmentType|The assignment type for the course activity. Possible values are: `required`, `recommended`, `unknownFutureValue`. Required.|
|assignerUserId|String|The user ID of the assigner. Optional. |
-|completedDateTime|DateTimeOffset|The date time value for when the assignment was completed. Optional. |
-|completionPercentage|Integer|The percentage of the course completed by the user. Optional. If provided, the value must be in between 0 and 100 (inclusive).|
+|completedDateTime|DateTimeOffset|The date and time when the assignment was completed. Optional. |
+|completionPercentage|Int32|The percentage of the course completed by the user. Optional. If a value is provided, it must be between `0` and `100` (inclusive).|
|dueDateTime|DateTimeOffset|Due date for the course activity. Optional. | |externalCourseActivityId|String|A course activity ID generated by the provider. Optional. |
-|Id|String|The generated ID for a request and can be used to make further interactions to the course activity APIs.|
+|id|String|The generated ID for a request that can be used to make further interactions to the course activity APIs.|
|learningContentId|String| The ID of the learning content created in Viva Learning. Required.| |learningProviderId|String|The registration ID of the provider. Required.| |learnerUserId|String|The user ID of the learner to whom the activity is assigned. Required.| |notes|String|Notes for the course activity. Optional. | |registrationId|String|ID of the provider. The ID is generated when the provider registers on Viva Learning. Required.|
-|startedDateTime|DateTimeOffset|The date time value on which the self-initiated course was started by the learner. Optional.|
-|status|courseStatus|Represents status of the course activity. Possible values are `notStarted`, `inProgress`, `completed`. Required.|
+|startedDateTime|DateTimeOffset|The date and time when the self-initiated course was started by the learner. Optional.|
+|status|courseStatus|The status of the course activity. Possible values are: `notStarted`, `inProgress`, `completed`. Required.|
## Response
If successful, this method returns a `201 Created` response code and a [learning
The following example shows how to create a [learningAssignment](../resources/learningassignment.md) activity.
-### Request
+#### Request
+ The following example shows the request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_assigned_learning_courseactivity"
Content-Type: application/json
"assignmentType": "required", "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d", "completedDateTime": null,
- "completionPercentage":20,
+ "completionPercentage": 20,
"dueDateTime": { "dateTime": "2022-09-22T16:05:00.0000000", "timeZone": "UTC"
Content-Type: application/json
"externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002", "learningProviderId": "01e8f81b-3060-4dec-acf0-0389665a0a38",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
- "notes":
- {
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
+ "notes": {
"contentType": "text", "content": "required assignment added for user" },
Content-Type: application/json
} ```
-### Response
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+#### Response
+ The following example shows the response. <!-- {
Content-Type: application/json
{ "@odata.type": "#microsoft.graph.learningAssignment",
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-
- e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('7ba2228a-e020-11ec-9d64-
- 0242ac120002')$entity",
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('7ba2228a-e020-11ec-9d64-0242ac120002')$entity",
"assignedDateTime": "2021-05-11T22:57:17+00:00", "assignmentType": "required", "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d", "completedDateTime": null,
- "completionPercentage":20,
+ "completionPercentage": 20,
"externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "id": "7ba2228a-e020-11ec-9d64-0242ac120002:749c8786-99bb-4b3b-8d5d-586428f6aaa3", "dueDateTime": {
Content-Type: application/json
}, "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002", "learningProviderId": "01e8f81b-3060-4dec-acf0-0389665a0a38",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
- "notes":
- {
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
+ "notes": {
"contentType": "text", "content": "required assignment added for user" },
Content-Type: application/json
The following example creates a [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) activity.
-### Request
+#### Request
+ The following example shows the request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_selfinitiated_learning_courseactivity"
Content-Type: application/json
{ "@odata.type": "#microsoft.graph.learningSelfInitiatedCourse", "completedDateTime": null,
- "completionPercentage":20,
+ "completionPercentage": 20,
"externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
"startedDateTime": "2021-05-21T22:57:17+00:00", "status": "inProgress" } ```
-### Response
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+#### Response
+ The following example shows the response. <!-- {
Content-Type: application/json
{ "@odata.type": "#microsoft.graph.learningSelfInitiatedCourse",
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-
- e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('be2f4d76-e020-11ec-9d64-
- 0242ac120002')$entity",
- "completedDateTime": null,
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('be2f4d76-e020-11ec-9d64-0242ac120002')$entity",
+ "completedDateTime": null,
"completionPercentage": 20, "externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "id": "7ba2228a-e020-11ec-9d64-0242ac120002:749c8786-99bb-4b3b-8d5d-586428f6aaa3",
- "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
+ "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
"learningProviderId": "01e8f81b-3060-4dec-acf0-0389665a0a38", "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002", "startedDateTime": "2021-05-21T22:57:17+00:00",
- "status": "inProgress"
+ "status": "inProgress"
} ```
v1.0 Entitlementmanagement Post Accesspackageassignmentpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/entitlementmanagement-post-accesspackageassignmentpolicies.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
The following example shows how to create an access package policy with a verifiable credential requirement.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_accesspackageassignmentpolicy_verifiablecredentials"
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ #### Response The following is an example of the response.
v1.0 Event Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/event-get.md
Prefer: outlook.timezone="Pacific Standard Time"
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Externalconnectors Externalitem Addactivities https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalitem-addactivities.md
doc_type: resourcePageType
# externalItem: addActivities+ Namespace: microsoft.graph.externalConnectors [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Append additional instances of [externalActivity](../resources/externalconnectors-externalactivity.md) objects on an [externalitem](../resources/externalconnectors-externalitem.md).
+Append additional instances of [externalActivity](../resources/externalconnectors-externalactivity.md) objects on an [externalItem](../resources/externalconnectors-externalitem.md).
+
+## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-|:|:--|
-| Delegated (work or school account) | Not supported |
-| Delegated (personal Microsoft account) | Not supported |
-| Application | ExternalItem.ReadWrite.OwnedBy, ExternalItem.ReadWrite.All |
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | ExternalItem.ReadWrite.OwnedBy, ExternalItem.ReadWrite.All |
## HTTP request
POST /connections/{connectionsId}/items/{externalItemId}/addActivities
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| |Content-Type|application/json. Required.| ## Request body
-In the request body, supply JSON representation of the parameters.
+
+In the request body, supply a JSON representation of the parameters.
The following table shows the parameters that can be used with this action. |Parameter|Type|Description| |:|:|:|
-|activities|[microsoft.graph.externalConnectors.externalActivity](../resources/externalconnectors-externalactivity.md) collection|Collection of activities involving an **externalItem**.|
+|activities|[microsoft.graph.externalConnectors.externalActivity](../resources/externalconnectors-externalactivity.md) collection|Collection of activities that involve an **externalItem**.|
## Response
-If successful, this action returns a `200 OK` response code and a collection of [externalConnectors.externalActivityResult](../resources/externalconnectors-externalactivityresult.md) objects in the response body.
+If successful, this action returns a `200 OK` response code and a collection of [microsoft.graph.externalConnectors.externalActivityResult](../resources/externalconnectors-externalactivityresult.md) objects in the response body.
-If a `207` response is returned, this indicates that only some of the added **externalActivity** instances were successfully processed. The caller should inspect the response payload, looking at the error field for each **externalActivityResult** to determine why the **externalActivity** instance was not processed and what action can be taken. If the error field is null, that indicates a successful **externalActivityResult**.
+A `207 Multi-Status` response code indicates that only some of the added **externalActivity** instances were successfully processed. The caller should inspect the response payload, looking at the error field for each **externalActivityResult** to determine why the **externalActivity** instance was not processed and what action can be taken. A `null` **error** property indicates a successful **externalActivityResult**.
## Examples
The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "externalitemthis.addactivities"
+ "name": "externalitemthis.addactivities",
+ "sampleKeys": ["contosohr", "TSP228082938"]
} --> ``` http
-POST https://graph.microsoft.com/beta/connections/{connectionsId}/items/{externalItemId}/addActivities
+POST https://graph.microsoft.com/beta/connections/contosohr/items/TSP228082938/addActivities
Content-Type: application/json Content-length: 190
Content-length: 190
"activities": [ { "@odata.type": "#microsoft.graph.externalConnectors.externalActivity",
- "type": "String",
- "startDateTime": "String (timestamp)"
+ "type": "created",
+ "startDateTime": "2021-04-06T18:04:31.033Z",
+ "performedBy": {
+ "type": "user",
+ "id": "1f0c997e-99f7-43f1-8cca-086f8d42be8d"
+ }
} ] }
Content-length: 190
The following example shows the response. >**Note:** The response object shown here might be shortened for readability.+ <!-- { "blockType": "response", "truncated": true,
Content-Type: application/json
"value": [ { "@odata.type": "#microsoft.graph.externalConnectors.externalActivityResult",
- "type": "String",
- "startDateTime": "String (timestamp)",
- "error": {
- "@odata.type": "microsoft.graph.publicError"
- }
+ "type": "created",
+ "startDateTime": "2021-04-06T18:04:31.033Z",
+ "error": null
} ] }
v1.0 Externalmeetingregistrant Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalmeetingregistrant-delete.md
If successful, this method only returns a `204 No Content` response code.
DELETE https://graph.microsoft.com/beta/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZ/registration/registrants/9d96988d-a66a-46ce-aad7-0b245615b297 ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
DELETE https://graph.microsoft.com/beta/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LT
[!INCLUDE [sample-code](../includes/snippets/javascript/delete-externalregistratrant-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Externalmeetingregistrant List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalmeetingregistrant-list.md
If successful, this method returns a `200 OK` response code and a collection of
GET https://graph.microsoft.com/beta/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZ/registration/registrants ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZ
[!INCLUDE [sample-code](../includes/snippets/javascript/list-externalregistratrants-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Externalmeetingregistrant Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalmeetingregistrant-post.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/add-externalregistratrant-public-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/add-externalregistratrant-private-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
v1.0 Group Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-get.md
Content-type: application/json
"resourceProvisioningOptions": [], "securityEnabled": false, "securityIdentifier": "S-1-12-1-1306860066-1319449225-59104187-458188010",
+ "serviceProvisioningErrors": [],
"theme": null, "visibility": "Public", "writebackConfiguration": {
v1.0 Group List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-list.md
Content-type: application/json
"resourceProvisioningOptions":[ ], "securityEnabled":false,
+ "serviceProvisioningErrors": [
+ ],
"theme":null, "visibility":"Public", "onPremisesProvisioningErrors":[
Content-type: application/json
"resourceProvisioningOptions":[ ], "securityEnabled":false,
+ "serviceProvisioningErrors": [
+ ],
"theme":null, "visibility":null, "onPremisesProvisioningErrors":[
v1.0 Group Retryserviceprovisioning https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-retryserviceprovisioning.md
+
+ Title: "group: retryServiceProvisioning"
+description: "Retry the group service provisioning."
+ms.localizationpriority: medium
+++
+# group: retryServiceProvisioning
+
+Namespace: microsoft.graph
++
+Retry the [group](../resources/group.md) service provisioning.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :- |
+| Delegated (work or school account) | Group.ReadWrite.All, Directory.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Group.ReadWrite.All, Directory.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+POST /groups/{id}/retryServiceProvisioning
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+This operation has no request content.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Example
+
+### Request
+
+The following is an example of the request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "group_retryserviceprovisioning"
+}-->
+```http
+POST https://graph.microsoft.com/beta/groups/{id}/retryServiceProvisioning
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+```http
+HTTP/1.1 204 No Content
+```
v1.0 Homerealmdiscoverypolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/homerealmdiscoverypolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/betiscoveryPolicies/6c6f154f-cb39-4ff9-bf5b-62d5ad585cde/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/betiscoveryPolicies/6c6f154
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-2-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Identitycontainer List Authenticationeventlisteners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitycontainer-list-authenticationeventlisteners.md
+
+ Title: "List authenticationEventListeners"
+description: "Get a list of the authenticationEventListener objects and their properties."
+
+ms.localizationpriority: medium
++
+# List authenticationEventListeners
+Namespace: microsoft.graph
++
+Get a list of the [authenticationEventListener](../resources/authenticationeventlistener.md) objects and their properties. The following derived types are supported:
+
+- [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md)
+- [onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md)
+- [onAuthenticationMethodStartListener](../resources/onauthenticationmethodloadstartlistener.md)
+- [onAttributeCollectionListener](../resources/onattributecollectionlistener.md)
+- [onUserCreateStartListener](../resources/onusercreatestartlistener.md)
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.Read.All, EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.Read.All, EventListener.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/authenticationEventListeners
+```
+
+## Optional query parameters
+This method supports the `$select` and `$filter` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [authenticationEventListener](../resources/authenticationeventlistener.md) objects in the response body. The **@odata.type** property in the response object indicates the type of the authenticationEventListener object.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_authenticationeventlistener"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventListeners
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.authenticationEventListener)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventListeners",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartListener",
+ "id": "990d94e5-cc8f-4c4b-97b4-27e2678aac28",
+ "priority": 500,
+ "authenticationEventsFlowId": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventListeners('990d94e5-cc8f-4c4b-97b4-27e2678aac28')/microsoft.graph.onTokenIssuanceStartListener/conditions/applications/includeApplications",
+ "includeApplications": [
+ {
+ "appId": "a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ }
+ ]
+ }
+ },
+ "handler": {
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtensionHandler",
+ "configuration": null,
+ "customExtension": {
+ "id": "6fc5012e-7665-43d6-9708-4370863f4e6e",
+ "displayName": "onTokenIssuanceStartCustomExtension",
+ "description": "Fetch additional claims from custom user store",
+ "clientConfiguration": null,
+ "behaviorOnError": null,
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://authenticationeventsAPI.contoso.net/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ },
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://authenticationeventsAPI.contoso.net"
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "claimIdInApiResponse": "DateOfBirth"
+ },
+ {
+ "claimIdInApiResponse": "CustomRoles"
+ }
+ ]
+ }
+ }
+ }
+ ]
+}
+```
+
v1.0 Identitycontainer List Authenticationeventsflows https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitycontainer-list-authenticationeventsflows.md
+
+ Title: "List authenticationEventsFlows"
+description: "Get a list of the authenticationEventsFlow objects and their properties."
+
+ms.localizationpriority: medium
++
+# List authenticationEventsFlows
+Namespace: microsoft.graph
++
+Get a collection of authentication events policies that are derived from [authenticationEventsFlow](../resources/authenticationeventsflow.md). Only the [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object type is returned.
+
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.Read.All, EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.Read.All, EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/authenticationEventsFlows
+```
+
+## Optional query parameters
+
+This method supports the `$filter`, `$expand`, `$orderby`, and `$top` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [authenticationEventsFlow](../resources/authenticationeventsflow.md) objects in the response body.
+
+## Examples
+
+### Example 1: List all user flows
+
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_authenticationeventsflow"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows
+```
++
+#### Response
+
+The following is an example of a response that returns two user flows: "Test User Flow 1" and "Woodgrove Drive User Flow" with the following configurations:
+
+- "Test User Flow 1" is set up to allow email+password accounts, collect email address and country, and create a "Member" user type.
+- "Woodgrove Drive User Flow" is set up to allow email+password accounts or social (Google or Facebook) sign in, collect email address, display name, and favorite color, and create "Member" user type.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.authenticationEventsFlow)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "79a67c51-c86d-4a48-8313-1e14ac821e16",
+ "displayName": "TestUserFlow1",
+ "description": null,
+ "priority": 50,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('79a67c51-c86d-4a48-8313-1e14ac821e16')/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications",
+ "includeApplications": []
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ }
+ ]
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "country",
+ "label": "Country/Region",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ }
+ ]
+ }
+ ]
+ },
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "country",
+ "displayName": "Country/Region",
+ "description": "The country/region in which the user is located.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ }
+ ]
+ },
+ "onUserCreateStart": {
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "member"
+ }
+ },
+ {
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "0313cc37-d421-421d-857b-87804d61e33e",
+ "displayName": "Woodgrove Drive User Flow",
+ "description": "For onboarding consumers to the Woodgrove Drive application",
+ "priority": 50,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('0313cc37-d421-421d-857b-87804d61e33e')/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications",
+ "includeApplications": []
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Google-OAUTH",
+ "displayName": "Google",
+ "identityProviderType": "Google",
+ "clientId": "137004260525-q8j2cp9hqceqa6hpvaa346e04g92tn8m.apps.googleusercontent.com",
+ "clientSecret": "******"
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Facebook-OAUTH",
+ "displayName": "Facebook",
+ "identityProviderType": "Facebook",
+ "clientId": "236028191057849",
+ "clientSecret": "******"
+ }
+ ]
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "label": "Favorite color",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ }
+ ]
+ }
+ ]
+ },
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "displayName": "Favorite color",
+ "description": "what is your favorite color",
+ "userFlowAttributeType": "custom",
+ "dataType": "string"
+ }
+ ]
+ },
+ "onUserCreateStart": {
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "member"
+ }
+ }
+ ]
+}
+```
+
+### Example 2: List all user flows that include Google as an identity provider
+
+#### Request
+
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_authenticationeventsflow_selfservicesignup_identityproviders"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows?$filter=microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAuthenticationMethodLoadStart/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders/any(idp:idp/id eq 'Google-OAUTH')
+```
+
+#### Response
+The following is an example of a response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.authenticationEventsFlow)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "0313cc37-d421-421d-857b-87804d61e33e",
+ "displayName": "Woodgrove Drive User Flow",
+ "description": "For onboarding consumers to the Woodgrove Drive application",
+ "priority": 50,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('0313cc37-d421-421d-857b-87804d61e33e')/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications",
+ "includeApplications": []
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Google-OAUTH",
+ "displayName": "Google",
+ "identityProviderType": "Google",
+ "clientId": "############-q8j2cp9hqceqa6hpvaa346e04g92tn8m.apps.googleusercontent.com",
+ "clientSecret": "******"
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Facebook-OAUTH",
+ "displayName": "Facebook",
+ "identityProviderType": "Facebook",
+ "clientId": "###############",
+ "clientSecret": "******"
+ }
+ ]
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "label": "Favorite color",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ }
+ ]
+ }
+ ]
+ },
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "displayName": "Favorite color",
+ "description": "what is your favorite color",
+ "userFlowAttributeType": "custom",
+ "dataType": "string"
+ }
+ ]
+ },
+ "onUserCreateStart": {
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "member"
+ }
+ }
+ ]
+}
+```
+
+### Example 3: List all user flows that collect 'city' during attribute collection at account creation
+
+#### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "request",
+ "name": "list_authenticationeventsflow_filter_selfservicesignup_attributes"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows?$filter=microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes/any(attribute:attribute/id eq 'city')
+```
+
+#### Response
+The following is an example of a response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.authenticationEventsFlow)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "0313cc37-d421-421d-857b-87804d61e33e",
+ "displayName": "TestUserFlow3",
+ "description": "my user flow description newestXXX",
+ "priority": 50,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('0313cc37-d421-421d-857b-87804d61e33e')/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications",
+ "includeApplications": []
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "AADSignup-OAUTH",
+ "displayName": "Azure Active Directory Sign up",
+ "identityProviderType": "AADSignup",
+ "state": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Google-OAUTH",
+ "displayName": "Google",
+ "identityProviderType": "Google",
+ "clientId": "137004260525-q8j2cp9hqceqa6hpvaa346e04g92tn8m.apps.googleusercontent.com",
+ "clientSecret": "******"
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Facebook-OAUTH",
+ "displayName": "Facebook",
+ "identityProviderType": "Facebook",
+ "clientId": "236028191057849",
+ "clientSecret": "******"
+ }
+ ]
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "city",
+ "label": "City",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ }
+ ]
+ }
+ ]
+ },
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "city",
+ "displayName": "City",
+ "description": "The city in which the user is located.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ }
+ ]
+ },
+ "onUserCreateStart": {
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "member"
+ }
+ },
+ {
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "f5b9b311-cb87-445b-a655-e6e6a4d3e582",
+ "displayName": "TestUserFlow4",
+ "description": null,
+ "priority": 50,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('f5b9b311-cb87-445b-a655-e6e6a4d3e582')/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications",
+ "includeApplications": []
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ }
+ ]
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "city",
+ "label": "City",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "country",
+ "label": "Country/Region",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ }
+ ]
+ }
+ ]
+ },
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "city",
+ "displayName": "City",
+ "description": "The city in which the user is located.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "country",
+ "displayName": "Country/Region",
+ "description": "The country/region in which the user is located.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ }
+ ]
+ },
+ "onUserCreateStart": {
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "member"
+ }
+ }
+ ]
+}
+```
+
+### Example 4: List user flow associated with specific application ID
+
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_authenticationeventsflow_filter_includeapplications"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows?$filter=microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications/any(appId:appId/appId eq '63856651-13d9-4784-9abf-20758d509e19')
+```
++
+#### Response
+
+The following is an example of a response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.authenticationEventsFlow)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "b5ca7ddb-f5e4-4dea-8ee5-282116ddc71d",
+ "displayName": "Test User Flow",
+ "description": null,
+ "priority": 500,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows('b5ca7ddb-f5e4-4dea-8ee5-282116ddc71d')/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/conditions/applications/includeApplications",
+ "includeApplications": [
+ {
+ "appId": "63856651-13d9-4784-9abf-20758d509e19"
+ }
+ ]
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ }
+ ]
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_RewardsNumber",
+ "label": "Rewards number",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^.*",
+ "options": []
+ }
+ ]
+ }
+ ]
+ },
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "extension_6ea3bc85aec24b1c92ff4a117afb6621_RewardsNumber",
+ "displayName": "RewardsNumber",
+ "description": null,
+ "userFlowAttributeType": "custom",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ }
+ ]
+ },
+ "onUserCreateStart": {
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "member"
+ }
+ }
+ ]
+}
+```
v1.0 Identitycontainer List Customauthenticationextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitycontainer-list-customauthenticationextensions.md
+
+ Title: "List customAuthenticationExtensions"
+description: "Get a list of the customAuthenticationExtension objects and their properties."
+
+ms.localizationpriority: medium
++
+# List customAuthenticationExtensions
+Namespace: microsoft.graph
++
+Get a list of the [customAuthenticationExtension](../resources/customauthenticationextension.md) objects and their properties. Currently, only [onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md) objects are returned.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CustomAuthenticationExtension.Read.All, Application.Read.All, CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CustomAuthenticationExtension.Read.All, Application.Read.All, CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/customAuthenticationExtensions
+```
+
+## Optional query parameters
+This method supports the `$select` and `$filter` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [customAuthenticationExtension](../resources/customauthenticationextension.md) objects in the response body. An **@odata.type** property is returned for each object to specify the type of customAuthenticationExtension.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_customauthenticationextension"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/customAuthenticationExtensions
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.customAuthenticationExtension)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/customAuthenticationExtensions",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "id": "6fc5012e-7665-43d6-9708-4370863f4e6e",
+ "displayName": "onTokenIssuanceStartCustomExtension",
+ "description": "Fetch additional claims from custom user store",
+ "clientConfiguration": null,
+ "behaviorOnError": null,
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://authenticationeventsAPI.contoso.net/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ },
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://authenticationeventsAPI.contoso.net"
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "claimIdInApiResponse": "DateOfBirth"
+ },
+ {
+ "claimIdInApiResponse": "CustomRoles"
+ }
+ ]
+ }
+ ]
+}
+```
+
v1.0 Identitycontainer Post Authenticationeventlisteners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitycontainer-post-authenticationeventlisteners.md
+
+ Title: "Create authenticationEventListener"
+description: "Create a new authenticationEventListener object."
+
+ms.localizationpriority: medium
++
+# Create authenticationEventListener
+Namespace: microsoft.graph
++
+Create a new [authenticationEventListener](../resources/authenticationeventlistener.md) object. You can create one of the following subtypes that are derived from **authenticationEventListener**.
+
+- [onTokenIssuanceStartListener resource type](../resources/ontokenissuancestartlistener.md)
+- [onInteractiveAuthFlowStartListener resource type](../resources/oninteractiveauthflowstartlistener.md)
+- [onAuthenticationMethodLoadStartListener resource type](../resources/onauthenticationmethodloadstartlistener.md)
+- [onAttributeCollectionListener resource type](../resources/onattributecollectionlistener.md)
+- [onUserCreateStartListener resource type](../resources/onusercreatestartlistener.md)
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/authenticationEventListeners
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [authenticationEventListener](../resources/authenticationeventlistener.md) object.
+
+You can specify the following properties when creating an **authenticationEventListener**. You must specify the **@odata.type** property to specify the type of authenticationEventListener to create; for example, `@odata.type": "microsoft.graph.onTokenIssuanceStartListener"`.
+
+|Property|Type|Description|
+|:|:|:|
+|authenticationEventsFlowId|String|The identifier of the authentication events flow. Optional.|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|The conditions on which this authenticationEventListener should trigger. Optional.|
+|handler|[onAttributeCollectionHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be set for the **onAttributeCollectionListener** listener type.|
+|handler|[onAuthenticationMethodLoadStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be set for the **onAuthenticationMethodLoadStartListener** listener type.|
+|handler|[onInteractiveAuthFlowStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be set for the **onInteractiveAuthFlowStartListener** listener type.|
+|handler|[onTokenIssuanceStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be set for the **onTokenIssuanceStartListener** listener type.|
+|handler|[onUserCreateStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met. Can be set for the **onUserCreateStartListener** listener type.|
+|priority|Int32| The priority of this handler. Between 0 (lower priority) and 1000 (higher priority). Required.|
+
+## Response
+
+If successful, this method returns a `201 Created` response code and an [authenticationEventListener](../resources/authenticationeventlistener.md) object in the response body. The **@odata.type** property specifies the type of the created object.
+
+## Examples
+
+### Request
+The following is an example of a request to create a onTokenIssuanceStartListener.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_authenticationeventlistener_from_"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/authenticationEventListeners
+Content-Type: application/json
+Content-length: 312
+
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartListener",
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications": [
+ {
+ "appId": "a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ }
+ ]
+ }
+ },
+ "priority": 500,
+ "handler": {
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtensionHandler",
+ "customExtension": {
+ "id": "6fc5012e-7665-43d6-9708-4370863f4e6e"
+ }
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationEventListener"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventListeners/$entity",
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartListener",
+ "id": "990d94e5-cc8f-4c4b-97b4-27e2678aac28",
+ "priority": 500,
+ "authenticationEventsFlowId": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false,
+ "includeApplications": [
+ {
+ "appId": "a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ }
+ ]
+ }
+ },
+ "handler": {
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtensionHandler",
+ "customExtension": {
+ "id": "6fc5012e-7665-43d6-9708-4370863f4e6e"
+ }
+ }
+}
+```
+
v1.0 Identitycontainer Post Authenticationeventsflows https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitycontainer-post-authenticationeventsflows.md
+
+ Title: "Create authenticationEventsFlow"
+description: "Create a new authenticationEventsFlow object."
+
+ms.localizationpriority: medium
++
+# Create authenticationEventsFlow
+Namespace: microsoft.graph
++
+Create a new [authenticationEventsFlow](../resources/authenticationeventsflow.md) object that is of the type specified in the request body. You can create only an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object type.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/authenticationEventsFlows
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [authenticationEventsFlow](../resources/authenticationeventsflow.md) object.
+
+You can specify the following properties when creating an **authenticationEventsFlow**. You must include the **@odata.type** property with a value of the specific user flow type in the body. For example, `"@odata.type": "#microsoft.graph.externalUsersSelfServiceSignupEventsFlow"`.
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Required. The display name for the events policy. Must be unique.|
+|description|String|Optional. The description of the events policy.|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|Optional. The conditions representing the context of the authentication request which is used to decide whether the events policy is invoked.|
+|priority|Int32|Optional. The priority to use for each individual event of the events policy. If multiple competing listeners for an event have the same priority, one is chosen and an error is silently logged. Default is 500. |
+|onInteractiveAuthFlowStart|[onInteractiveAuthFlowStartHandler](../resources/oninteractiveauthflowstarthandler.md)|Required. The configuration for what to invoke when an authentication flow is ready to be initiated. |
+|onAuthenticationMethodLoadStart|[onAuthenticationMethodLoadStartHandler](../resources/onauthenticationmethodloadstarthandler.md)|Required. The configuration for what to invoke when authentication methods are ready to be presented to the user. Must have at least one identity provider linked.|
+|onAttributeCollection|[onAttributeCollectionHandler](../resources/onattributecollectionhandler.md)|The configuration for what to invoke when attributes are ready to be collected from the user.|
+|onUserCreateStart|[onUserCreateStartHandler](../resources/onusercreatestarthandler.md)|The configuration for what to invoke during user creation.|
+
+## Response
+
+If successful, this method returns a `201 Created` response code and a JSON representation of an [authenticationEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object in the response body. An **@odata.type** property with the value of the specific user flow type created is included in the response body. For example, `"@odata.type": "#microsoft.graph.externalUsersSelfServiceSignupEventsFlow"`.
+
+## Examples
+
+### Example 1: Create a basic External Identities sign-up and sign-in user flow on an Azure AD customer tenant
+
+#### Request
+The following is an example of a request. In this example, you create a user flow named "Woodgrove User Flow" with the following configuration.
+
+- Allow sign up and sign in.
+- Allow users to create a local email with password account.
+- Collect the **Display Name** built-in attribute from the user.
+- Defines how the attributes to be collected will be displayed to the user.
+
+<!-- {
+ "blockType": "request",
+ "name": "create_authenticationeventsflow_selfservicesignup"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/authenticationEventsFlows
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "displayName": "Woodgrove Drive User Flow",
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "id": "EmailPassword-OAUTH"
+ }
+ ]
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ }
+ ],
+ "attributeCollectionPage": {
+ "views": [
+ {
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "Text",
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$"
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$"
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
++
+#### Response
+The following is an example of the response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationEventsFlow"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows/$entity",
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "0313cc37-d421-421d-857b-87804d61e33e",
+ "displayName": "Woodgrove Drive User Flow",
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp"
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "accessPackages": [],
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
+
+### Example 2: Create a basic external identities sign-up and sign-in user flow with an attached application on an Azure AD customer tenant
+
+#### Request
+The following is an example of a request. In this example, you create a user flow named "Woodgrove User Flow" with the following configuration.
+
+- Allow sign up and sign in.
+- Allow users to create a local email with password account.
+- Collect the **Display Name** built-in attribute from the user.
+- Defines how the attributes to be collected will be displayed to the user.
+
+<!-- {
+ "blockType": "request",
+ "name": "create_authenticationeventsflow_selfservicesignup_includeapplications"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/authenticationEventsFlows
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "displayName": "Woodgrove Drive User Flow",
+ "conditions": {
+ "applications": {
+ "includeApplications": [
+ {
+ "appId": "63856651-13d9-4784-9abf-20758d509e19"
+ }
+ ]
+ }
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "id": "EmailPassword-OAUTH"
+ }
+ ]
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ }
+ ],
+ "attributeCollectionPage": {
+ "views": [
+ {
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "Text",
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$"
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$"
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
++
+#### Response
+The following is an example of the response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationEventsFlow"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows/$entity",
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "1d51b447-eb52-4ec8-ae4e-0a35ebc148ea",
+ "displayName": "Woodgrove Drive User Flow",
+ "description": null,
+ "priority": 500,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "onUserCreateStart": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp"
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "accessPackages": [],
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
+
+### Example 3: Create an External Identities sign-up and sign-in user flow with social providers and a custom attribute
+
+#### Request
+
+The following is an example of a request. In this example, you create a user flow named "Woodgrove Drive User Flow" with the following configuration
+
+- Allow sign up and sign in.
+- Allow users to create a local email with password account, or authenticate with Google or Facebook
+- Collect the **Display Name** built-in attribute and a **Favorite Color** custom attribute.
+
+<!-- {
+ "blockType": "request",
+ "name": "create_authenticationeventsflow__selfservicesignup_socialproviders_customattribute"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/authenticationEventsFlows
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "displayName": "Woodgrove User Flow 2",
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp",
+ "identityProviders": [
+ {
+ "id": "EmailPassword-OAUTH"
+ },
+ {
+ "id": "Google-OAUTH"
+ },
+ {
+ "id": "Facebook-OAUTH"
+ }
+ ]
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributes": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "displayName": "Favorite color",
+ "description": "what is your favorite color",
+ "userFlowAttributeType": "custom",
+ "dataType": "string"
+ }
+ ],
+ "attributeCollectionPage": {
+ "views": [
+ {
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "Text",
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$"
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$"
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "label": "Favorite color",
+ "inputType": "text",
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$"
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationEventsFlow"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventsFlows/$entity",
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "{authentictionEventsFlow-id}",
+ "displayName": "Woodgrove User Flow 2",
+ "description": null,
+ "priority": 500,
+ "onAttributeCollectionStart": null,
+ "onAttributeCollectionSubmit": null,
+ "onUserCreateStart": null,
+ "conditions": {
+ "applications": {
+ "includeAllApplications": false
+ }
+ },
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": true
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp"
+ },
+ "onAttributeCollection": {
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "accessPackages": [],
+ "attributeCollectionPage": {
+ "customStringsFileId": null,
+ "views": [
+ {
+ "title": null,
+ "description": null,
+ "inputs": [
+ {
+ "attribute": "email",
+ "label": "Email Address",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": true,
+ "editable": false,
+ "writeToDirectory": true,
+ "required": true,
+ "validationRegEx": "^[a-zA-Z0-9.!#$%&amp;&#8217;'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$",
+ "options": []
+ },
+ {
+ "attribute": "displayName",
+ "label": "Display Name",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ },
+ {
+ "attribute": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "label": "Favorite color",
+ "inputType": "text",
+ "defaultValue": null,
+ "hidden": false,
+ "editable": true,
+ "writeToDirectory": true,
+ "required": false,
+ "validationRegEx": "^[a-zA-Z_][0-9a-zA-Z_ ]*[0-9a-zA-Z_]+$",
+ "options": []
+ }
+ ]
+ }
+ ]
+ }
+ }
+}
+```
v1.0 Identitycontainer Post Customauthenticationextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitycontainer-post-customauthenticationextensions.md
+
+ Title: "Create customAuthenticationExtension"
+description: "Create a new customAuthenticationExtension object."
+
+ms.localizationpriority: medium
++
+# Create customAuthenticationExtension
+Namespace: microsoft.graph
++
+Create a new [customAuthenticationExtension](../resources/customauthenticationextension.md) object. Only the **onTokenIssuanceStartCustomExtension** object type is supported.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CustomAuthenticationExtension.ReadWrite.All, Policy.ReadWrite.AuthenticationFlows, Application.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/customAuthenticationExtensions
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [customAuthenticationExtension](../resources/customauthenticationextension.md) object.
+
+You can specify the following properties when creating a **customAuthenticationExtension**. You must specify the **@odata.type** property with a value of the customAuthenticationExtension object type that you want to create. For example, to create an **onTokenIssuanceStartCustomExtension** object, set **@odata.type** to `#microsoft.graph.onTokenIssuanceStartCustomExtension`.
+
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|The authentication configuration for this custom extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|clientConfiguration|[customExtensionClientConfiguration](../resources/customextensionclientconfiguration.md)|The connection settings for the custom extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|description|String|Description for the custom extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|displayName|String|Display name for the custom extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|Configuration for the API endpoint that the custom extension will call. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
++
+## Response
+
+If successful, this method returns a `201 Created` response code and a [customAuthenticationExtension](../resources/customauthenticationextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request to create an onTokenIssuanceStartCustomExtension object type.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_customauthenticationextension_from_"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/customAuthenticationExtensions
+Content-Type: application/json
+Content-length: 468
+
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "displayName": "onTokenIssuanceStartCustomExtension",
+ "description": "Fetch additional claims from custom user store",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://authenticationeventsAPI.contoso.com"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://authenticationeventsAPI.contoso.com/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ },
+ "clientConfiguration": {
+ "timeoutInMilliseconds": 2000,
+ "maximumRetries": 1
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "claimIdInApiResponse": "DateOfBirth"
+ },
+ {
+ "claimIdInApiResponse": "CustomRoles"
+ }
+ ]
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customAuthenticationExtension"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/customAuthenticationExtensions/$entity",
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "id": "6fc5012e-7665-43d6-9708-4370863f4e6e",
+ "displayName": "onTokenIssuanceStartCustomExtension",
+ "description": "Fetch additional claims from custom user store",
+ "clientConfiguration": null,
+ "behaviorOnError": null,
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "api://authenticationeventsAPI.contoso.com/a13d0fc1-04ab-4ede-b215-63de0174cbb4"
+ },
+ "clientConfiguration": {
+ "timeoutInMilliseconds": 2000,
+ "maximumRetries": 1
+ },
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "https://authenticationeventsAPI.contoso.com"
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "claimIdInApiResponse": "DateOfBirth"
+ },
+ {
+ "claimIdInApiResponse": "CustomRoles"
+ }
+ ]
+}
+```
+
v1.0 Identitygovernance Lifecycleworkflowscontainer List Deleteditems https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-deleteditems.md
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/delet
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Identitygovernance Task Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-task-get.md
The following is an example of a request to get a task from a workflow version.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/versions/2/tasks/4d9d41d7-a8e1-4f2f-8c8c-a883bc02e6ee ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workf
[!INCLUDE [sample-code](../includes/snippets/javascript/lifecycleworkflows-get-workflowversion-task-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
v1.0 Identitygovernance Task Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-task-update.md
Content-length: 454
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-length: 454
[!INCLUDE [sample-code](../includes/snippets/javascript/lifecycleworkflows-update-task-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Identitygovernance Taskprocessingresult Resume https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskprocessingresult-resume.md
Content-length: 155
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-length: 155
[!INCLUDE [sample-code](../includes/snippets/javascript/lifecycleworkflows-taskprocessingresultthisresume-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Identitygovernance Workflow Activate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-activate.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/lifecycleworkflows-workflowthisactivate-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Identitygovernance Workflow Createnewversion https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-createnewversion.md
Content-length: 631
[!INCLUDE [sample-code](../includes/snippets/php/lifecycleworkflows-workflowthiscreatenewversion-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
Content-length: 631
[!INCLUDE [sample-code](../includes/snippets/php/lifecycleworkflows-workflowthiscreatenewversion-customemail-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Identitygovernance Workflow Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-restore.md
POST https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/dele
[!INCLUDE [sample-code](../includes/snippets/php/lifecycleworkflows-workflowthisrestore-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Identitygovernance Workflowversion List Tasks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflowversion-list-tasks.md
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/versions/2/tasks ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workf
[!INCLUDE [sample-code](../includes/snippets/javascript/lifecycleworkflows-list-workflowversion-task-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Identityprovider Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityprovider-get.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityProvider](../resources/identityprovider.md) or [openIdConnectProvider](../resources/openidconnectprovider.md) (only for Azure AD B2C) in the response body.
+If successful, this method returns a `200 OK` response code and a [identityProvider](../resources/identityprovider.md) or [openIdConnectProvider](../resources/openidconnectprovider.md) (only for Azure AD B2C) object in the response body.
## Examples
v1.0 Identitysecuritydefaultsenforcementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitysecuritydefaultsenforcementpolicy-update.md
Update the properties of an [identitySecurityDefaultsEnforcementPolicy](../resou
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Identityuserflowattribute Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityuserflowattribute-get.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityUserFlowAttribute](../resources/identityuserflowattribute.md) in the response body.
+If successful, this method returns a `200 OK` response code and a [identityUserFlowAttribute](../resources/identityuserflowattribute.md) object in the response body.
## Examples
v1.0 Impactedresource Complete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/impactedresource-complete.md
The following is an example of a request.
POST https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-471f-a6fb-468c1a847088_Microsoft.Identity.IAM.Insights.ApplicationCredentialExpiry/impactedResources/dbd9935e-15b7-4800-9049-8d8704c23ad2/complete ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-47
[!INCLUDE [sample-code](../includes/snippets/javascript/impactedresourcethiscomplete-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Impactedresource Dismiss https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/impactedresource-dismiss.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/impactedresourcethisdismiss-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Impactedresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/impactedresource-get.md
The following is an example of a request.
GET https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-471f-a6fb-468c1a847088_Microsoft.Identity.IAM.Insights.ApplicationCredentialExpiry/impactedResources/dbd9935e-15b7-4800-9049-8d8704c23ad2 ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-471
[!INCLUDE [sample-code](../includes/snippets/javascript/get-impactedresource-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Impactedresource Postpone https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/impactedresource-postpone.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/impactedresourcethispostpone-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Impactedresource Reactivate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/impactedresource-reactivate.md
The following is an example of a request.
POST https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-471f-a6fb-468c1a847088_Microsoft.Identity.IAM.Insights.ApplicationCredentialExpiry/impactedResources/dbd9935e-15b7-4800-9049-8d8704c23ad2/reactivate ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-47
[!INCLUDE [sample-code](../includes/snippets/javascript/impactedresourcethisreactivate-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Industrydata Industrydataconnector Validate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-validate.md
POST https://graph.microsoft.com/beta/external/industryData/dataConnectors/8c010
[!INCLUDE [sample-code](../includes/snippets/php/industrydataconnectorthisvalidate-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Industrydata Industrydatarun Getstatistics https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydatarun-getstatistics.md
The following is an example of a request.
GET https://graph.microsoft.com/beta/external/industryData/runs/918d4a8f-599b-4f6a-b409-e892855db534/getStatistics ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/external/industryData/runs/918d4a8f-599b-4f
[!INCLUDE [sample-code](../includes/snippets/javascript/industrydatarunthisgetstatistics-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Insights List Trending https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/insights-list-trending.md
Here is an example of the request.
GET https://graph.microsoft.com/beta/me/insights/trending ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/me/insights/trending
[!INCLUDE [sample-code](../includes/snippets/javascript/get-me-trending-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
v1.0 Insights List Used https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/insights-list-used.md
For more details, see [customize insights privacy](/graph/insights-customize-ite
GET https://graph.microsoft.com/beta/me/insights/used ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/me/insights/used
[!INCLUDE [sample-code](../includes/snippets/javascript/get-mymodifieddocuments-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
Content-type: application/json
GET https://graph.microsoft.com/beta/me/insights/used?$orderby=LastUsed/LastAccessedDateTime desc ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/me/insights/used?$orderby=LastUsed/LastAcce
[!INCLUDE [sample-code](../includes/snippets/javascript/get-mymodifiedandvieweddocuments-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
v1.0 Intune Apps Enterprisecodesigningcertificate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-enterprisecodesigningcertificate-create.md
The following table shows the properties that are required when you create the e
|:|:|:| |id|String|The unique identifier of the certificate, assigned upon creation. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Read-only.| |content|Binary|The Windows Enterprise Code-Signing Certificate in the raw data format. Set to null once certificate has been uploaded and other properties have been populated.|
-|status|certificateStatus|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
+|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
|subjectName|String|The subject name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |subject|String|The subject value for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |issuerName|String|The issuer name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.|
v1.0 Intune Apps Enterprisecodesigningcertificate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-enterprisecodesigningcertificate-update.md
The following table shows the properties that are required when you create the [
|:|:|:| |id|String|The unique identifier of the certificate, assigned upon creation. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Read-only.| |content|Binary|The Windows Enterprise Code-Signing Certificate in the raw data format. Set to null once certificate has been uploaded and other properties have been populated.|
-|status|certificateStatus|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
+|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
|subjectName|String|The subject name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |subject|String|The subject value for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |issuerName|String|The issuer name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.|
v1.0 Intune Apps Symanteccodesigningcertificate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-apps-symanteccodesigningcertificate-update.md
The following table shows the properties that are required when you create the [
|:|:|:| |id|String|The key of the entity.| |content|Binary|The Windows Symantec Code-Signing Certificate in the raw data format.|
-|status|certificateStatus|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
+|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
|password|String|The Password required for .pfx file.| |subjectName|String|The Subject Name for the cert.| |subject|String|The Subject value for the cert.|
v1.0 Intune Cirrus Officeclientconfiguration Assign https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfiguration-assign.md
- Title: "assign action"
-description: "Replace all targeted groups for a policy."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# assign action
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Replace all targeted groups for a policy.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assign
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply JSON representation of the parameters.
-
-The following table shows the parameters that can be used with this action.
-
-|Property|Type|Description|
-|:|:|:|
-|officeConfigurationAssignments|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|List of office configuration assignments|
---
-## Response
-If successful, this action returns a `200 OK` response code and a [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assign
-
-Content-type: application/json
-Content-length: 299
-
-{
- "officeConfigurationAssignments": [
- {
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "id": "804730f3-30f3-8047-f330-4780f3304780",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
- }
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 274
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "id": "804730f3-30f3-8047-f330-4780f3304780",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
- }
- ]
-}
-```
v1.0 Intune Cirrus Officeclientconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfiguration-get.md
- Title: "Get officeClientConfiguration"
-description: "Get a specific policy."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Get officeClientConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Get a specific policy.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations/{key}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{key}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1137
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.officeClientConfiguration",
- "id": "362ce0f0-e0f0-362c-f0e0-2c36f0e02c36",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
- }
-}
-```
v1.0 Intune Cirrus Officeclientconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfiguration-list.md
- Title: "List officeClientConfigurations"
-description: "Get all policies."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# List officeClientConfigurations
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Get all policies.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1207
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.officeClientConfiguration",
- "id": "362ce0f0-e0f0-362c-f0e0-2c36f0e02c36",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Officeclientconfiguration Updatepriorities https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfiguration-updatepriorities.md
- Title: "updatePriorities action"
-description: "Update policy priorities."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# updatePriorities action
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update policy priorities.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /officeConfiguration/clientConfigurations/microsoft.management.services.api.updatePriorities
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply JSON representation of the parameters.
-
-The following table shows the parameters that can be used with this action.
-
-|Property|Type|Description|
-|:|:|:|
-|officeConfigurationPolicyIds|String collection|List of office configuration policy ids|
-|officeConfigurationPriorities|Int32 collection|List of office configuration priorities|
---
-## Response
-If successful, this action returns a `200 OK` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/microsoft.management.services.api.updatePriorities
-
-Content-type: application/json
-Content-length: 143
-
-{
- "officeConfigurationPolicyIds": [
- "Office Configuration Policy Ids value"
- ],
- "officeConfigurationPriorities": [
- 13
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-```
v1.0 Intune Cirrus Officeclientconfigurationassignment Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfigurationassignment-create.md
- Title: "Create officeClientConfigurationAssignment"
-description: "Add a target group to an existing policy."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Create officeClientConfigurationAssignment
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Add a target group to an existing policy.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /officeConfiguration/clientConfigurations/{key}/assignments
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the officeClientConfigurationAssignment object.
-
-The following table shows the properties that are required when you create the officeClientConfigurationAssignment.
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the OfficeConfigurationAssignment.|
-|target|[officeConfigurationAssignmentTarget](../resources/intune-cirrus-officeconfigurationassignmenttarget.md)|The target assignment defined by the admin.|
---
-## Response
-If successful, this method returns a `200 Created` response code and a [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{key}/assignments
-Content-type: application/json
-Content-length: 172
-
-{
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 221
-
-{
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "id": "804730f3-30f3-8047-f330-4780f3304780",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
-}
-```
v1.0 Intune Cirrus Officeclientconfigurationassignment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfigurationassignment-delete.md
- Title: "Delete officeClientConfigurationAssignment"
-description: "Deletes a officeClientConfigurationAssignment."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Delete officeClientConfigurationAssignment
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Deletes a [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|**TODO: Determine scopes **|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|**TODO: Determine scopes **|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments/{officeClientConfigurationAssignmentId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments/{officeClientConfigurationAssignmentId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Cirrus Officeclientconfigurationassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfigurationassignment-get.md
- Title: "Get officeClientConfigurationAssignment"
-description: "Read properties and relationships of the officeClientConfigurationAssignment object."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Get officeClientConfigurationAssignment
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|**TODO: Determine scopes **|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|**TODO: Determine scopes **|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments/{officeClientConfigurationAssignmentId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments/{officeClientConfigurationAssignmentId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 250
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "id": "804730f3-30f3-8047-f330-4780f3304780",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
- }
-}
-```
v1.0 Intune Cirrus Officeclientconfigurationassignment List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfigurationassignment-list.md
- Title: "List officeClientConfigurationAssignments"
-description: "List properties and relationships of the officeClientConfigurationAssignment objects."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# List officeClientConfigurationAssignments
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|**TODO: Determine scopes **|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|**TODO: Determine scopes **|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 274
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "id": "804730f3-30f3-8047-f330-4780f3304780",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
- }
- ]
-}
-```
v1.0 Intune Cirrus Officeclientconfigurationassignment Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-officeclientconfigurationassignment-update.md
- Title: "Update officeClientConfigurationAssignment"
-description: "Update the properties of a officeClientConfigurationAssignment object."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Update officeClientConfigurationAssignment
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|**TODO: Determine scopes **|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|**TODO: Determine scopes **|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments/{officeClientConfigurationAssignmentId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object.
-
-The following table shows the properties that are required when you create the [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Not yet documented|
-|target|[officeConfigurationAssignmentTarget](../resources/intune-cirrus-officeconfigurationassignmenttarget.md)|Not yet documented|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{officeClientConfigurationId}/assignments/{officeClientConfigurationAssignmentId}
-Content-type: application/json
-Content-length: 98
-
-{
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 221
-
-{
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "id": "804730f3-30f3-8047-f330-4780f3304780",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
-}
-```
v1.0 Intune Cirrus Windowsofficeclientconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientconfiguration-create.md
- Title: "Create windowsOfficeClientConfiguration"
-description: "Create a new non-security policy with targeting groups."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Create windowsOfficeClientConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Create a new non-security policy with targeting groups.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /officeConfiguration/clientConfigurations
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object.
-
-The following table shows the properties that are required when you create the [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userPreferencePayload|Stream|Preference settings JSON string in binary format, these values can be overridden by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|policyPayload|Stream|Policy settings JSON string in binary format, these values cannot be changed by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|description|String|Admin provided description of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|displayName|String|Admin provided name of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|assignments|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|The list of group assignments for the policy.. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|priority|Int32|Priority value should be unique value for each policy under a tenant and will be used for conflict resolution, lower values mean priority is high. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|lastModifiedDateTime|DateTime|Last modified datetime stamp of the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|User check-in summary for the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|checkinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|List of office Client check-in status. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
---
-## Response
-If successful, this method returns a `201 Created` response code and a [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations
-Content-type: application/json
-Content-length: 1020
-
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientConfiguration",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 1069
-
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientConfiguration",
- "id": "13a5ac73-ac73-13a5-73ac-a51373aca513",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Windowsofficeclientconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientconfiguration-delete.md
- Title: "Delete windowsOfficeClientConfiguration"
-description: "Delete a specific non-security policy."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Delete windowsOfficeClientConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Delete a specific non-security policy.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /officeConfiguration/clientConfigurations/{key}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{key}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-```
v1.0 Intune Cirrus Windowsofficeclientconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientconfiguration-get.md
- Title: "Get windowsOfficeClientConfiguration"
-description: "Get a specific non-security policy windowsOfficeClientConfiguration object."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Get windowsOfficeClientConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Get a specific non-security policy [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations/{key}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{key}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1144
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.windowsOfficeClientConfiguration",
- "id": "13a5ac73-ac73-13a5-73ac-a51373aca513",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
- }
-}
-```
v1.0 Intune Cirrus Windowsofficeclientconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientconfiguration-list.md
- Title: "List windowsOfficeClientConfigurations"
-description: "List properties and relationships of the windowsOfficeClientConfiguration objects."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# List windowsOfficeClientConfigurations
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1214
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.windowsOfficeClientConfiguration",
- "id": "13a5ac73-ac73-13a5-73ac-a51373aca513",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Windowsofficeclientconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientconfiguration-update.md
- Title: "Update windowsOfficeClientConfiguration"
-description: "Patch a specific non-security policy payload."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Update windowsOfficeClientConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Patch a specific non-security policy payload.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /officeConfiguration/clientConfigurations/{key}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object.
-
-The following table shows the properties that are required when you create the [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userPreferencePayload|Stream|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|policyPayload|Stream|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|description|String|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|displayName|String|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|priority|Int32|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|checkinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|Not yet documented Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{officeClientConfigurationId}
-Content-type: application/json
-Content-length: 949
-
-{
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1069
-
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientConfiguration",
- "id": "13a5ac73-ac73-13a5-73ac-a51373aca513",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Windowsofficeclientsecurityconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientsecurityconfiguration-create.md
- Title: "Create windowsOfficeClientSecurityConfiguration"
-description: "Create a new windowsOfficeClientSecurityConfiguration object."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Create windowsOfficeClientSecurityConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Create a new [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /officeConfiguration/clientConfigurations
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.
-
-The following table shows the properties that are required when you create the [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userPreferencePayload|Stream|Preference settings JSON string in binary format, these values can be overridden by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|policyPayload|Stream|Policy settings JSON string in binary format, these values cannot be changed by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|description|String|Admin provided description of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|displayName|String|Admin provided name of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|assignments|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|The list of group assignments for the policy.. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|priority|Int32|Priority value should be unique value for each policy under a tenant and will be used for conflict resolution, lower values mean priority is high. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|lastModifiedDateTime|DateTime|Last modified datetime stamp of the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|User check-in summary for the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|checkinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|List of office Client check-in status. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
----
-## Response
-If successful, this method returns a `201 Created` response code and a [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations
-Content-type: application/json
-Content-length: 1028
-
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientSecurityConfiguration",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 1077
-
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientSecurityConfiguration",
- "id": "f90ca1a5-a1a5-f90c-a5a1-0cf9a5a10cf9",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Windowsofficeclientsecurityconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientsecurityconfiguration-delete.md
- Title: "Delete windowsOfficeClientSecurityConfiguration"
-description: "Deletes a security policy windowsOfficeClientSecurityConfiguration."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Delete windowsOfficeClientSecurityConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Deletes a security policy [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /officeConfiguration/clientConfigurations/{key}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{key}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-```
v1.0 Intune Cirrus Windowsofficeclientsecurityconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientsecurityconfiguration-get.md
- Title: "Get windowsOfficeClientSecurityConfiguration"
-description: "Get a specific security policy windowsOfficeClientSecurityConfiguration object."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Get windowsOfficeClientSecurityConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Get a specific security policy [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations/{key}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{key}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1152
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.windowsOfficeClientSecurityConfiguration",
- "id": "f90ca1a5-a1a5-f90c-a5a1-0cf9a5a10cf9",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
- }
-}
-```
v1.0 Intune Cirrus Windowsofficeclientsecurityconfiguration List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientsecurityconfiguration-list.md
- Title: "List windowsOfficeClientSecurityConfigurations"
-description: "List properties and relationships of the windowsOfficeClientSecurityConfiguration objects."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# List windowsOfficeClientSecurityConfigurations
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All DeviceManagementConfiguration.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /officeConfiguration/clientConfigurations
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1222
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.windowsOfficeClientSecurityConfiguration",
- "id": "f90ca1a5-a1a5-f90c-a5a1-0cf9a5a10cf9",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Windowsofficeclientsecurityconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-cirrus-windowsofficeclientsecurityconfiguration-update.md
- Title: "Update windowsOfficeClientSecurityConfiguration"
-description: "Update the properties of a windowsOfficeClientSecurityConfiguration object."
-localization_priority: Normal
-
-doc_type: apiPageType
--
-# Update windowsOfficeClientSecurityConfiguration
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /officeConfiguration/clientConfigurations/{officeClientConfigurationId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.
-
-The following table shows the properties that are required when you create the [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userPreferencePayload|Stream|Preference settings JSON string in binary format, these values can be overridden by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|policyPayload|Stream|Policy settings JSON string in binary format, these values cannot be changed by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|description|String|Admin provided description of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|displayName|String|Admin provided name of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|assignments|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|The list of group assignments for the policy.. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|priority|Int32|Priority value should be unique value for each policy under a tenant and will be used for conflict resolution, lower values mean priority is high. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|lastModifiedDateTime|DateTime|Last modified datetime stamp of the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|User check-in summary for the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|checkinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|List of office Client check-in status. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/officeConfiguration/clientConfigurations/{officeClientConfigurationId}
-Content-type: application/json
-Content-length: 949
-
-{
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1077
-
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientSecurityConfiguration",
- "id": "f90ca1a5-a1a5-f90c-a5a1-0cf9a5a10cf9",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "Description value",
- "displayName": "Display Name value",
- "priority": 8,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 2,
- "failedUserCount": 15
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "User Principal Name value",
- "deviceName": "Device Name value",
- "devicePlatform": "Device Platform value",
- "devicePlatformVersion": "Device Platform Version value",
- "wasSuccessful": true,
- "userId": "User Id value",
- "checkinDateTime": "2016-12-31T23:56:33.9571764-08:00",
- "errorMessage": "Error Message value",
- "appliedPolicies": [
- "Applied Policies value"
- ]
- }
- ]
-}
-```
v1.0 Intune Deviceconfig Advancedthreatprotectiononboardingdevicesettingstate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-advancedthreatprotectiononboardingdevicesettingstate-create.md
The following table shows the properties that are required when you create the a
|Property|Type|Description| |:|:|:| |id|String|Key of the entity|
-|platformType|[deviceType](../resources/intune-shared-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|platformType|[deviceType](../resources/intune-deviceconfig-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|setting|String|The setting class name and property name.| |settingName|String|The Setting Name that is being reported| |deviceId|String|The Device Id that is being reported|
v1.0 Intune Deviceconfig Advancedthreatprotectiononboardingdevicesettingstate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-advancedthreatprotectiononboardingdevicesettingstate-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the entity|
-|platformType|[deviceType](../resources/intune-shared-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|platformType|[deviceType](../resources/intune-deviceconfig-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|setting|String|The setting class name and property name.| |settingName|String|The Setting Name that is being reported| |deviceId|String|The Device Id that is being reported|
v1.0 Intune Deviceconfig Androiddeviceownervpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androiddeviceownervpnconfiguration-create.md
The following table shows the properties that are required when you create the a
|alwaysOnLockdown|Boolean|If always-on VPN connection is enabled, whether or not to lock network traffic when that VPN is disconnected.| |microsoftTunnelSiteId|String|Microsoft Tunnel site ID.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
v1.0 Intune Deviceconfig Androiddeviceownervpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androiddeviceownervpnconfiguration-update.md
The following table shows the properties that are required when you create the [
|alwaysOnLockdown|Boolean|If always-on VPN connection is enabled, whether or not to lock network traffic when that VPN is disconnected.| |microsoftTunnelSiteId|String|Microsoft Tunnel site ID.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
v1.0 Intune Deviceconfig Androidforworkvpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidforworkvpnconfiguration-create.md
The following table shows the properties that are required when you create the a
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.|
v1.0 Intune Deviceconfig Androidforworkvpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidforworkvpnconfiguration-update.md
The following table shows the properties that are required when you create the [
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.|
v1.0 Intune Deviceconfig Androidvpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidvpnconfiguration-create.md
The following table shows the properties that are required when you create the a
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.|
v1.0 Intune Deviceconfig Androidvpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidvpnconfiguration-update.md
The following table shows the properties that are required when you create the [
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.|
v1.0 Intune Deviceconfig Androidworkprofilevpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidworkprofilevpnconfiguration-create.md
The following table shows the properties that are required when you create the a
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |proxyServer|[vpnProxyServer](../resources/intune-deviceconfig-vpnproxyserver.md)|Proxy server.| |targetedPackageIds|String collection|Targeted App package IDs.|
v1.0 Intune Deviceconfig Androidworkprofilevpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-androidworkprofilevpnconfiguration-update.md
The following table shows the properties that are required when you create the [
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |proxyServer|[vpnProxyServer](../resources/intune-deviceconfig-vpnproxyserver.md)|Proxy server.| |targetedPackageIds|String collection|Targeted App package IDs.|
v1.0 Intune Deviceconfig Devicecompliancesettingstate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-devicecompliancesettingstate-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:| |id|String|Key of the entity|
-|platformType|[deviceType](../resources/intune-shared-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|platformType|[deviceType](../resources/intune-deviceconfig-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|setting|String|The setting class name and property name.| |settingName|String|The Setting Name that is being reported| |deviceId|String|The Device Id that is being reported|
v1.0 Intune Deviceconfig Devicecompliancesettingstate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-devicecompliancesettingstate-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the entity|
-|platformType|[deviceType](../resources/intune-shared-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|platformType|[deviceType](../resources/intune-deviceconfig-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|setting|String|The setting class name and property name.| |settingName|String|The Setting Name that is being reported| |deviceId|String|The Device Id that is being reported|
v1.0 Intune Deviceconfig Hardwareconfigurationdevicestate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-hardwareconfigurationdevicestate-create.md
The following table shows the properties that are required when you create the h
|upn|String|User Principal Name (UPN).| |internalVersion|Int32|The Policy internal version| |lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the hardware configuration executed|
-|configurationState|[runState](../resources/intune-shared-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|configurationState|[runState](../resources/intune-deviceconfig-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|configurationOutput|String|Output of the hardware configuration execution| |configurationError|String|Error from the hardware configuration execution|
v1.0 Intune Deviceconfig Hardwareconfigurationdevicestate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-hardwareconfigurationdevicestate-update.md
The following table shows the properties that are required when you create the [
|upn|String|User Principal Name (UPN).| |internalVersion|Int32|The Policy internal version| |lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the hardware configuration executed|
-|configurationState|[runState](../resources/intune-shared-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|configurationState|[runState](../resources/intune-deviceconfig-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|configurationOutput|String|Output of the hardware configuration execution| |configurationError|String|Error from the hardware configuration execution|
v1.0 Intune Deviceconfig Iosikev2vpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-iosikev2vpnconfiguration-create.md
The following table shows the properties that are required when you create the i
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Iosikev2vpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-iosikev2vpnconfiguration-update.md
The following table shows the properties that are required when you create the [
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Iosvpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-iosvpnconfiguration-create.md
The following table shows the properties that are required when you create the i
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Iosvpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-iosvpnconfiguration-update.md
The following table shows the properties that are required when you create the [
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Macosdevicefeaturesconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosdevicefeaturesconfiguration-create.md
The following table shows the properties that are required when you create the m
|powerOffDisabledWhileLoggedIn|Boolean|Whether the Power Off menu item on the login window will be disabled while the user is logged in.| |logOutDisabledWhileLoggedIn|Boolean|Whether the Log Out menu item on the login window will be disabled while the user is logged in.| |screenLockDisableImmediate|Boolean|Whether to disable the immediate screen lock functions.|
-|associatedDomains|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
+|associatedDomains|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
|appAssociatedDomains|[macOSAssociatedDomainsItem](../resources/intune-deviceconfig-macosassociateddomainsitem.md) collection|Gets or sets a list that maps apps to their associated domains. Application identifiers must be unique. This collection can contain a maximum of 500 elements.| |singleSignOnExtension|[singleSignOnExtension](../resources/intune-deviceconfig-singlesignonextension.md)|Gets or sets a single sign-on extension profile. Deprecated: use MacOSSingleSignOnExtension instead.| |macOSSingleSignOnExtension|[macOSSingleSignOnExtension](../resources/intune-deviceconfig-macossinglesignonextension.md)|Gets or sets a single sign-on extension profile.|
v1.0 Intune Deviceconfig Macosdevicefeaturesconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosdevicefeaturesconfiguration-update.md
The following table shows the properties that are required when you create the [
|powerOffDisabledWhileLoggedIn|Boolean|Whether the Power Off menu item on the login window will be disabled while the user is logged in.| |logOutDisabledWhileLoggedIn|Boolean|Whether the Log Out menu item on the login window will be disabled while the user is logged in.| |screenLockDisableImmediate|Boolean|Whether to disable the immediate screen lock functions.|
-|associatedDomains|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
+|associatedDomains|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
|appAssociatedDomains|[macOSAssociatedDomainsItem](../resources/intune-deviceconfig-macosassociateddomainsitem.md) collection|Gets or sets a list that maps apps to their associated domains. Application identifiers must be unique. This collection can contain a maximum of 500 elements.| |singleSignOnExtension|[singleSignOnExtension](../resources/intune-deviceconfig-singlesignonextension.md)|Gets or sets a single sign-on extension profile. Deprecated: use MacOSSingleSignOnExtension instead.| |macOSSingleSignOnExtension|[macOSSingleSignOnExtension](../resources/intune-deviceconfig-macossinglesignonextension.md)|Gets or sets a single sign-on extension profile.|
v1.0 Intune Deviceconfig Macostrustedrootcertificate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macostrustedrootcertificate-create.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
+POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificatesForServerValidation
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificatesForServerValidation ```
If successful, this method returns a `201 Created` response code and a [macOSTru
### Request Here is an example of the request. ``` http
-POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificatesForServerValidation
+POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificatesForServerValidation
Content-type: application/json Content-length: 1138
v1.0 Intune Deviceconfig Macostrustedrootcertificate Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macostrustedrootcertificate-delete.md
One of the following permissions is required to call this API. To learn more, in
``` http DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificateForServerValidation DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificateForServerValidation
+DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificatesForServerValidation/{macOSTrustedRootCertificateId}
DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificatesForServerValidation/{macOSTrustedRootCertificateId} DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSScepCertificateProfile/rootCertificate ```
v1.0 Intune Deviceconfig Macostrustedrootcertificate Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macostrustedrootcertificate-get.md
One of the following permissions is required to call this API. To learn more, in
``` http GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificateForServerValidation GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificateForServerValidation
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificatesForServerValidation/{macOSTrustedRootCertificateId}
GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificatesForServerValidation/{macOSTrustedRootCertificateId} GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSScepCertificateProfile/rootCertificate ```
v1.0 Intune Deviceconfig Macostrustedrootcertificate List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macostrustedrootcertificate-list.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificatesForServerValidation
GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificatesForServerValidation ```
If successful, this method returns a `200 OK` response code and a collection of
### Request Here is an example of the request. ``` http
-GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificatesForServerValidation
+GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificatesForServerValidation
``` ### Response
v1.0 Intune Deviceconfig Macostrustedrootcertificate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macostrustedrootcertificate-update.md
One of the following permissions is required to call this API. To learn more, in
``` http PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificateForServerValidation PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificateForServerValidation
+PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/rootCertificatesForServerValidation/{macOSTrustedRootCertificateId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSEnterpriseWiFiConfiguration/rootCertificatesForServerValidation/{macOSTrustedRootCertificateId} PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.macOSWiredNetworkConfiguration/identityCertificateForClientAuthentication/microsoft.graph.macOSScepCertificateProfile/rootCertificate ```
v1.0 Intune Deviceconfig Macosvpnconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosvpnconfiguration-create.md
The following table shows the properties that are required when you create the m
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Macosvpnconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-macosvpnconfiguration-update.md
The following table shows the properties that are required when you create the [
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Manageddevicecertificatestate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-manageddevicecertificatestate-create.md
The following table shows the properties that are required when you create the m
|Property|Type|Description| |:|:|:| |id|String|Key of the entity.|
-|devicePlatform|[devicePlatformType](../resources/intune-deviceconfig-deviceplatformtype.md)|Device platform. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
+|devicePlatform|[devicePlatformType](../resources/intune-deviceconfig-deviceplatformtype.md)|Device platform. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
|certificateKeyUsage|[keyUsages](../resources/intune-shared-keyusages.md)|Key usage. Possible values are: `keyEncipherment`, `digitalSignature`.| |certificateValidityPeriodUnits|[certificateValidityPeriodScale](../resources/intune-shared-certificatevalidityperiodscale.md)|Validity period units. Possible values are: `days`, `months`, `years`.| |certificateIssuanceState|[certificateIssuanceStates](../resources/intune-deviceconfig-certificateissuancestates.md)|Issuance State. Possible values are: `unknown`, `challengeIssued`, `challengeIssueFailed`, `requestCreationFailed`, `requestSubmitFailed`, `challengeValidationSucceeded`, `challengeValidationFailed`, `issueFailed`, `issuePending`, `issued`, `responseProcessingFailed`, `responsePending`, `enrollmentSucceeded`, `enrollmentNotNeeded`, `revoked`, `removedFromCollection`, `renewVerified`, `installFailed`, `installed`, `deleteFailed`, `deleted`, `renewalRequested`, `requested`.|
v1.0 Intune Deviceconfig Manageddevicecertificatestate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-manageddevicecertificatestate-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the entity.|
-|devicePlatform|[devicePlatformType](../resources/intune-deviceconfig-deviceplatformtype.md)|Device platform. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
+|devicePlatform|[devicePlatformType](../resources/intune-deviceconfig-deviceplatformtype.md)|Device platform. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
|certificateKeyUsage|[keyUsages](../resources/intune-shared-keyusages.md)|Key usage. Possible values are: `keyEncipherment`, `digitalSignature`.| |certificateValidityPeriodUnits|[certificateValidityPeriodScale](../resources/intune-shared-certificatevalidityperiodscale.md)|Validity period units. Possible values are: `days`, `months`, `years`.| |certificateIssuanceState|[certificateIssuanceStates](../resources/intune-deviceconfig-certificateissuancestates.md)|Issuance State. Possible values are: `unknown`, `challengeIssued`, `challengeIssueFailed`, `requestCreationFailed`, `requestSubmitFailed`, `challengeValidationSucceeded`, `challengeValidationFailed`, `issueFailed`, `issuePending`, `issued`, `responseProcessingFailed`, `responsePending`, `enrollmentSucceeded`, `enrollmentNotNeeded`, `revoked`, `removedFromCollection`, `renewVerified`, `installFailed`, `installed`, `deleteFailed`, `deleted`, `renewalRequested`, `requested`.|
v1.0 Intune Deviceconfigv2 Devicemanagementcompliancepolicy Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementcompliancepolicy-create.md
The following table shows the properties that are required when you create the d
|name|String|Policy name| |description|String|Policy description| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time. This property is read-only.| |settingCount|Int32|Number of settings. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementcompliancepolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementcompliancepolicy-update.md
The following table shows the properties that are required when you create the [
|name|String|Policy name| |description|String|Policy description| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time. This property is read-only.| |settingCount|Int32|Number of settings. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationcategory Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationcategory-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|id|String|Identifier for item|
-|description|String|Description of the item|
-|categoryDescription|String|Description of the category header|
-|helpText|String|Help text of the item|
+|id|String|The unique identifier for the category.|
+|description|String|Description of the category. For example: Display|
+|categoryDescription|String|Description of the category header in policy summary.|
+|helpText|String|Help text of the category. Give more details of the category.|
|name|String|Name of the item|
-|displayName|String|Display name of the item|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
-|parentCategoryId|String|Parent id of the category.|
+|displayName|String|Name of the category. For example: Device Lock|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: none. android, androidEnterprise, iOs, macOs, windows10X, windows10, aosp, and linux. If this property is not set, or set to none, returns categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: none, mdm, configManager, intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. If this property is not set, or set to none, returns categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for compliance, configuration, or reusable settings. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Read-only. Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|parentCategoryId|String|Direct parent id of the category. If the category is the root, the parent id is same as its id.|
|rootCategoryId|String|Root id of the category.| |childCategoryIds|String collection|List of child ids of the category.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationcategory Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationcategory-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|id|String|Identifier for item|
-|description|String|Description of the item|
-|categoryDescription|String|Description of the category header|
-|helpText|String|Help text of the item|
+|id|String|The unique identifier for the category.|
+|description|String|Description of the category. For example: Display|
+|categoryDescription|String|Description of the category header in policy summary.|
+|helpText|String|Help text of the category. Give more details of the category.|
|name|String|Name of the item|
-|displayName|String|Display name of the item|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
-|parentCategoryId|String|Parent id of the category.|
+|displayName|String|Name of the category. For example: Device Lock|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: none. android, androidEnterprise, iOs, macOs, windows10X, windows10, aosp, and linux. If this property is not set, or set to none, returns categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: none, mdm, configManager, intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. If this property is not set, or set to none, returns categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for compliance, configuration, or reusable settings. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Read-only. Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|parentCategoryId|String|Direct parent id of the category. If the category is the root, the parent id is same as its id.|
|rootCategoryId|String|Root id of the category.| |childCategoryIds|String collection|List of child ids of the category.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingcollectiondefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingcollectiondefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
-|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected. Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|defaultOptionId|String|Default option for the choice setting. Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
|maximumCount|Int32|Maximum number of choices in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of choices in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingcollectiondefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingcollectiondefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
-|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected. Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|defaultOptionId|String|Default option for the choice setting. Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
|maximumCount|Int32|Maximum number of choices in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of choices in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected|
-|defaultOptionId|String|Default option for choice setting|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected.|
+|defaultOptionId|String|Default option for the choice setting.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected|
-|defaultOptionId|String|Default option for choice setting|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected.|
+|defaultOptionId|String|Default option for the choice setting.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicy Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicy-create.md
The following table shows the properties that are required when you create the d
|name|String|Policy name| |description|String|Policy description| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time| |settingCount|Int32|Number of settings|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicy-update.md
The following table shows the properties that are required when you create the [
|name|String|Policy name| |description|String|Policy description| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time| |settingCount|Int32|Number of settings|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicytemplate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicytemplate-create.md
The following table shows the properties that are required when you create the d
|displayVersion|String|Description of template version| |lifecycleState|[deviceManagementTemplateLifecycleState](../resources/intune-deviceconfigv2-devicemanagementtemplatelifecyclestate.md)|Indicate current lifecycle state of template. Possible values are: `invalid`, `draft`, `active`, `superseded`, `deprecated`, `retired`.| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|templateFamily|[deviceManagementConfigurationTemplateFamily](../resources/intune-deviceconfigv2-devicemanagementconfigurationtemplatefamily.md)|TemplateFamily for this template. Possible values are: `none`, `endpointSecurityAntivirus`, `endpointSecurityDiskEncryption`, `endpointSecurityFirewall`, `endpointSecurityEndpointDetectionAndResponse`, `endpointSecurityAttackSurfaceReduction`, `endpointSecurityAccountProtection`, `endpointSecurityApplicationControl`, `endpointSecurityEndpointPrivilegeManagement`, `enrollmentConfiguration`, `appQuietTime`, `baseline`, `unknownFutureValue`, `deviceConfigurationScripts`.| |allowUnmanagedSettings|Boolean|Allow unmanaged setting templates| |settingTemplateCount|Int32|Number of setting templates. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicytemplate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationpolicytemplate-update.md
The following table shows the properties that are required when you create the [
|displayVersion|String|Description of template version| |lifecycleState|[deviceManagementTemplateLifecycleState](../resources/intune-deviceconfigv2-devicemanagementtemplatelifecyclestate.md)|Indicate current lifecycle state of template. Possible values are: `invalid`, `draft`, `active`, `superseded`, `deprecated`, `retired`.| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|templateFamily|[deviceManagementConfigurationTemplateFamily](../resources/intune-deviceconfigv2-devicemanagementconfigurationtemplatefamily.md)|TemplateFamily for this template. Possible values are: `none`, `endpointSecurityAntivirus`, `endpointSecurityDiskEncryption`, `endpointSecurityFirewall`, `endpointSecurityEndpointDetectionAndResponse`, `endpointSecurityAttackSurfaceReduction`, `endpointSecurityAccountProtection`, `endpointSecurityApplicationControl`, `endpointSecurityEndpointPrivilegeManagement`, `enrollmentConfiguration`, `appQuietTime`, `baseline`, `unknownFutureValue`, `deviceConfigurationScripts`.| |allowUnmanagedSettings|Boolean|Allow unmanaged setting templates| |settingTemplateCount|Int32|Number of setting templates. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |deepLink|String|A deep link that points to the specific location in the Intune console where feature support must be managed from.| |redirectMessage|String|A message that explains that clicking the link will redirect the user to a supported page to manage the settings.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |deepLink|String|A deep link that points to the specific location in the Intune console where feature support must be managed from.| |redirectMessage|String|A message that explains that clicking the link will redirect the user to a supported page to manage the settings.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters.|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting. Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on|
-|infoUrls|String collection|List of links more info for the setting can be found at|
+|infoUrls|String collection|List of links more info for the setting can be found at.|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not| |baseUri|String|Base CSP Path| |offsetUri|String|Offset CSP Path from Base|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting.|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance. Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting.|
+|categoryId|String|Specify category in which the setting is under. Support $filters.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information.| |id|String|Identifier for item|
-|description|String|Description of the item|
-|helpText|String|Help text of the item|
+|description|String|Description of the setting.|
+|helpText|String|Help text of the setting. Give more details of the setting.|
|name|String|Name of the item|
-|displayName|String|Display name of the item|
+|displayName|String|Name of the setting. For example: Allow Toast.|
|version|String|Item Version|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters.|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting. Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on|
-|infoUrls|String collection|List of links more info for the setting can be found at|
+|infoUrls|String collection|List of links more info for the setting can be found at.|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not| |baseUri|String|Base CSP Path| |offsetUri|String|Offset CSP Path from Base|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting.|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance. Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting.|
+|categoryId|String|Specify category in which the setting is under. Support $filters.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information.| |id|String|Identifier for item|
-|description|String|Description of the item|
-|helpText|String|Help text of the item|
+|description|String|Description of the setting.|
+|helpText|String|Help text of the setting. Give more details of the setting.|
|name|String|Name of the item|
-|displayName|String|Display name of the item|
+|displayName|String|Name of the setting. For example: Allow Toast.|
|version|String|Item Version|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupcollectiondefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupcollectiondefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|childIds|String collection|Dependent child settings to this group of settings. Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)| |dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)| |maximumCount|Int32|Maximum number of setting group count in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupcollectiondefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupcollectiondefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|childIds|String collection|Dependent child settings to this group of settings. Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)| |dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)| |maximumCount|Int32|Maximum number of setting group count in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings|
+|childIds|String collection|Dependent child settings to this group of settings.|
|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group| |dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings|
+|childIds|String collection|Dependent child settings to this group of settings.|
|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group| |dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingcollectiondefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingcollectiondefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
|maximumCount|Int32|Maximum number of simple settings in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of simple settings in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingcollectiondefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingcollectiondefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
|maximumCount|Int32|Maximum number of simple settings in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of simple settings in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting.|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting.|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on.|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting.|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting.|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on.|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting.|
v1.0 Intune Devices Comanagementeligibledevice Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-comanagementeligibledevice-create.md
The following table shows the properties that are required when you create the c
|:|:|:| |id|String|Unique Id for the device| |deviceName|String|DeviceName|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|DeviceType. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|DeviceType. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|clientRegistrationStatus|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|ClientRegistrationStatus. Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.| |ownerType|[ownerType](../resources/intune-shared-ownertype.md)|OwnerType. Possible values are: `unknown`, `company`, `personal`.| |managementAgents|[managementAgentType](../resources/intune-shared-managementagenttype.md)|ManagementAgents. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
v1.0 Intune Devices Comanagementeligibledevice Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-comanagementeligibledevice-update.md
The following table shows the properties that are required when you create the [
|:|:|:| |id|String|Unique Id for the device| |deviceName|String|DeviceName|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|DeviceType. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|DeviceType. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|clientRegistrationStatus|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|ClientRegistrationStatus. Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.| |ownerType|[ownerType](../resources/intune-shared-ownertype.md)|OwnerType. Possible values are: `unknown`, `company`, `personal`.| |managementAgents|[managementAgentType](../resources/intune-shared-managementagenttype.md)|ManagementAgents. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
v1.0 Intune Devices Devicecompliancescriptdevicestate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicecompliancescriptdevicestate-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:| |id|String|Key of the device compliance script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device compliance script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device compliance script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicecompliancescriptdevicestate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicecompliancescriptdevicestate-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the device compliance script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device compliance script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device compliance script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicehealthscriptdevicestate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicehealthscriptdevicestate-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:| |id|String|Key of the device health script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device health script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device health script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicehealthscriptdevicestate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicehealthscriptdevicestate-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the device health script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device health script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device health script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicehealthscriptpolicystate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicehealthscriptpolicystate-create.md
The following table shows the properties that are required when you create the d
|policyName|String|Display name of the device health script| |userName|String|Name of the user whom ran the device health script| |osVersion|String|Value of the OS Version in string|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device health script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device health script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicehealthscriptpolicystate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicehealthscriptpolicystate-update.md
The following table shows the properties that are required when you create the [
|policyName|String|Display name of the device health script| |userName|String|Name of the user whom ran the device health script| |osVersion|String|Value of the OS Version in string|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device health script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device health script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicemanagementscriptdevicestate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicemanagementscriptdevicestate-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:| |id|String|Key of the device management script device state entity. This property is read-only.|
-|runState|[runState](../resources/intune-shared-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|runState|[runState](../resources/intune-devices-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|resultMessage|String|Details of execution output.| |lastStateUpdateDateTime|DateTimeOffset|Latest time the device management script executes.| |errorCode|Int32|Error code corresponding to erroneous execution of the device management script.|
v1.0 Intune Devices Devicemanagementscriptdevicestate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-devicemanagementscriptdevicestate-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the device management script device state entity. This property is read-only.|
-|runState|[runState](../resources/intune-shared-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|runState|[runState](../resources/intune-devices-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|resultMessage|String|Details of execution output.| |lastStateUpdateDateTime|DateTimeOffset|Latest time the device management script executes.| |errorCode|Int32|Error code corresponding to erroneous execution of the device management script.|
v1.0 Intune Devices Manageddevice Getoemwarranty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-manageddevice-getoemwarranty.md
- Title: "getOemWarranty function"
-description: "Not yet documented"
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# getOemWarranty function
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Not yet documented
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managedDevices/{managedDeviceId}/getOemWarranty
-GET /deviceManagement/comanagedDevices/{managedDeviceId}/getOemWarranty
-GET /deviceManagement/deviceHealthScripts/{deviceHealthScriptId}/deviceRunStates/{deviceHealthScriptDeviceStateId}/managedDevice/getOemWarranty
-GET /deviceManagement/deviceManagementScripts/{deviceManagementScriptId}/deviceRunStates/{deviceManagementScriptDeviceStateId}/managedDevice/getOemWarranty
-GET /deviceManagement/deviceComplianceScripts/{deviceComplianceScriptId}/deviceRunStates/{deviceComplianceScriptDeviceStateId}/managedDevice/getOemWarranty
-GET /deviceManagement/deviceManagementScripts/{deviceManagementScriptId}/deviceRunStates/{deviceManagementScriptDeviceStateId}/managedDevice/users/{userId}/managedDevices/{managedDeviceId}/getOemWarranty
-GET /deviceManagement/deviceManagementScripts/{deviceManagementScriptId}/deviceRunStates/{deviceManagementScriptDeviceStateId}/managedDevice/detectedApps/{detectedAppId}/managedDevices/{managedDeviceId}/getOemWarranty
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this function returns a `200 OK` response code and a [oemWarranty](../resources/intune-devices-oemwarranty.md) in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managedDevices/{managedDeviceId}/getOemWarranty
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 843
-
-{
- "value": {
- "@odata.type": "microsoft.graph.oemWarranty",
- "baseWarranties": [
- {
- "@odata.type": "microsoft.graph.warrantyOffer",
- "type": "manufacturer",
- "description": "Description value",
- "startDateTime": "2016-12-31T23:58:46.7156189-08:00",
- "endDateTime": "2017-01-01T00:03:30.9241974-08:00"
- }
- ],
- "additionalWarranties": [
- {
- "@odata.type": "microsoft.graph.warrantyOffer",
- "type": "manufacturer",
- "description": "Description value",
- "startDateTime": "2016-12-31T23:58:46.7156189-08:00",
- "endDateTime": "2017-01-01T00:03:30.9241974-08:00"
- }
- ],
- "deviceWarrantyUrl": "https://example.com/deviceWarrantyUrl/",
- "deviceConfigurationUrl": "https://example.com/deviceConfigurationUrl/"
- }
-}
-```
v1.0 Intune Devices Manageddevice Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-manageddevice-update.md
The following table shows the properties that are required when you create the [
|id|String|Unique Identifier for the device. This property is read-only.| |userId|String|Unique Identifier for the user associated with the device. This property is read-only.| |deviceName|String|Name of the device. This property is read-only.|
-|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. Return default value in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
-|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Can be 'company' or 'personal'. Possible values are: `unknown`, `company`, `personal`.|
+|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. By default most property of this type are set to null/0/false and enum defaults for associated types. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Possible values are, 'company' or 'personal'. Default is unknown. Supports $filter operator 'eq' and 'or'. Possible values are: `unknown`, `company`, `personal`.|
|managedDeviceOwnerType|[managedDeviceOwnerType](../resources/intune-shared-manageddeviceownertype.md)|Ownership of the device. Can be 'company' or 'personal'. Possible values are: `unknown`, `company`, `personal`.| |deviceActionResults|[deviceActionResult](../resources/intune-devices-deviceactionresult.md) collection|List of ComplexType deviceActionResult objects. This property is read-only.|
-|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. This property is read-only. Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
-|enrolledDateTime|DateTimeOffset|Enrollment time of the device. This property is read-only.|
-|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. This property is read-only.|
+|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. Examples: Managed, RetirePending, etc. Default is managed. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
+|enrolledDateTime|DateTimeOffset|Enrollment time of the device. Supports $filter operator 'lt' and 'gt'. This property is read-only.|
+|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. Supports $filter operator 'lt' and 'gt'. This property is read-only.|
|chassisType|[chassisType](../resources/intune-devices-chassistype.md)|Chassis type of the device. This property is read-only. Possible values are: `unknown`, `desktop`, `laptop`, `worksWorkstation`, `enterpriseServer`, `phone`, `tablet`, `mobileOther`, `mobileUnknown`.| |operatingSystem|String|Operating system of the device. Windows, iOS, etc. This property is read-only.|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|Platform of the device. This property is read-only. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
-|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. This property is read-only. Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
-|jailBroken|String|whether the device is jail broken or rooted. This property is read-only.|
-|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Intune, EAS, etc. This property is read-only. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|Platform of the device. Examples: Desktop, WindowsRT, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. Examples: Compliant, Conflict, Error, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
+|jailBroken|String|Whether the device is jail broken or rooted. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only.|
+|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Examples: Intune, EAS, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
|osVersion|String|Operating system version of the device. This property is read-only.| |easActivated|Boolean|Whether the device is Exchange ActiveSync activated. This property is read-only.| |easDeviceId|String|Exchange ActiveSync Id of the device. This property is read-only.|
The following table shows the properties that are required when you create the [
|azureADRegistered|Boolean|Whether the device is Azure Active Directory registered. This property is read-only.| |deviceEnrollmentType|[deviceEnrollmentType](../resources/intune-devices-deviceenrollmenttype.md)|Enrollment type of the device. This property is read-only. Possible values are: `unknown`, `userEnrollment`, `deviceEnrollmentManager`, `appleBulkWithUser`, `appleBulkWithoutUser`, `windowsAzureADJoin`, `windowsBulkUserless`, `windowsAutoEnrollment`, `windowsBulkAzureDomainJoin`, `windowsCoManagement`, `windowsAzureADJoinUsingDeviceAuth`, `appleUserEnrollment`, `appleUserEnrollmentWithServiceAccount`, `azureAdJoinUsingAzureVmExtension`, `androidEnterpriseDedicatedDevice`, `androidEnterpriseFullyManaged`, `androidEnterpriseCorporateWorkProfile`.| |lostModeState|[lostModeState](../resources/intune-devices-lostmodestate.md)|Indicates if Lost mode is enabled or disabled. This property is read-only. Possible values are: `disabled`, `enabled`.|
-|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. Individual GET call with select query options is needed to retrieve actual values. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
|emailAddress|String|Email(s) for the user associated with the device. This property is read-only.| |azureActiveDirectoryDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only.| |azureADDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only.| |deviceRegistrationState|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|Device registration state. This property is read-only. Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.|
-|deviceCategoryDisplayName|String|Device category display name. This property is read-only.|
+|deviceCategoryDisplayName|String|Device category display name. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only.|
|isSupervised|Boolean|Device supervised status. This property is read-only.| |exchangeLastSuccessfulSyncDateTime|DateTimeOffset|Last time the device contacted Exchange. This property is read-only.| |exchangeAccessState|[deviceManagementExchangeAccessState](../resources/intune-devices-devicemanagementexchangeaccessstate.md)|The Access State of the device in Exchange. This property is read-only. Possible values are: `none`, `unknown`, `allowed`, `blocked`, `quarantined`.| |exchangeAccessStateReason|[deviceManagementExchangeAccessStateReason](../resources/intune-devices-devicemanagementexchangeaccessstatereason.md)|The reason for the device's access state in Exchange. This property is read-only. Possible values are: `none`, `unknown`, `exchangeGlobalRule`, `exchangeIndividualRule`, `exchangeDeviceRule`, `exchangeUpgrade`, `exchangeMailboxPolicy`, `other`, `compliant`, `notCompliant`, `notEnrolled`, `unknownLocation`, `mfaRequired`, `azureADBlockDueToAccessPolicy`, `compromisedPassword`, `deviceNotKnownWithManagedApp`.|
-|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. This property is read-only.|
+|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only.|
|remoteAssistanceSessionErrorDetails|String|An error string that identifies issues when creating Remote Assistance session objects. This property is read-only.| |isEncrypted|Boolean|Device encryption status. This property is read-only.| |userPrincipalName|String|Device user principal name. This property is read-only.|
The following table shows the properties that are required when you create the [
|autopilotEnrolled|Boolean|Reports if the managed device is enrolled via auto-pilot. This property is read-only.| |requireUserEnrollmentApproval|Boolean|Reports if the managed iOS device is user approval enrollment. This property is read-only.| |managementCertificateExpirationDate|DateTimeOffset|Reports device management certificate expiration date. This property is read-only.|
-|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
-|udid|String|Unique Device Identifier for iOS and macOS devices. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|udid|String|Unique Device Identifier for iOS and macOS devices. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
|roleScopeTagIds|String collection|List of Scope Tag IDs for this Device instance.|
-|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. This property is read-only.|
-|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. This property is read-only.|
-|notes|String|Notes on the device created by IT Admin. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported.|
+|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only.|
+|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only.|
+|notes|String|Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported.|
|configurationManagerClientHealthState|[configurationManagerClientHealthState](../resources/intune-devices-configurationmanagerclienthealthstate.md)|Configuration manager client health state, valid only for devices managed by MDM/ConfigMgr Agent| |configurationManagerClientInformation|[configurationManagerClientInformation](../resources/intune-devices-configurationmanagerclientinformation.md)|Configuration manager client information, valid only for devices managed, duel-managed or tri-managed by ConfigMgr Agent| |ethernetMacAddress|String|Indicates Ethernet MAC Address of the device. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity. Individual get call with select query options is needed to retrieve actual values. Example: deviceManagement/managedDevices({managedDeviceId})?$select=ethernetMacAddress Supports: $select. $Search is not supported. Read-only. This property is read-only.|
-|physicalMemoryInBytes|Int64|Total Memory in Bytes. Return default value 0 in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. Default value is 0. Read-only. This property is read-only.|
+|physicalMemoryInBytes|Int64|Total Memory in Bytes. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. Read-only. This property is read-only.|
|processorArchitecture|[managedDeviceArchitecture](../resources/intune-devices-manageddevicearchitecture.md)|Processor architecture. This property is read-only. Possible values are: `unknown`, `x86`, `x64`, `arm`, `arM64`.| |specificationVersion|String|Specification version. This property is read-only.| |joinType|[joinType](../resources/intune-devices-jointype.md)|Device join type. Possible values are: `unknown`, `azureADJoined`, `azureADRegistered`, `hybridAzureADJoined`.| |skuFamily|String|Device sku family| |skuNumber|Int32|Device sku number, see also: https://learn.microsoft.com/windows/win32/api/sysinfoapi/nf-sysinfoapi-getproductinfo. Valid values 0 to 2147483647. This property is read-only.| |managementFeatures|[managedDeviceManagementFeatures](../resources/intune-devices-manageddevicemanagementfeatures.md)|Device management features. Possible values are: `none`, `microsoftManagedDesktop`.|
-|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device.|
+|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Default is an empty list. To retrieve actual values GET call needs to be made, with device id and included in select parameter.|
|enrollmentProfileName|String|Name of the enrollment profile assigned to the device. Default value is empty string, indicating no enrollment profile was assgined. This property is read-only.| |bootstrapTokenEscrowed|Boolean|Reports if the managed device has an escrowed Bootstrap Token. This is only for macOS devices. To get, include BootstrapTokenEscrowed in the select clause and query with a device id. If FALSE, no bootstrap token is escrowed. If TRUE, the device has escrowed a bootstrap token with Intune. This property is read-only.| |deviceFirmwareConfigurationInterfaceManaged|Boolean|Indicates whether the device is DFCI managed. When TRUE the device is DFCI managed. When FALSE, the device is not DFCI managed. The default value is FALSE.|
v1.0 Intune Devices Manageddevice Wipe https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-manageddevice-wipe.md
The following table shows the parameters that can be used with this action.
|keepEnrollmentData|Boolean|Not yet documented| |keepUserData|Boolean|Not yet documented| |macOsUnlockCode|String|Not yet documented|
+|obliterationBehavior|[obliterationBehavior](../resources/intune-devices-obliterationbehavior.md)|Not yet documented|
|persistEsimDataPlan|Boolean|Not yet documented| |useProtectedWipe|Boolean|Not yet documented|
Here is an example of the request.
POST https://graph.microsoft.com/beta/deviceManagement/managedDevices/{managedDeviceId}/wipe Content-type: application/json
-Content-length: 170
+Content-length: 216
{ "keepEnrollmentData": true, "keepUserData": true, "macOsUnlockCode": "Mac Os Unlock Code value",
+ "obliterationBehavior": "doNotObliterate",
"persistEsimDataPlan": true, "useProtectedWipe": true }
v1.0 Intune Devices Oemwarrantyinformationonboarding Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-oemwarrantyinformationonboarding-create.md
- Title: "Create oemWarrantyInformationOnboarding"
-description: "Create a new oemWarrantyInformationOnboarding object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Create oemWarrantyInformationOnboarding
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Create a new [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/oemWarrantyInformationOnboarding
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the oemWarrantyInformationOnboarding object.
-
-The following table shows the properties that are required when you create the oemWarrantyInformationOnboarding.
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique Identifier for OEM Warranty status. This property is read-only.|
-|oemName|String|OEM name. This property is read-only.|
-|enabled|Boolean|Specifies whether warranty query is enabled for given OEM. This property is read-only.|
-|available|Boolean|Specifies whether warranty API is available. This property is read-only.|
---
-## Response
-If successful, this method returns a `201 Created` response code and a [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/oemWarrantyInformationOnboarding
-Content-type: application/json
-Content-length: 148
-
-{
- "@odata.type": "#microsoft.graph.oemWarrantyInformationOnboarding",
- "oemName": "Oem Name value",
- "enabled": true,
- "available": true
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 197
-
-{
- "@odata.type": "#microsoft.graph.oemWarrantyInformationOnboarding",
- "id": "55491425-1425-5549-2514-495525144955",
- "oemName": "Oem Name value",
- "enabled": true,
- "available": true
-}
-```
v1.0 Intune Devices Oemwarrantyinformationonboarding Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-oemwarrantyinformationonboarding-delete.md
- Title: "Delete oemWarrantyInformationOnboarding"
-description: "Deletes a oemWarrantyInformationOnboarding."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Delete oemWarrantyInformationOnboarding
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Deletes a [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Devices Oemwarrantyinformationonboarding Disable https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-oemwarrantyinformationonboarding-disable.md
- Title: "disable action"
-description: "Not yet documented"
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# disable action
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Not yet documented
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementManagedDevices.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementManagedDevices.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}/disable
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this action returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}/disable
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Devices Oemwarrantyinformationonboarding Enable https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-oemwarrantyinformationonboarding-enable.md
- Title: "enable action"
-description: "Not yet documented"
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# enable action
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Not yet documented
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementManagedDevices.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementManagedDevices.Read.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}/enable
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this action returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}/enable
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Devices Oemwarrantyinformationonboarding Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-oemwarrantyinformationonboarding-get.md
- Title: "Get oemWarrantyInformationOnboarding"
-description: "Read properties and relationships of the oemWarrantyInformationOnboarding object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get oemWarrantyInformationOnboarding
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 226
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.oemWarrantyInformationOnboarding",
- "id": "55491425-1425-5549-2514-495525144955",
- "oemName": "Oem Name value",
- "enabled": true,
- "available": true
- }
-}
-```
v1.0 Intune Devices Oemwarrantyinformationonboarding List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-oemwarrantyinformationonboarding-list.md
- Title: "List oemWarrantyInformationOnboardings"
-description: "List properties and relationships of the oemWarrantyInformationOnboarding objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List oemWarrantyInformationOnboardings
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/oemWarrantyInformationOnboarding
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/oemWarrantyInformationOnboarding
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 250
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.oemWarrantyInformationOnboarding",
- "id": "55491425-1425-5549-2514-495525144955",
- "oemName": "Oem Name value",
- "enabled": true,
- "available": true
- }
- ]
-}
-```
v1.0 Intune Devices Oemwarrantyinformationonboarding Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-oemwarrantyinformationonboarding-update.md
- Title: "Update oemWarrantyInformationOnboarding"
-description: "Update the properties of a oemWarrantyInformationOnboarding object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update oemWarrantyInformationOnboarding
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object.
-
-The following table shows the properties that are required when you create the [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique Identifier for OEM Warranty status. This property is read-only.|
-|oemName|String|OEM name. This property is read-only.|
-|enabled|Boolean|Specifies whether warranty query is enabled for given OEM. This property is read-only.|
-|available|Boolean|Specifies whether warranty API is available. This property is read-only.|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/deviceManagement/oemWarrantyInformationOnboarding/{oemWarrantyInformationOnboardingId}
-Content-type: application/json
-Content-length: 148
-
-{
- "@odata.type": "#microsoft.graph.oemWarrantyInformationOnboarding",
- "oemName": "Oem Name value",
- "enabled": true,
- "available": true
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 197
-
-{
- "@odata.type": "#microsoft.graph.oemWarrantyInformationOnboarding",
- "id": "55491425-1425-5549-2514-495525144955",
- "oemName": "Oem Name value",
- "enabled": true,
- "available": true
-}
-```
v1.0 Intune Devices Windowsmanageddevice Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-windowsmanageddevice-create.md
The following table shows the properties that are required when you create the w
|id|String|Unique Identifier for the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |userId|String|Unique Identifier for the user associated with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceName|String|Name of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. Return default value in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Can be 'company' or 'personal' Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.|
+|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. By default most property of this type are set to null/0/false and enum defaults for associated types. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Possible values are, 'company' or 'personal'. Default is unknown. Supports $filter operator 'eq' and 'or'. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.|
|managedDeviceOwnerType|[managedDeviceOwnerType](../resources/intune-shared-manageddeviceownertype.md)|Ownership of the device. Can be 'company' or 'personal' Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.| |deviceActionResults|[deviceActionResult](../resources/intune-devices-deviceactionresult.md) collection|List of ComplexType deviceActionResult objects. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
-|enrolledDateTime|DateTimeOffset|Enrollment time of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. Examples: Managed, RetirePending, etc. Default is managed. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
+|enrolledDateTime|DateTimeOffset|Enrollment time of the device. Supports $filter operator 'lt' and 'gt'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. Supports $filter operator 'lt' and 'gt'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|chassisType|[chassisType](../resources/intune-devices-chassistype.md)|Chassis type of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `desktop`, `laptop`, `worksWorkstation`, `enterpriseServer`, `phone`, `tablet`, `mobileOther`, `mobileUnknown`.| |operatingSystem|String|Operating system of the device. Windows, iOS, etc. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|Platform of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
-|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
-|jailBroken|String|whether the device is jail broken or rooted. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Intune, EAS, etc. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|Platform of the device. Examples: Desktop, WindowsRT, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. Examples: Compliant, Conflict, Error, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
+|jailBroken|String|Whether the device is jail broken or rooted. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Examples: Intune, EAS, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
|osVersion|String|Operating system version of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |easActivated|Boolean|Whether the device is Exchange ActiveSync activated. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |easDeviceId|String|Exchange ActiveSync Id of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
The following table shows the properties that are required when you create the w
|azureADRegistered|Boolean|Whether the device is Azure Active Directory registered. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceEnrollmentType|[deviceEnrollmentType](../resources/intune-devices-deviceenrollmenttype.md)|Enrollment type of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `userEnrollment`, `deviceEnrollmentManager`, `appleBulkWithUser`, `appleBulkWithoutUser`, `windowsAzureADJoin`, `windowsBulkUserless`, `windowsAutoEnrollment`, `windowsBulkAzureDomainJoin`, `windowsCoManagement`, `windowsAzureADJoinUsingDeviceAuth`, `appleUserEnrollment`, `appleUserEnrollmentWithServiceAccount`, `azureAdJoinUsingAzureVmExtension`, `androidEnterpriseDedicatedDevice`, `androidEnterpriseFullyManaged`, `androidEnterpriseCorporateWorkProfile`.| |lostModeState|[lostModeState](../resources/intune-devices-lostmodestate.md)|Indicates if Lost mode is enabled or disabled. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `disabled`, `enabled`.|
-|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. Individual GET call with select query options is needed to retrieve actual values. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|emailAddress|String|Email(s) for the user associated with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |azureActiveDirectoryDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |azureADDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceRegistrationState|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|Device registration state. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.|
-|deviceCategoryDisplayName|String|Device category display name. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|deviceCategoryDisplayName|String|Device category display name. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|isSupervised|Boolean|Device supervised status. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |exchangeLastSuccessfulSyncDateTime|DateTimeOffset|Last time the device contacted Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |exchangeAccessState|[deviceManagementExchangeAccessState](../resources/intune-devices-devicemanagementexchangeaccessstate.md)|The Access State of the device in Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `unknown`, `allowed`, `blocked`, `quarantined`.| |exchangeAccessStateReason|[deviceManagementExchangeAccessStateReason](../resources/intune-devices-devicemanagementexchangeaccessstatereason.md)|The reason for the device's access state in Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `unknown`, `exchangeGlobalRule`, `exchangeIndividualRule`, `exchangeDeviceRule`, `exchangeUpgrade`, `exchangeMailboxPolicy`, `other`, `compliant`, `notCompliant`, `notEnrolled`, `unknownLocation`, `mfaRequired`, `azureADBlockDueToAccessPolicy`, `compromisedPassword`, `deviceNotKnownWithManagedApp`.|
-|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|remoteAssistanceSessionErrorDetails|String|An error string that identifies issues when creating Remote Assistance session objects. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |isEncrypted|Boolean|Device encryption status. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |userPrincipalName|String|Device user principal name. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
The following table shows the properties that are required when you create the w
|autopilotEnrolled|Boolean|Reports if the managed device is enrolled via auto-pilot. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |requireUserEnrollmentApproval|Boolean|Reports if the managed iOS device is user approval enrollment. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |managementCertificateExpirationDate|DateTimeOffset|Reports device management certificate expiration date. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|udid|String|Unique Device Identifier for iOS and macOS devices. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|udid|String|Unique Device Identifier for iOS and macOS devices. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|roleScopeTagIds|String collection|List of Scope Tag IDs for this Device instance. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|notes|String|Notes on the device created by IT Admin. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|notes|String|Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|configurationManagerClientHealthState|[configurationManagerClientHealthState](../resources/intune-devices-configurationmanagerclienthealthstate.md)|Configuration manager client health state, valid only for devices managed by MDM/ConfigMgr Agent Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |configurationManagerClientInformation|[configurationManagerClientInformation](../resources/intune-devices-configurationmanagerclientinformation.md)|Configuration manager client information, valid only for devices managed, duel-managed or tri-managed by ConfigMgr Agent Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |ethernetMacAddress|String|Indicates Ethernet MAC Address of the device. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity. Individual get call with select query options is needed to retrieve actual values. Example: deviceManagement/managedDevices({managedDeviceId})?$select=ethernetMacAddress Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|physicalMemoryInBytes|Int64|Total Memory in Bytes. Return default value 0 in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. Default value is 0. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|physicalMemoryInBytes|Int64|Total Memory in Bytes. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|processorArchitecture|[managedDeviceArchitecture](../resources/intune-devices-manageddevicearchitecture.md)|Processor architecture. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `x86`, `x64`, `arm`, `arM64`.| |specificationVersion|String|Specification version. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |joinType|[joinType](../resources/intune-devices-jointype.md)|Device join type Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `azureADJoined`, `azureADRegistered`, `hybridAzureADJoined`.| |skuFamily|String|Device sku family Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |skuNumber|Int32|Device sku number, see also: https://learn.microsoft.com/windows/win32/api/sysinfoapi/nf-sysinfoapi-getproductinfo. Valid values 0 to 2147483647. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |managementFeatures|[managedDeviceManagementFeatures](../resources/intune-devices-manageddevicemanagementfeatures.md)|Device management features Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `microsoftManagedDesktop`.|
-|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Default is an empty list. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|enrollmentProfileName|String|Name of the enrollment profile assigned to the device. Default value is empty string, indicating no enrollment profile was assgined. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |bootstrapTokenEscrowed|Boolean|Reports if the managed device has an escrowed Bootstrap Token. This is only for macOS devices. To get, include BootstrapTokenEscrowed in the select clause and query with a device id. If FALSE, no bootstrap token is escrowed. If TRUE, the device has escrowed a bootstrap token with Intune. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceFirmwareConfigurationInterfaceManaged|Boolean|Indicates whether the device is DFCI managed. When TRUE the device is DFCI managed. When FALSE, the device is not DFCI managed. The default value is FALSE. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
v1.0 Intune Devices Windowsmanageddevice Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-devices-windowsmanageddevice-update.md
The following table shows the properties that are required when you create the [
|id|String|Unique Identifier for the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |userId|String|Unique Identifier for the user associated with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceName|String|Name of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. Return default value in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Can be 'company' or 'personal' Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.|
+|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. By default most property of this type are set to null/0/false and enum defaults for associated types. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Possible values are, 'company' or 'personal'. Default is unknown. Supports $filter operator 'eq' and 'or'. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.|
|managedDeviceOwnerType|[managedDeviceOwnerType](../resources/intune-shared-manageddeviceownertype.md)|Ownership of the device. Can be 'company' or 'personal' Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.| |deviceActionResults|[deviceActionResult](../resources/intune-devices-deviceactionresult.md) collection|List of ComplexType deviceActionResult objects. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
-|enrolledDateTime|DateTimeOffset|Enrollment time of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. Examples: Managed, RetirePending, etc. Default is managed. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
+|enrolledDateTime|DateTimeOffset|Enrollment time of the device. Supports $filter operator 'lt' and 'gt'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. Supports $filter operator 'lt' and 'gt'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|chassisType|[chassisType](../resources/intune-devices-chassistype.md)|Chassis type of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `desktop`, `laptop`, `worksWorkstation`, `enterpriseServer`, `phone`, `tablet`, `mobileOther`, `mobileUnknown`.| |operatingSystem|String|Operating system of the device. Windows, iOS, etc. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|Platform of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
-|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
-|jailBroken|String|whether the device is jail broken or rooted. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Intune, EAS, etc. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|Platform of the device. Examples: Desktop, WindowsRT, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. Examples: Compliant, Conflict, Error, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
+|jailBroken|String|Whether the device is jail broken or rooted. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Examples: Intune, EAS, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
|osVersion|String|Operating system version of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |easActivated|Boolean|Whether the device is Exchange ActiveSync activated. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |easDeviceId|String|Exchange ActiveSync Id of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
The following table shows the properties that are required when you create the [
|azureADRegistered|Boolean|Whether the device is Azure Active Directory registered. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceEnrollmentType|[deviceEnrollmentType](../resources/intune-devices-deviceenrollmenttype.md)|Enrollment type of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `userEnrollment`, `deviceEnrollmentManager`, `appleBulkWithUser`, `appleBulkWithoutUser`, `windowsAzureADJoin`, `windowsBulkUserless`, `windowsAutoEnrollment`, `windowsBulkAzureDomainJoin`, `windowsCoManagement`, `windowsAzureADJoinUsingDeviceAuth`, `appleUserEnrollment`, `appleUserEnrollmentWithServiceAccount`, `azureAdJoinUsingAzureVmExtension`, `androidEnterpriseDedicatedDevice`, `androidEnterpriseFullyManaged`, `androidEnterpriseCorporateWorkProfile`.| |lostModeState|[lostModeState](../resources/intune-devices-lostmodestate.md)|Indicates if Lost mode is enabled or disabled. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `disabled`, `enabled`.|
-|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. Individual GET call with select query options is needed to retrieve actual values. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|emailAddress|String|Email(s) for the user associated with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |azureActiveDirectoryDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |azureADDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceRegistrationState|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|Device registration state. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.|
-|deviceCategoryDisplayName|String|Device category display name. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|deviceCategoryDisplayName|String|Device category display name. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|isSupervised|Boolean|Device supervised status. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |exchangeLastSuccessfulSyncDateTime|DateTimeOffset|Last time the device contacted Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |exchangeAccessState|[deviceManagementExchangeAccessState](../resources/intune-devices-devicemanagementexchangeaccessstate.md)|The Access State of the device in Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `unknown`, `allowed`, `blocked`, `quarantined`.| |exchangeAccessStateReason|[deviceManagementExchangeAccessStateReason](../resources/intune-devices-devicemanagementexchangeaccessstatereason.md)|The reason for the device's access state in Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `unknown`, `exchangeGlobalRule`, `exchangeIndividualRule`, `exchangeDeviceRule`, `exchangeUpgrade`, `exchangeMailboxPolicy`, `other`, `compliant`, `notCompliant`, `notEnrolled`, `unknownLocation`, `mfaRequired`, `azureADBlockDueToAccessPolicy`, `compromisedPassword`, `deviceNotKnownWithManagedApp`.|
-|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|remoteAssistanceSessionErrorDetails|String|An error string that identifies issues when creating Remote Assistance session objects. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |isEncrypted|Boolean|Device encryption status. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |userPrincipalName|String|Device user principal name. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
The following table shows the properties that are required when you create the [
|autopilotEnrolled|Boolean|Reports if the managed device is enrolled via auto-pilot. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |requireUserEnrollmentApproval|Boolean|Reports if the managed iOS device is user approval enrollment. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |managementCertificateExpirationDate|DateTimeOffset|Reports device management certificate expiration date. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|udid|String|Unique Device Identifier for iOS and macOS devices. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|udid|String|Unique Device Identifier for iOS and macOS devices. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|roleScopeTagIds|String collection|List of Scope Tag IDs for this Device instance. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|notes|String|Notes on the device created by IT Admin. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|notes|String|Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|configurationManagerClientHealthState|[configurationManagerClientHealthState](../resources/intune-devices-configurationmanagerclienthealthstate.md)|Configuration manager client health state, valid only for devices managed by MDM/ConfigMgr Agent Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |configurationManagerClientInformation|[configurationManagerClientInformation](../resources/intune-devices-configurationmanagerclientinformation.md)|Configuration manager client information, valid only for devices managed, duel-managed or tri-managed by ConfigMgr Agent Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |ethernetMacAddress|String|Indicates Ethernet MAC Address of the device. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity. Individual get call with select query options is needed to retrieve actual values. Example: deviceManagement/managedDevices({managedDeviceId})?$select=ethernetMacAddress Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|physicalMemoryInBytes|Int64|Total Memory in Bytes. Return default value 0 in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. Default value is 0. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|physicalMemoryInBytes|Int64|Total Memory in Bytes. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|processorArchitecture|[managedDeviceArchitecture](../resources/intune-devices-manageddevicearchitecture.md)|Processor architecture. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `x86`, `x64`, `arm`, `arM64`.| |specificationVersion|String|Specification version. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |joinType|[joinType](../resources/intune-devices-jointype.md)|Device join type Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `azureADJoined`, `azureADRegistered`, `hybridAzureADJoined`.| |skuFamily|String|Device sku family Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |skuNumber|Int32|Device sku number, see also: https://learn.microsoft.com/windows/win32/api/sysinfoapi/nf-sysinfoapi-getproductinfo. Valid values 0 to 2147483647. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |managementFeatures|[managedDeviceManagementFeatures](../resources/intune-devices-manageddevicemanagementfeatures.md)|Device management features Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `microsoftManagedDesktop`.|
-|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Default is an empty list. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|enrollmentProfileName|String|Name of the enrollment profile assigned to the device. Default value is empty string, indicating no enrollment profile was assgined. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |bootstrapTokenEscrowed|Boolean|Reports if the managed device has an escrowed Bootstrap Token. This is only for macOS devices. To get, include BootstrapTokenEscrowed in the select clause and query with a device id. If FALSE, no bootstrap token is escrowed. If TRUE, the device has escrowed a bootstrap token with Intune. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceFirmwareConfigurationInterfaceManaged|Boolean|Indicates whether the device is DFCI managed. When TRUE the device is DFCI managed. When FALSE, the device is not DFCI managed. The default value is FALSE. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
v1.0 Intune Enrollment Depmacosenrollmentprofile Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depmacosenrollmentprofile-create.md
The following table shows the properties that are required when you create the d
|adminAccountFullName|String|Indicates what the full name for the admin account is| |adminAccountPassword|String|Indicates what the password for the admin account is| |hideAdminAccount|Boolean|Indicates whether the admin account should be hidded or not|
-|requestRequiresNetworkTether|Boolean|Indicates if the device is network-tethered to run the command|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/depOnboardingSettings/{depOnboardingSettingId}/enrollmentProfiles Content-type: application/json
-Content-length: 1951
+Content-length: 1910
{ "@odata.type": "#microsoft.graph.depMacOSEnrollmentProfile",
Content-length: 1951
"adminAccountUserName": "Admin Account User Name value", "adminAccountFullName": "Admin Account Full Name value", "adminAccountPassword": "Admin Account Password value",
- "hideAdminAccount": true,
- "requestRequiresNetworkTether": true
+ "hideAdminAccount": true
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 2000
+Content-Length: 1959
{ "@odata.type": "#microsoft.graph.depMacOSEnrollmentProfile",
Content-Length: 2000
"adminAccountUserName": "Admin Account User Name value", "adminAccountFullName": "Admin Account Full Name value", "adminAccountPassword": "Admin Account Password value",
- "hideAdminAccount": true,
- "requestRequiresNetworkTether": true
+ "hideAdminAccount": true
} ```
v1.0 Intune Enrollment Depmacosenrollmentprofile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depmacosenrollmentprofile-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2119
+Content-Length: 2076
{ "value": {
Content-Length: 2119
"adminAccountUserName": "Admin Account User Name value", "adminAccountFullName": "Admin Account Full Name value", "adminAccountPassword": "Admin Account Password value",
- "hideAdminAccount": true,
- "requestRequiresNetworkTether": true
+ "hideAdminAccount": true
} } ```
v1.0 Intune Enrollment Depmacosenrollmentprofile List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depmacosenrollmentprofile-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2233
+Content-Length: 2188
{ "value": [
Content-Length: 2233
"adminAccountUserName": "Admin Account User Name value", "adminAccountFullName": "Admin Account Full Name value", "adminAccountPassword": "Admin Account Password value",
- "hideAdminAccount": true,
- "requestRequiresNetworkTether": true
+ "hideAdminAccount": true
} ] }
v1.0 Intune Enrollment Depmacosenrollmentprofile Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-enrollment-depmacosenrollmentprofile-update.md
The following table shows the properties that are required when you create the [
|adminAccountFullName|String|Indicates what the full name for the admin account is| |adminAccountPassword|String|Indicates what the password for the admin account is| |hideAdminAccount|Boolean|Indicates whether the admin account should be hidded or not|
-|requestRequiresNetworkTether|Boolean|Indicates if the device is network-tethered to run the command|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/depOnboardingSettings/{depOnboardingSettingId}/defaultMacOsEnrollmentProfile Content-type: application/json
-Content-length: 1951
+Content-length: 1910
{ "@odata.type": "#microsoft.graph.depMacOSEnrollmentProfile",
Content-length: 1951
"adminAccountUserName": "Admin Account User Name value", "adminAccountFullName": "Admin Account Full Name value", "adminAccountPassword": "Admin Account Password value",
- "hideAdminAccount": true,
- "requestRequiresNetworkTether": true
+ "hideAdminAccount": true
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 2000
+Content-Length: 1959
{ "@odata.type": "#microsoft.graph.depMacOSEnrollmentProfile",
Content-Length: 2000
"adminAccountUserName": "Admin Account User Name value", "adminAccountFullName": "Admin Account Full Name value", "adminAccountPassword": "Admin Account Password value",
- "hideAdminAccount": true,
- "requestRequiresNetworkTether": true
+ "hideAdminAccount": true
} ```
v1.0 Intune Fencing Circulargeofencemanagementcondition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-circulargeofencemanagementcondition-create.md
- Title: "Create circularGeofenceManagementCondition"
-description: "Create a new circularGeofenceManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Create circularGeofenceManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Create a new [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/managementConditions
-POST /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the circularGeofenceManagementCondition object.
-
-The following table shows the properties that are required when you create the circularGeofenceManagementCondition.
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
-|latitude|Double|Latitude in degrees, between -90 and +90 inclusive.|
-|longitude|Double|Longitude in degrees, between -180 and +180 inclusive.|
-|radiusInMeters|Single|Radius in meters.|
---
-## Response
-If successful, this method returns a `201 Created` response code and a [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/managementConditions
-Content-type: application/json
-Content-length: 371
-
-{
- "@odata.type": "#microsoft.graph.circularGeofenceManagementCondition",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "latitude": 2.6666666666666665,
- "longitude": 3.0,
- "radiusInMeters": 4.666666666666667
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 539
-
-{
- "@odata.type": "#microsoft.graph.circularGeofenceManagementCondition",
- "id": "30ee27b6-27b6-30ee-b627-ee30b627ee30",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "latitude": 2.6666666666666665,
- "longitude": 3.0,
- "radiusInMeters": 4.666666666666667
-}
-```
v1.0 Intune Fencing Circulargeofencemanagementcondition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-circulargeofencemanagementcondition-delete.md
- Title: "Delete circularGeofenceManagementCondition"
-description: "Deletes a circularGeofenceManagementCondition."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Delete circularGeofenceManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Deletes a [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /deviceManagement/managementConditions/{managementConditionId}
-DELETE /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Fencing Circulargeofencemanagementcondition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-circulargeofencemanagementcondition-get.md
- Title: "Get circularGeofenceManagementCondition"
-description: "Read properties and relationships of the circularGeofenceManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get circularGeofenceManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions/{managementConditionId}
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 586
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.circularGeofenceManagementCondition",
- "id": "30ee27b6-27b6-30ee-b627-ee30b627ee30",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "latitude": 2.6666666666666665,
- "longitude": 3.0,
- "radiusInMeters": 4.666666666666667
- }
-}
-```
v1.0 Intune Fencing Circulargeofencemanagementcondition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-circulargeofencemanagementcondition-list.md
- Title: "List circularGeofenceManagementConditions"
-description: "List properties and relationships of the circularGeofenceManagementCondition objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List circularGeofenceManagementConditions
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 628
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.circularGeofenceManagementCondition",
- "id": "30ee27b6-27b6-30ee-b627-ee30b627ee30",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "latitude": 2.6666666666666665,
- "longitude": 3.0,
- "radiusInMeters": 4.666666666666667
- }
- ]
-}
-```
v1.0 Intune Fencing Circulargeofencemanagementcondition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-circulargeofencemanagementcondition-update.md
- Title: "Update circularGeofenceManagementCondition"
-description: "Update the properties of a circularGeofenceManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update circularGeofenceManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /deviceManagement/managementConditions/{managementConditionId}
-PATCH /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object.
-
-The following table shows the properties that are required when you create the [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
-|latitude|Double|Latitude in degrees, between -90 and +90 inclusive.|
-|longitude|Double|Longitude in degrees, between -180 and +180 inclusive.|
-|radiusInMeters|Single|Radius in meters.|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-Content-type: application/json
-Content-length: 371
-
-{
- "@odata.type": "#microsoft.graph.circularGeofenceManagementCondition",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "latitude": 2.6666666666666665,
- "longitude": 3.0,
- "radiusInMeters": 4.666666666666667
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 539
-
-{
- "@odata.type": "#microsoft.graph.circularGeofenceManagementCondition",
- "id": "30ee27b6-27b6-30ee-b627-ee30b627ee30",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "latitude": 2.6666666666666665,
- "longitude": 3.0,
- "radiusInMeters": 4.666666666666667
-}
-```
v1.0 Intune Fencing Locationmanagementcondition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-locationmanagementcondition-get.md
- Title: "Get locationManagementCondition"
-description: "Read properties and relationships of the locationManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get locationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions/{managementConditionId}
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 476
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.locationManagementCondition",
- "id": "23b1ca32-ca32-23b1-32ca-b12332cab123",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
-}
-```
v1.0 Intune Fencing Locationmanagementcondition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-locationmanagementcondition-list.md
- Title: "List locationManagementConditions"
-description: "List properties and relationships of the locationManagementCondition objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List locationManagementConditions
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 512
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.locationManagementCondition",
- "id": "23b1ca32-ca32-23b1-32ca-b12332cab123",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
- ]
-}
-```
v1.0 Intune Fencing Managementcondition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementcondition-get.md
- Title: "Get managementCondition"
-description: "Read properties and relationships of the managementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get managementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [managementCondition](../resources/intune-fencing-managementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions/{managementConditionId}
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [managementCondition](../resources/intune-fencing-managementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 468
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.managementCondition",
- "id": "5cb49381-9381-5cb4-8193-b45c8193b45c",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
-}
-```
v1.0 Intune Fencing Managementcondition Getmanagementconditionsforplatform https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementcondition-getmanagementconditionsforplatform.md
- Title: "getManagementConditionsForPlatform function"
-description: "Not yet documented"
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# getManagementConditionsForPlatform function
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Not yet documented
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions/getManagementConditionsForPlatform
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/getManagementConditionsForPlatform
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request URL, provide the following query parameters with values.
-The following table shows the parameters that can be used with this function.
-
-|Property|Type|Description|
-|:|:|:|
-|platform|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md)|Not yet documented|
---
-## Response
-If successful, this function returns a `200 OK` response code and a [managementCondition](../resources/intune-fencing-managementcondition.md) collection in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions/getManagementConditionsForPlatform(platform='parameterValue')
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 504
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.managementCondition",
- "id": "5cb49381-9381-5cb4-8193-b45c8193b45c",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
- ]
-}
-```
v1.0 Intune Fencing Managementcondition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementcondition-list.md
- Title: "List managementConditions"
-description: "List properties and relationships of the managementCondition objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List managementConditions
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [managementCondition](../resources/intune-fencing-managementcondition.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [managementCondition](../resources/intune-fencing-managementcondition.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 504
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.managementCondition",
- "id": "5cb49381-9381-5cb4-8193-b45c8193b45c",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
- ]
-}
-```
v1.0 Intune Fencing Managementconditionstatement Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementconditionstatement-create.md
- Title: "Create managementConditionStatement"
-description: "Create a new managementConditionStatement object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Create managementConditionStatement
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Create a new [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/managementConditionStatements
-POST /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the managementConditionStatement object.
-
-The following table shows the properties that are required when you create the managementConditionStatement.
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition statement. System generated value assigned when created.|
-|displayName|String|The admin defined name of the management condition statement.|
-|description|String|The admin defined description of the management condition statement.|
-|createdDateTime|DateTimeOffset|The time the management condition statement was created. Generated service side.|
-|modifiedDateTime|DateTimeOffset|The time the management condition statement was last modified. Updated service side.|
-|expression|[managementConditionExpression](../resources/intune-fencing-managementconditionexpression.md)|The management condition statement expression used to evaluate if a management condition statement was activated/deactivated.|
-|eTag|String|ETag of the management condition statement. Updated service side.|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition statement.
-This is calculated from looking the management conditions associated to the management condition statement and finding the intersection of applicable platforms. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
---
-## Response
-If successful, this method returns a `201 Created` response code and a [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/managementConditionStatements
-Content-type: application/json
-Content-length: 358
-
-{
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "displayName": "Display Name value",
- "description": "Description value",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- },
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 526
-
-{
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "id": "bedb0c00-0c00-bedb-000c-dbbe000cdbbe",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- },
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
-}
-```
v1.0 Intune Fencing Managementconditionstatement Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementconditionstatement-delete.md
- Title: "Delete managementConditionStatement"
-description: "Deletes a managementConditionStatement."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Delete managementConditionStatement
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Deletes a [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /deviceManagement/managementConditionStatements/{managementConditionStatementId}
-DELETE /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/deviceManagement/managementConditionStatements/{managementConditionStatementId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Fencing Managementconditionstatement Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementconditionstatement-get.md
- Title: "Get managementConditionStatement"
-description: "Read properties and relationships of the managementConditionStatement object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get managementConditionStatement
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditionStatements/{managementConditionStatementId}
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditionStatements/{managementConditionStatementId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 573
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "id": "bedb0c00-0c00-bedb-000c-dbbe000cdbbe",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- },
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
-}
-```
v1.0 Intune Fencing Managementconditionstatement Getmanagementconditionstatementexpressionstring https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementconditionstatement-getmanagementconditionstatementexpressionstring.md
- Title: "getManagementConditionStatementExpressionString function"
-description: "Not yet documented"
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# getManagementConditionStatementExpressionString function
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Not yet documented
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditionStatements/{managementConditionStatementId}/getManagementConditionStatementExpressionString
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/getManagementConditionStatementExpressionString
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this function returns a `200 OK` response code and a [managementConditionExpressionString](../resources/intune-fencing-managementconditionexpressionstring.md) in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditionStatements/{managementConditionStatementId}/getManagementConditionStatementExpressionString
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 126
-
-{
- "value": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- }
-}
-```
v1.0 Intune Fencing Managementconditionstatement Getmanagementconditionstatementsforplatform https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementconditionstatement-getmanagementconditionstatementsforplatform.md
- Title: "getManagementConditionStatementsForPlatform function"
-description: "Not yet documented"
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# getManagementConditionStatementsForPlatform function
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Not yet documented
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditionStatements/getManagementConditionStatementsForPlatform
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/getManagementConditionStatementsForPlatform
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request URL, provide the following query parameters with values.
-The following table shows the parameters that can be used with this function.
-
-|Property|Type|Description|
-|:|:|:|
-|platform|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md)|Not yet documented|
---
-## Response
-If successful, this function returns a `200 OK` response code and a [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditionStatements/getManagementConditionStatementsForPlatform(platform='parameterValue')
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 615
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "id": "bedb0c00-0c00-bedb-000c-dbbe000cdbbe",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- },
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
- ]
-}
-```
v1.0 Intune Fencing Managementconditionstatement List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementconditionstatement-list.md
- Title: "List managementConditionStatements"
-description: "List properties and relationships of the managementConditionStatement objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List managementConditionStatements
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditionStatements
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditionStatements
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 615
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "id": "bedb0c00-0c00-bedb-000c-dbbe000cdbbe",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- },
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
- ]
-}
-```
v1.0 Intune Fencing Managementconditionstatement Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-managementconditionstatement-update.md
- Title: "Update managementConditionStatement"
-description: "Update the properties of a managementConditionStatement object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update managementConditionStatement
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /deviceManagement/managementConditionStatements/{managementConditionStatementId}
-PATCH /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object.
-
-The following table shows the properties that are required when you create the [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition statement. System generated value assigned when created.|
-|displayName|String|The admin defined name of the management condition statement.|
-|description|String|The admin defined description of the management condition statement.|
-|createdDateTime|DateTimeOffset|The time the management condition statement was created. Generated service side.|
-|modifiedDateTime|DateTimeOffset|The time the management condition statement was last modified. Updated service side.|
-|expression|[managementConditionExpression](../resources/intune-fencing-managementconditionexpression.md)|The management condition statement expression used to evaluate if a management condition statement was activated/deactivated.|
-|eTag|String|ETag of the management condition statement. Updated service side.|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition statement.
-This is calculated from looking the management conditions associated to the management condition statement and finding the intersection of applicable platforms. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/deviceManagement/managementConditionStatements/{managementConditionStatementId}
-Content-type: application/json
-Content-length: 358
-
-{
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "displayName": "Display Name value",
- "description": "Description value",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- },
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 526
-
-{
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "id": "bedb0c00-0c00-bedb-000c-dbbe000cdbbe",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "Value value"
- },
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
-}
-```
v1.0 Intune Fencing Networkipv4configurationmanagementcondition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv4configurationmanagementcondition-create.md
- Title: "Create networkIPv4ConfigurationManagementCondition"
-description: "Create a new networkIPv4ConfigurationManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Create networkIPv4ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Create a new [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/managementConditions
-POST /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the networkIPv4ConfigurationManagementCondition object.
-
-The following table shows the properties that are required when you create the networkIPv4ConfigurationManagementCondition.
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
-|ipV4Prefix|String|The IPv4 subnet to be connected to. e.g. 10.0.0.0/8|
-|ipV4Gateway|String|The IPv4 gateway address. e.g. 10.0.0.0|
-|ipV4DHCPServer|String|The IPv4 address of the DHCP server for the adapter.|
-|ipV4DNSServerList|String collection|The IPv4 DNS servers configured for the adapter.|
-|dnsSuffixList|String collection|Valid DNS suffixes for the current network. e.g. seattle.contoso.com|
---
-## Response
-If successful, this method returns a `201 Created` response code and a [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/managementConditions
-Content-type: application/json
-Content-length: 529
-
-{
- "@odata.type": "#microsoft.graph.networkIPv4ConfigurationManagementCondition",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV4Prefix": "Ip V4Prefix value",
- "ipV4Gateway": "Ip V4Gateway value",
- "ipV4DHCPServer": "Ip V4DHCPServer value",
- "ipV4DNSServerList": [
- "Ip V4DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 697
-
-{
- "@odata.type": "#microsoft.graph.networkIPv4ConfigurationManagementCondition",
- "id": "5e4a8284-8284-5e4a-8482-4a5e84824a5e",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV4Prefix": "Ip V4Prefix value",
- "ipV4Gateway": "Ip V4Gateway value",
- "ipV4DHCPServer": "Ip V4DHCPServer value",
- "ipV4DNSServerList": [
- "Ip V4DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
v1.0 Intune Fencing Networkipv4configurationmanagementcondition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv4configurationmanagementcondition-delete.md
- Title: "Delete networkIPv4ConfigurationManagementCondition"
-description: "Deletes a networkIPv4ConfigurationManagementCondition."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Delete networkIPv4ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Deletes a [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /deviceManagement/managementConditions/{managementConditionId}
-DELETE /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Fencing Networkipv4configurationmanagementcondition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv4configurationmanagementcondition-get.md
- Title: "Get networkIPv4ConfigurationManagementCondition"
-description: "Read properties and relationships of the networkIPv4ConfigurationManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get networkIPv4ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions/{managementConditionId}
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 756
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.networkIPv4ConfigurationManagementCondition",
- "id": "5e4a8284-8284-5e4a-8482-4a5e84824a5e",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV4Prefix": "Ip V4Prefix value",
- "ipV4Gateway": "Ip V4Gateway value",
- "ipV4DHCPServer": "Ip V4DHCPServer value",
- "ipV4DNSServerList": [
- "Ip V4DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
- }
-}
-```
v1.0 Intune Fencing Networkipv4configurationmanagementcondition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv4configurationmanagementcondition-list.md
- Title: "List networkIPv4ConfigurationManagementConditions"
-description: "List properties and relationships of the networkIPv4ConfigurationManagementCondition objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List networkIPv4ConfigurationManagementConditions
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 810
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.networkIPv4ConfigurationManagementCondition",
- "id": "5e4a8284-8284-5e4a-8482-4a5e84824a5e",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV4Prefix": "Ip V4Prefix value",
- "ipV4Gateway": "Ip V4Gateway value",
- "ipV4DHCPServer": "Ip V4DHCPServer value",
- "ipV4DNSServerList": [
- "Ip V4DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
- }
- ]
-}
-```
v1.0 Intune Fencing Networkipv4configurationmanagementcondition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv4configurationmanagementcondition-update.md
- Title: "Update networkIPv4ConfigurationManagementCondition"
-description: "Update the properties of a networkIPv4ConfigurationManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update networkIPv4ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /deviceManagement/managementConditions/{managementConditionId}
-PATCH /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object.
-
-The following table shows the properties that are required when you create the [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
-|ipV4Prefix|String|The IPv4 subnet to be connected to. e.g. 10.0.0.0/8|
-|ipV4Gateway|String|The IPv4 gateway address. e.g. 10.0.0.0|
-|ipV4DHCPServer|String|The IPv4 address of the DHCP server for the adapter.|
-|ipV4DNSServerList|String collection|The IPv4 DNS servers configured for the adapter.|
-|dnsSuffixList|String collection|Valid DNS suffixes for the current network. e.g. seattle.contoso.com|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-Content-type: application/json
-Content-length: 529
-
-{
- "@odata.type": "#microsoft.graph.networkIPv4ConfigurationManagementCondition",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV4Prefix": "Ip V4Prefix value",
- "ipV4Gateway": "Ip V4Gateway value",
- "ipV4DHCPServer": "Ip V4DHCPServer value",
- "ipV4DNSServerList": [
- "Ip V4DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 697
-
-{
- "@odata.type": "#microsoft.graph.networkIPv4ConfigurationManagementCondition",
- "id": "5e4a8284-8284-5e4a-8482-4a5e84824a5e",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV4Prefix": "Ip V4Prefix value",
- "ipV4Gateway": "Ip V4Gateway value",
- "ipV4DHCPServer": "Ip V4DHCPServer value",
- "ipV4DNSServerList": [
- "Ip V4DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
v1.0 Intune Fencing Networkipv6configurationmanagementcondition Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv6configurationmanagementcondition-create.md
- Title: "Create networkIPv6ConfigurationManagementCondition"
-description: "Create a new networkIPv6ConfigurationManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Create networkIPv6ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Create a new [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /deviceManagement/managementConditions
-POST /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the networkIPv6ConfigurationManagementCondition object.
-
-The following table shows the properties that are required when you create the networkIPv6ConfigurationManagementCondition.
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
-|ipV6Prefix|String|The IPv6 subnet to be connected to. e.g. 2001:db8::/32|
-|ipV6Gateway|String|The IPv6 gateway address to. e.g 2001:db8::1|
-|ipV6DNSServerList|String collection|An IPv6 DNS servers configured for the adapter.|
-|dnsSuffixList|String collection|Valid DNS suffixes for the current network. e.g. seattle.contoso.com|
---
-## Response
-If successful, this method returns a `201 Created` response code and a [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-POST https://graph.microsoft.com/beta/deviceManagement/managementConditions
-Content-type: application/json
-Content-length: 483
-
-{
- "@odata.type": "#microsoft.graph.networkIPv6ConfigurationManagementCondition",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV6Prefix": "Ip V6Prefix value",
- "ipV6Gateway": "Ip V6Gateway value",
- "ipV6DNSServerList": [
- "Ip V6DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 201 Created
-Content-Type: application/json
-Content-Length: 651
-
-{
- "@odata.type": "#microsoft.graph.networkIPv6ConfigurationManagementCondition",
- "id": "25811206-1206-2581-0612-812506128125",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV6Prefix": "Ip V6Prefix value",
- "ipV6Gateway": "Ip V6Gateway value",
- "ipV6DNSServerList": [
- "Ip V6DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
v1.0 Intune Fencing Networkipv6configurationmanagementcondition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv6configurationmanagementcondition-delete.md
- Title: "Delete networkIPv6ConfigurationManagementCondition"
-description: "Deletes a networkIPv6ConfigurationManagementCondition."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Delete networkIPv6ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Deletes a [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-DELETE /deviceManagement/managementConditions/{managementConditionId}
-DELETE /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `204 No Content` response code.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-DELETE https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Intune Fencing Networkipv6configurationmanagementcondition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv6configurationmanagementcondition-get.md
- Title: "Get networkIPv6ConfigurationManagementCondition"
-description: "Read properties and relationships of the networkIPv6ConfigurationManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get networkIPv6ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions/{managementConditionId}
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 708
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.networkIPv6ConfigurationManagementCondition",
- "id": "25811206-1206-2581-0612-812506128125",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV6Prefix": "Ip V6Prefix value",
- "ipV6Gateway": "Ip V6Gateway value",
- "ipV6DNSServerList": [
- "Ip V6DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
- }
-}
-```
v1.0 Intune Fencing Networkipv6configurationmanagementcondition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv6configurationmanagementcondition-list.md
- Title: "List networkIPv6ConfigurationManagementConditions"
-description: "List properties and relationships of the networkIPv6ConfigurationManagementCondition objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List networkIPv6ConfigurationManagementConditions
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 760
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.networkIPv6ConfigurationManagementCondition",
- "id": "25811206-1206-2581-0612-812506128125",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV6Prefix": "Ip V6Prefix value",
- "ipV6Gateway": "Ip V6Gateway value",
- "ipV6DNSServerList": [
- "Ip V6DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
- }
- ]
-}
-```
v1.0 Intune Fencing Networkipv6configurationmanagementcondition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkipv6configurationmanagementcondition-update.md
- Title: "Update networkIPv6ConfigurationManagementCondition"
-description: "Update the properties of a networkIPv6ConfigurationManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update networkIPv6ConfigurationManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Update the properties of a [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /deviceManagement/managementConditions/{managementConditionId}
-PATCH /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-In the request body, supply a JSON representation for the [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object.
-
-The following table shows the properties that are required when you create the [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`.|
-|ipV6Prefix|String|The IPv6 subnet to be connected to. e.g. 2001:db8::/32|
-|ipV6Gateway|String|The IPv6 gateway address to. e.g 2001:db8::1|
-|ipV6DNSServerList|String collection|An IPv6 DNS servers configured for the adapter.|
-|dnsSuffixList|String collection|Valid DNS suffixes for the current network. e.g. seattle.contoso.com|
---
-## Response
-If successful, this method returns a `200 OK` response code and an updated [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-PATCH https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-Content-type: application/json
-Content-length: 483
-
-{
- "@odata.type": "#microsoft.graph.networkIPv6ConfigurationManagementCondition",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV6Prefix": "Ip V6Prefix value",
- "ipV6Gateway": "Ip V6Gateway value",
- "ipV6DNSServerList": [
- "Ip V6DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 651
-
-{
- "@odata.type": "#microsoft.graph.networkIPv6ConfigurationManagementCondition",
- "id": "25811206-1206-2581-0612-812506128125",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ],
- "ipV6Prefix": "Ip V6Prefix value",
- "ipV6Gateway": "Ip V6Gateway value",
- "ipV6DNSServerList": [
- "Ip V6DNSServer List value"
- ],
- "dnsSuffixList": [
- "Dns Suffix List value"
- ]
-}
-```
v1.0 Intune Fencing Networkmanagementcondition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkmanagementcondition-get.md
- Title: "Get networkManagementCondition"
-description: "Read properties and relationships of the networkManagementCondition object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Get networkManagementCondition
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Read properties and relationships of the [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions/{managementConditionId}
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions/{managementConditionId}
-```
-
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md) object in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions/{managementConditionId}
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 475
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.networkManagementCondition",
- "id": "c2919b8f-9b8f-c291-8f9b-91c28f9b91c2",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
-}
-```
v1.0 Intune Fencing Networkmanagementcondition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-fencing-networkmanagementcondition-list.md
- Title: "List networkManagementConditions"
-description: "List properties and relationships of the networkManagementCondition objects."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# List networkManagementConditions
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-List properties and relationships of the [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md) objects.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
-
-## HTTP Request
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /deviceManagement/managementConditions
-GET /deviceManagement/managementConditions/{managementConditionId}/managementConditionStatements/{managementConditionStatementId}/managementConditions
-```
-
-## Request headers
-|Header|Value|
-|:|:|
-|Authorization|Bearer &lt;token&gt; Required.|
-|Accept|application/json|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-``` http
-GET https://graph.microsoft.com/beta/deviceManagement/managementConditions
-```
-
-### Response
-Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 511
-
-{
- "value": [
- {
- "@odata.type": "#microsoft.graph.networkManagementCondition",
- "id": "c2919b8f-9b8f-c291-8f9b-91c28f9b91c2",
- "uniqueName": "Unique Name value",
- "displayName": "Display Name value",
- "description": "Description value",
- "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
- "modifiedDateTime": "2017-01-01T00:00:22.8983556-08:00",
- "eTag": "ETag value",
- "applicablePlatforms": [
- "androidForWork"
- ]
- }
- ]
-}
-```
v1.0 Intune Grouppolicy Grouppolicypresentationvaluelist Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-grouppolicy-grouppolicypresentationvaluelist-create.md
The following table shows the properties that are required when you create the g
|lastModifiedDateTime|DateTimeOffset|The date and time the object was last modified. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |createdDateTime|DateTimeOffset|The date and time the object was created. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |id|String|Key of the entity. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)|
-|values|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
+|values|[keyValuePair](../resources/intune-grouppolicy-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
v1.0 Intune Grouppolicy Grouppolicypresentationvaluelist Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-grouppolicy-grouppolicypresentationvaluelist-update.md
The following table shows the properties that are required when you create the [
|lastModifiedDateTime|DateTimeOffset|The date and time the object was last modified. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |createdDateTime|DateTimeOffset|The date and time the object was created. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |id|String|Key of the entity. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)|
-|values|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
+|values|[keyValuePair](../resources/intune-grouppolicy-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
v1.0 Intune Mam Defaultmanagedappprotection Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mam-defaultmanagedappprotection-create.md
The following table shows the properties that are required when you create the d
|encryptAppData|Boolean|Indicates whether managed-app data should be encrypted. (Android only)| |disableAppEncryptionIfDeviceEncryptionIsEnabled|Boolean|When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android only)| |minimumRequiredSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data. (iOS Only)|
-|customSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
+|customSettings|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
|deployedAppCount|Int32|Count of apps to which the current policy is deployed.| |minimumRequiredPatchVersion|String|Define the oldest required Android security patch level a user can have to gain secure access to the app. (Android only)| |minimumWarningPatchVersion|String|Define the oldest recommended Android security patch level a user can have for secure access to the app. (Android only)|
-|exemptedAppProtocols|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
-|exemptedAppPackages|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
+|exemptedAppProtocols|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
+|exemptedAppPackages|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
|faceIdBlocked|Boolean|Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only)| |minimumWipeSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data.| |minimumWipePatchVersion|String|Android security patch level less than or equal to the specified value will wipe the managed app and the associated company data. (Android only)|
v1.0 Intune Mam Defaultmanagedappprotection Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mam-defaultmanagedappprotection-update.md
The following table shows the properties that are required when you create the [
|encryptAppData|Boolean|Indicates whether managed-app data should be encrypted. (Android only)| |disableAppEncryptionIfDeviceEncryptionIsEnabled|Boolean|When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android only)| |minimumRequiredSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data. (iOS Only)|
-|customSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
+|customSettings|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
|deployedAppCount|Int32|Count of apps to which the current policy is deployed.| |minimumRequiredPatchVersion|String|Define the oldest required Android security patch level a user can have to gain secure access to the app. (Android only)| |minimumWarningPatchVersion|String|Define the oldest recommended Android security patch level a user can have for secure access to the app. (Android only)|
-|exemptedAppProtocols|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
-|exemptedAppPackages|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
+|exemptedAppProtocols|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
+|exemptedAppPackages|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
|faceIdBlocked|Boolean|Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only)| |minimumWipeSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data.| |minimumWipePatchVersion|String|Android security patch level less than or equal to the specified value will wipe the managed app and the associated company data. (Android only)|
v1.0 Intune Mstunnel Microsofttunnelconfiguration Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mstunnel-microsofttunnelconfiguration-create.md
The following table shows the properties that are required when you create the m
|routeExcludes|String collection|Subsets of the routes that will not be routed by the server| |splitDNS|String collection|The domains that will be resolved using the provided dns servers| |listenPort|Int32|The port that both TCP and UPD will listen over on the server|
-|advancedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Additional settings that may be applied to the server|
+|advancedSettings|[keyValuePair](../resources/intune-mstunnel-keyvaluepair.md) collection|Additional settings that may be applied to the server|
|lastUpdateDateTime|DateTimeOffset|When the configuration was last updated| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance| |disableUdpConnections|Boolean|When DisableUdpConnections is set, the clients and VPN server will not use DTLS connections to transfer data.|
v1.0 Intune Mstunnel Microsofttunnelconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-mstunnel-microsofttunnelconfiguration-update.md
The following table shows the properties that are required when you create the [
|routeExcludes|String collection|Subsets of the routes that will not be routed by the server| |splitDNS|String collection|The domains that will be resolved using the provided dns servers| |listenPort|Int32|The port that both TCP and UPD will listen over on the server|
-|advancedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Additional settings that may be applied to the server|
+|advancedSettings|[keyValuePair](../resources/intune-mstunnel-keyvaluepair.md) collection|Additional settings that may be applied to the server|
|lastUpdateDateTime|DateTimeOffset|When the configuration was last updated| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance| |disableUdpConnections|Boolean|When DisableUdpConnections is set, the clients and VPN server will not use DTLS connections to transfer data.|
v1.0 Intune Partnerintegration Securityconfigurationtask Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-partnerintegration-securityconfigurationtask-create.md
The following table shows the properties that are required when you create the s
|endpointSecurityPolicyProfile|[endpointSecurityConfigurationProfileType](../resources/intune-partnerintegration-endpointsecurityconfigurationprofiletype.md)|The endpoint security policy profile. Possible values are: `unknown`, `antivirus`, `windowsSecurity`, `bitLocker`, `fileVault`, `firewall`, `firewallRules`, `endpointDetectionAndResponse`, `deviceControl`, `appAndBrowserIsolation`, `exploitProtection`, `webProtection`, `applicationControl`, `attackSurfaceReductionRules`, `accountProtection`.| |insights|String|Information about the mitigation.| |managedDeviceCount|Int32|The number of vulnerable devices. Valid values 0 to 65536|
-|intendedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|The intended settings and their values.|
+|intendedSettings|[keyValuePair](../resources/intune-partnerintegration-keyvaluepair.md) collection|The intended settings and their values.|
v1.0 Intune Partnerintegration Securityconfigurationtask Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-partnerintegration-securityconfigurationtask-update.md
The following table shows the properties that are required when you create the [
|endpointSecurityPolicyProfile|[endpointSecurityConfigurationProfileType](../resources/intune-partnerintegration-endpointsecurityconfigurationprofiletype.md)|The endpoint security policy profile. Possible values are: `unknown`, `antivirus`, `windowsSecurity`, `bitLocker`, `fileVault`, `firewall`, `firewallRules`, `endpointDetectionAndResponse`, `deviceControl`, `appAndBrowserIsolation`, `exploitProtection`, `webProtection`, `applicationControl`, `attackSurfaceReductionRules`, `accountProtection`.| |insights|String|Information about the mitigation.| |managedDeviceCount|Int32|The number of vulnerable devices. Valid values 0 to 65536|
-|intendedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|The intended settings and their values.|
+|intendedSettings|[keyValuePair](../resources/intune-partnerintegration-keyvaluepair.md) collection|The intended settings and their values.|
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-deviceandappmanagementassignmentfilter-create.md
The following table shows the properties that are required when you create the d
|Property|Type|Description| |:|:|:| |id|String|Key of the Assignment Filter.|
-|createdDateTime|DateTimeOffset|Creation time of the Assignment Filter.|
-|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter.|
-|displayName|String|DisplayName of the Assignment Filter.|
-|description|String|Description of the Assignment Filter.|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
-|rule|String|Rule definition of the Assignment Filter.|
-|roleScopeTags|String collection|RoleScopeTags of the Assignment Filter.|
-|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter|
+|createdDateTime|DateTimeOffset|The creation time of the assignment filter. The value cannot be modified and is automatically populated during new assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'.|
+|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'|
+|displayName|String|The name of the Assignment Filter.|
+|description|String|Optional description of the Assignment Filter.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Indicates filter is applied to which flatform. Possible values are android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, androidAOSP,androidMobileApplicationManagement, iOSMobileApplicationManagement. Default filter will be applied to 'unknown'. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
+|rule|String|Rule definition of the assignment filter.|
+|roleScopeTags|String collection|Indicates role scope tags assigned for the assignment filter.|
+|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Indicates associated assignments for a specific filter.|
+|assignmentFilterManagementType|[assignmentFilterManagementType](../resources/intune-policyset-assignmentfiltermanagementtype.md)|Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default filter will be applied to 'devices'. Possible values are: `devices`, `apps`, `unknownFutureValue`.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/assignmentFilters Content-type: application/json
-Content-length: 543
+Content-length: 588
{ "@odata.type": "#microsoft.graph.deviceAndAppManagementAssignmentFilter",
Content-length: 543
"groupId": "Group Id value", "assignmentFilterType": "include" }
- ]
+ ],
+ "assignmentFilterManagementType": "apps"
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 715
+Content-Length: 760
{ "@odata.type": "#microsoft.graph.deviceAndAppManagementAssignmentFilter",
Content-Length: 715
"groupId": "Group Id value", "assignmentFilterType": "include" }
- ]
+ ],
+ "assignmentFilterManagementType": "apps"
} ```
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-deviceandappmanagementassignmentfilter-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 774
+Content-Length: 821
{ "value": {
Content-Length: 774
"groupId": "Group Id value", "assignmentFilterType": "include" }
- ]
+ ],
+ "assignmentFilterManagementType": "apps"
} } ```
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-deviceandappmanagementassignmentfilter-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 828
+Content-Length: 877
{ "value": [
Content-Length: 828
"groupId": "Group Id value", "assignmentFilterType": "include" }
- ]
+ ],
+ "assignmentFilterManagementType": "apps"
} ] }
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-deviceandappmanagementassignmentfilter-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the Assignment Filter.|
-|createdDateTime|DateTimeOffset|Creation time of the Assignment Filter.|
-|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter.|
-|displayName|String|DisplayName of the Assignment Filter.|
-|description|String|Description of the Assignment Filter.|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
-|rule|String|Rule definition of the Assignment Filter.|
-|roleScopeTags|String collection|RoleScopeTags of the Assignment Filter.|
-|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter|
+|createdDateTime|DateTimeOffset|The creation time of the assignment filter. The value cannot be modified and is automatically populated during new assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'.|
+|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'|
+|displayName|String|The name of the Assignment Filter.|
+|description|String|Optional description of the Assignment Filter.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Indicates filter is applied to which flatform. Possible values are android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, androidAOSP,androidMobileApplicationManagement, iOSMobileApplicationManagement. Default filter will be applied to 'unknown'. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
+|rule|String|Rule definition of the assignment filter.|
+|roleScopeTags|String collection|Indicates role scope tags assigned for the assignment filter.|
+|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Indicates associated assignments for a specific filter.|
+|assignmentFilterManagementType|[assignmentFilterManagementType](../resources/intune-policyset-assignmentfiltermanagementtype.md)|Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default filter will be applied to 'devices'. Possible values are: `devices`, `apps`, `unknownFutureValue`.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/assignmentFilters/{deviceAndAppManagementAssignmentFilterId} Content-type: application/json
-Content-length: 543
+Content-length: 588
{ "@odata.type": "#microsoft.graph.deviceAndAppManagementAssignmentFilter",
Content-length: 543
"groupId": "Group Id value", "assignmentFilterType": "include" }
- ]
+ ],
+ "assignmentFilterManagementType": "apps"
} ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 715
+Content-Length: 760
{ "@odata.type": "#microsoft.graph.deviceAndAppManagementAssignmentFilter",
Content-Length: 715
"groupId": "Group Id value", "assignmentFilterType": "include" }
- ]
+ ],
+ "assignmentFilterManagementType": "apps"
} ```
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter Validatefilter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-deviceandappmanagementassignmentfilter-validatefilter.md
Here is an example of the request.
POST https://graph.microsoft.com/beta/deviceManagement/assignmentFilters/validateFilter Content-type: application/json
-Content-length: 807
+Content-length: 854
{ "deviceAndAppManagementAssignmentFilter": {
Content-length: 807
"groupId": "Group Id value", "assignmentFilterType": "include" }
- ]
+ ],
+ "assignmentFilterManagementType": "apps"
} } ```
v1.0 Intune Policyset Payloadcompatibleassignmentfilter Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-payloadcompatibleassignmentfilter-create.md
The following table shows the properties that are required when you create the p
|Property|Type|Description| |:|:|:| |id|String|Key of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|createdDateTime|DateTimeOffset|Creation time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|displayName|String|DisplayName of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|description|String|Description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
-|rule|String|Rule definition of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|roleScopeTags|String collection|RoleScopeTags of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|createdDateTime|DateTimeOffset|The creation time of the assignment filter. The value cannot be modified and is automatically populated during new assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|displayName|String|The name of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|description|String|Optional description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Indicates filter is applied to which flatform. Possible values are android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, androidAOSP,androidMobileApplicationManagement, iOSMobileApplicationManagement. Default filter will be applied to 'unknown'. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
+|rule|String|Rule definition of the assignment filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|roleScopeTags|String collection|Indicates role scope tags assigned for the assignment filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Indicates associated assignments for a specific filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|assignmentFilterManagementType|[assignmentFilterManagementType](../resources/intune-policyset-assignmentfiltermanagementtype.md)|Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default filter will be applied to 'devices' Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `devices`, `apps`, `unknownFutureValue`.|
|payloadType|[assignmentFilterPayloadType](../resources/intune-policyset-assignmentfilterpayloadtype.md)|PayloadType of the Assignment Filter. Possible values are: `notSet`, `enrollmentRestrictions`.|
Here is an example of the request.
``` http POST https://graph.microsoft.com/beta/deviceManagement/assignmentFilters Content-type: application/json
-Content-length: 582
+Content-length: 627
{ "@odata.type": "#microsoft.graph.payloadCompatibleAssignmentFilter",
Content-length: 582
"assignmentFilterType": "include" } ],
+ "assignmentFilterManagementType": "apps",
"payloadType": "enrollmentRestrictions" } ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 201 Created Content-Type: application/json
-Content-Length: 754
+Content-Length: 799
{ "@odata.type": "#microsoft.graph.payloadCompatibleAssignmentFilter",
Content-Length: 754
"assignmentFilterType": "include" } ],
+ "assignmentFilterManagementType": "apps",
"payloadType": "enrollmentRestrictions" } ```
v1.0 Intune Policyset Payloadcompatibleassignmentfilter Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-payloadcompatibleassignmentfilter-get.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 815
+Content-Length: 862
{ "value": {
Content-Length: 815
"assignmentFilterType": "include" } ],
+ "assignmentFilterManagementType": "apps",
"payloadType": "enrollmentRestrictions" } }
v1.0 Intune Policyset Payloadcompatibleassignmentfilter List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-payloadcompatibleassignmentfilter-list.md
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 871
+Content-Length: 920
{ "value": [
Content-Length: 871
"assignmentFilterType": "include" } ],
+ "assignmentFilterManagementType": "apps",
"payloadType": "enrollmentRestrictions" } ]
v1.0 Intune Policyset Payloadcompatibleassignmentfilter Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-policyset-payloadcompatibleassignmentfilter-update.md
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:| |id|String|Key of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|createdDateTime|DateTimeOffset|Creation time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|displayName|String|DisplayName of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|description|String|Description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
-|rule|String|Rule definition of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|roleScopeTags|String collection|RoleScopeTags of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|createdDateTime|DateTimeOffset|The creation time of the assignment filter. The value cannot be modified and is automatically populated during new assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|displayName|String|The name of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|description|String|Optional description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Indicates filter is applied to which flatform. Possible values are android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, androidAOSP,androidMobileApplicationManagement, iOSMobileApplicationManagement. Default filter will be applied to 'unknown'. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
+|rule|String|Rule definition of the assignment filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|roleScopeTags|String collection|Indicates role scope tags assigned for the assignment filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Indicates associated assignments for a specific filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|assignmentFilterManagementType|[assignmentFilterManagementType](../resources/intune-policyset-assignmentfiltermanagementtype.md)|Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default filter will be applied to 'devices' Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `devices`, `apps`, `unknownFutureValue`.|
|payloadType|[assignmentFilterPayloadType](../resources/intune-policyset-assignmentfilterpayloadtype.md)|PayloadType of the Assignment Filter. Possible values are: `notSet`, `enrollmentRestrictions`.|
Here is an example of the request.
``` http PATCH https://graph.microsoft.com/beta/deviceManagement/assignmentFilters/{deviceAndAppManagementAssignmentFilterId} Content-type: application/json
-Content-length: 582
+Content-length: 627
{ "@odata.type": "#microsoft.graph.payloadCompatibleAssignmentFilter",
Content-length: 582
"assignmentFilterType": "include" } ],
+ "assignmentFilterManagementType": "apps",
"payloadType": "enrollmentRestrictions" } ```
Here is an example of the response. Note: The response object shown here may be
``` http HTTP/1.1 200 OK Content-Type: application/json
-Content-Length: 754
+Content-Length: 799
{ "@odata.type": "#microsoft.graph.payloadCompatibleAssignmentFilter",
Content-Length: 754
"assignmentFilterType": "include" } ],
+ "assignmentFilterManagementType": "apps",
"payloadType": "enrollmentRestrictions" } ```
v1.0 Intune Shared Devicemanagement Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicemanagement-get.md
One of the following permissions is required to call this API. To learn more, in
| &nbsp; &nbsp; **Device management** | DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementManagedDevices.Read.All | | &nbsp; &nbsp; **Electronic SIM** | DeviceManagementConfiguration.ReadWrite.All, DeviceManagementConfiguration.Read.All | | &nbsp; &nbsp; **Enrollment** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All |
-| &nbsp; &nbsp; **Fencing** | DeviceManagementConfiguration.ReadWrite.All, DeviceManagementConfiguration.Read.All |
| &nbsp; &nbsp; **Notification** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All | | &nbsp; &nbsp; **Odj** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All | | &nbsp; &nbsp; **Onboarding** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All |
One of the following permissions is required to call this API. To learn more, in
| &nbsp; &nbsp; **Device management** | DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementManagedDevices.Read.All | | &nbsp; &nbsp; **Electronic SIM** | DeviceManagementConfiguration.ReadWrite.All, DeviceManagementConfiguration.Read.All | | &nbsp; &nbsp; **Enrollment** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All |
-| &nbsp; &nbsp; **Fencing** | DeviceManagementConfiguration.ReadWrite.All, DeviceManagementConfiguration.Read.All |
| &nbsp; &nbsp; **Notification** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All | | &nbsp; &nbsp; **Odj** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All | | &nbsp; &nbsp; **Onboarding** | DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementServiceConfig.Read.All |
v1.0 Intune Shared Devicemanagement Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicemanagement-update.md
Note that the permission vary according to workflow.
| &nbsp; &nbsp; **Device management** | DeviceManagementManagedDevices.ReadWrite.All | | &nbsp; &nbsp; **Electronic SIM** | DeviceManagementConfiguration.ReadWrite.All | | &nbsp; &nbsp; **Enrollment** | DeviceManagementServiceConfig.ReadWrite.All |
-| &nbsp; &nbsp; **Fencing** | DeviceManagementConfiguration.ReadWrite.All |
| &nbsp; &nbsp; **Notification** | DeviceManagementServiceConfig.ReadWrite.All | | &nbsp; &nbsp; **Odj** | DeviceManagementServiceConfig.ReadWrite.All | | &nbsp; &nbsp; **Onboarding** | DeviceManagementServiceConfig.ReadWrite.All |
Note that the permission vary according to workflow.
| &nbsp; &nbsp; **Device management** | DeviceManagementManagedDevices.ReadWrite.All | | &nbsp; &nbsp; **Electronic SIM** | DeviceManagementConfiguration.ReadWrite.All | | &nbsp; &nbsp; **Enrollment** | DeviceManagementServiceConfig.ReadWrite.All |
-| &nbsp; &nbsp; **Fencing** | DeviceManagementConfiguration.ReadWrite.All |
| &nbsp; &nbsp; **Notification** | DeviceManagementServiceConfig.ReadWrite.All | | &nbsp; &nbsp; **Odj** | DeviceManagementServiceConfig.ReadWrite.All | | &nbsp; &nbsp; **Onboarding** | DeviceManagementServiceConfig.ReadWrite.All |
v1.0 Intune Shared Devicemanagementscript List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicemanagementscript-list.md
Content-Length: 716
"@odata.type": "#microsoft.graph.deviceManagementScript", "id": "59ea4525-4525-59ea-2545-ea592545ea59", "displayName": "Display Name value",
- "description": "Description value",
+ "description": "Description value",
"scriptContent": "c2NyaXB0Q29udGVudA==", "createdDateTime": "2017-01-01T00:02:43.5775965-08:00", "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
v1.0 Ipnamedlocation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ipnamedlocation-delete.md
Delete an [ipNamedLocation](../resources/ipNamedLocation.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Ipnamedlocation Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/ipnamedlocation-update.md
Update the properties of an [ipNamedLocation](../resources/ipNamedLocation.md) o
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Learningcontent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/learningcontent-get.md
One of the following permissions is required to call this API. To learn more, in
|:|:| |Delegated (work or school account)|Not supported.| |Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningContent.Read.All|
+|Application|LearningContent.Read.All, LearningContent.ReadWrite.All|
## HTTP request
v1.0 Learningcourseactivity Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/learningcourseactivity-delete.md
Title: "Delete learningCourseActivity"
-description: "Delete a learningCourseActivity object."
+description: "Delete a learningCourseActivity object by using the course activity ID of either an assignment or a self-initiated activity."
ms.localizationpriority: medium ms.prod: "employee-learning"
doc_type: apiPageType
# Delete learningCourseActivity+ Namespace: microsoft.graph + Delete a [learningCourseActivity](../resources/learningcourseactivity.md) object by using the course activity ID of either an assignment or a self-initiated activity. ## Permissions+ One of the following permissions is required to call this API based on the type of learning course activity. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|Not supported.|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningAssignedCourse.ReadWrite.All, LearningSelfInitiatedCourse.ReadWrite.All|
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | LearningAssignedCourse.ReadWrite.All, LearningSelfInitiatedCourse.ReadWrite.All |
## HTTP request
DELETE /employeeExperience/learningProviders/{registrationId}/learningCourseActi
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `204 No Content` response code.
## Examples ### Request+ The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_learningCourseActivity",
+ "sampleKeys": ["13727311-e7bb-470d-8b20-6a23d9030d70", "be2f4d76-e020-11ec-9d64-0242ac120002"]
+}
+-->
``` http DELETE https://graph.microsoft.com/beta/employeeExperience/learningProviders/13727311-e7bb-470d-8b20-6a23d9030d70/learningCourseActivities/be2f4d76-e020-11ec-9d64-0242ac120002 ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response+ The following is an example of the response. <!-- {
The following is an example of the response.
--> ``` http
-HTTP/1.1 204 OK
-
-No Content
+HTTP/1.1 204 No Content
```
v1.0 Learningcourseactivity Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/learningcourseactivity-get.md
Title: "Get learningCourseActivity"
-description: "Read the properties and relationships of a learningCourseActivity object."
+description: "Get the specified learningCourseActivity object using either an ID or an externalCourseActivityId of the learning provider, or a courseActivityId of a user."
ms.localizationpriority: medium ms.prod: "employee-learning"
doc_type: apiPageType
# Get learningCourseActivity+ Namespace: microsoft.graph + Get the specified [learningCourseActivity](../resources/learningcourseactivity.md) object using either an ID or an **externalCourseActivityId** of the learning provider, or a **courseActivityId** of a user. ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|LearningAssignedCourse.Read, LearningSelfInitiatedCourse.Read|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningAssignedCourse.Read.All, LearningSelfInitiatedCourse.Read.All|
-
+| Permission type | Permissions (from least to most privileged) |
+|:|:-|
+| Delegated (work or school account) | LearningAssignedCourse.Read, LearningSelfInitiatedCourse.Read |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | LearningAssignedCourse.Read.All, LearningSelfInitiatedCourse.Read.All |
## HTTP request
To get a specific learning course activity based on its **externalCourseActivity
} --> ``` http
-GET /employeeExperience/learningProviders/{registrationId}/learningCourseActivities(extern
-alCourseActivityId={externalCourseActivityId})
+GET /employeeExperience/learningProviders/{registrationId}/learningCourseActivities(externalCourseActivityId={externalCourseActivityId})
```
-To get the learning course activity details for a user:
+To get the details of a learning course activity for a user:
<!-- { "blockType": "ignored" }
To get the learning course activity details for a user:
GET users/{user-id}/employeeExperience/learningCourseActivities/{id} ```
-To get learning course activity details for the signed-in user:
+To get the details of a learning course activity for the signed-in user:
<!-- { "blockType": "ignored" }
GET me/employeeExperience/learningCourseActivities/{id}
``` ## Optional query parameters+ This method supports the `$select` and other OData query parameters to customize the response. For general information, see [OData query parameters](/graph/query-parameters). ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `200 OK` response code and a [learningCours
## Examples
-### Example 1: Get a learning course activity based on its ID.
+### Example 1: Get a learning course activity based on its ID
#### Request+ The following examples shows a request to get an learning course activity using an ID.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_learning_courseactivity_details_id"
The following examples shows a request to get an learning course activity using
GET https://graph.microsoft.com/beta/employeeExperience/learningCourseActivities/8ba2228a-e020-11ec-9d64-0242ac120003 ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ #### Response+ The following example shows the response. <!-- {
Content-Type: application/json
{ "@odata.type": "#microsoft.graph.learningAssignment",
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-
- e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('7ba2228a-e020-11ec-9d64-
- 0242ac120002')$entity",
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('7ba2228a-e020-11ec-9d64-0242ac120002')$entity",
"assignedDateTime": "2021-05-11T22:57:17+00:00", "assignmentType": "required", "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d", "completedDateTime": null,
- "completionPercentage":null,
+ "completionPercentage": null,
"dueDateTime": { "dateTime": "2022-09-22T16:05:00.0000000", "timeZone": "UTC"
- },
+ },
"externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "id": "8ba2228a-e020-11ec-9d64-0242ac120003", "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002", "learningProviderId": "13727311-e7bb-470d-8b20-6a23d9030d70",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
"notes": { "contentType": "text", "content": "required assignment added for user"
Content-Type: application/json
### Example 2: Get a learning course activity based on the externalCourseActivityId of the learning provider #### Request+ The following example shows a request to get the details of a learning course activity using an external course activity ID. <!-- {
GET https://graph.microsoft.com/beta/employeeExperience/learningProviders/01e8f8
``` #### Response+ The following example shows the response. <!-- {
Content-Type: application/json
"assignedDateTime": "2021-05-11T22:57:17+00:00", "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d", "assignmentType": "required",
- "completedDateTime": null,
- "completionPercentage":null,
+ "completedDateTime": null,
+ "completionPercentage": null,
"externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "id": "8ba2228a-e020-11ec-9d64-0242ac120003", "dueDateTime": {
Content-Type: application/json
}, "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002", "learningProviderId": "01e8f81b-3060-4dec-acf0-0389665a0a38",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
- "notes":
- {
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
+ "notes": {
"contentType": "text", "content": "required assignment added for user"
- },
+ },
"status": "notStarted" } ```
-### Example 3: Get a learning course activity details for a user
+### Example 3: Get the details of a learning course activity for a user
#### Request+ The following example shows a request to get the details of a learning course activity for a user.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_learning_courseactivity_details"
The following example shows a request to get the details of a learning course ac
GET https://graph.microsoft.com/beta/users/7ba2228a-e020-11ec-9d64-0242ac120002/employeeExperience/learningCourseActivities/8ba2228a-e020-11ec-9d64-0242ac120003 ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ #### Response+ The following example shows the response. <!-- {
Content-Type: application/json
{ "@odata.type": "#microsoft.graph.learningAssignment",
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-
- e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('8ba2228a-e020-11ec-9d64-0242ac120003')$entity",
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('8ba2228a-e020-11ec-9d64-0242ac120003')$entity",
"assignedDateTime": "2021-05-11T22:57:17+00:00", "assignmentType": "required", "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d", "completedDateTime": null,
- "completionPercentage":20,
+ "completionPercentage": 20,
"externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "id": "8ba2228a-e020-11ec-9d64-0242ac120003", "dueDateTime": {
Content-Type: application/json
}, "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002", "learningProviderId": "13727311-e7bb-470d-8b20-6a23d9030d70",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
"notes": { "contentType": "text", "content": "required assignment added for user" },
- "status": "notStarted"
+ "status": "notStarted"
} ```
v1.0 Learningcourseactivity List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/learningcourseactivity-list.md
Title: "List learningCourseActivities"
-description: "Get a list of the learningCourseActivity courses for a user."
+description: "Get a list of the learningCourseActivity objects (assigned or self-initiated) for a user."
ms.localizationpriority: medium ms.prod: "employee-learning"
doc_type: apiPageType
# List learningCourseActivities+ Namespace: microsoft.graph + Get a list of the [learningCourseActivity](../resources/learningcourseactivity.md) objects (assigned or self-initiated) for a user. ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|LearningAssignedCourse.Read.All, LearningSelfInitiatedCourse.Read.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|Not supported.|
+| Permission type | Permissions (from least to most privileged) |
+|:|:-|
+| Delegated (work or school account) | LearningAssignedCourse.Read.All, LearningSelfInitiatedCourse.Read.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
## HTTP request
To retrieve the course activity list for a signed-in user:
``` http GET me/employeeExperience/learningCourseActivities ```+ To retrieve the course activity list for a user: <!-- {
GET users/{user-id}/employeeExperience/learningCourseActivities
``` ## Optional query parameters+ This method supports the `$skip`, `$top`, `$count`, and `$select` OData query parameters. For general information, see [OData query parameters](/graph/query-parameters). ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `200 OK` response code and a collection of
## Examples ### Request+ The following is an example of a request to retrieve all the course activities for a given user.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_learningcourseactivity"
The following is an example of a request to retrieve all the course activities f
GET https://graph.microsoft.com/beta/users/7ba2228a-e020-11ec-9d64-0242ac120002/employeeExperience/learningCourseActivities ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response+ The following example shows the response. >**Note:** The response object shown here might be shortened for readability.
The following example shows the response.
HTTP/1.1 200 OK Content-Type: application/json
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#me/employeeExperience/learningCourseActivities$entity",
- "@odata.nextLink": "https://graph.microsoft.com/beta/$metadata#me/employeeExperience/learningCourseActivities?$skip=10",
- "value": [
- {
- "@odata.type": "#microsoft.graph.learningAssignment",
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('8ba2228a-e020-11ec-9d64-0242ac120003')$entity",
- "assignedDateTime": "2021-05-11T22:57:17+00:00",
- "assignmentType": "required",
- "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d",
- "completedDateTime": null,
- "completionPercentage":null,
- "externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002",
- "id": "8ba2228a-e020-11ec-9d64-0242ac120003",
- "dueDateTime":{
- "dateTime": "2022-09-22T16:05:00.0000000",
- "timeZone": "UTC"
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#me/employeeExperience/learningCourseActivities$entity",
+ "@odata.nextLink": "https://graph.microsoft.com/beta/$metadata#me/employeeExperience/learningCourseActivities?$skip=10",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.learningAssignment",
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('8ba2228a-e020-11ec-9d64-0242ac120003')$entity",
+ "assignedDateTime": "2021-05-11T22:57:17+00:00",
+ "assignmentType": "required",
+ "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d",
+ "completedDateTime": null,
+ "completionPercentage": null,
+ "externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002",
+ "id": "8ba2228a-e020-11ec-9d64-0242ac120003",
+ "dueDateTime": {
+ "dateTime": "2022-09-22T16:05:00.0000000",
+ "timeZone": "UTC"
+ },
+ "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
+ "learningProviderId": "13727311-e7bb-470d-8b20-6a23d9030d70",
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
+ "notes": {
+ "contentType": "text",
+ "content": "required assignment added for user"
+ },
+ "status": "notStarted"
},
- "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
- "learningProviderId": "13727311-e7bb-470d-8b20-6a23d9030d70",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
- "notes": {
- "contentType": "text",
- "content": "required assignment added for user"
- },
- "status": "notStarted"
- },
- {
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('be2f4d76-e020-11ec-9d64-0242ac120002')$entity",
- "@odata.type": "#microsoft.graph.learningSelfInitiatedCourse",
- "completedDateTime": null,
- "completionPercentage":20,
- "externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002",
- "id": "be2f4d76-e020-11ec-9d64-0242ac120002",
- "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
- "learningProviderId": "13727311-e7bb-470d-8b20-6a23d9030d70",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
- "startedDateTime": "2021-05-21T22:57:17+00:00",
- "status": "inProgress"
- }]
+ {
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#learningProviders('13727311-e7bb-470d-8b20-6a23d9030d70')/learningCourseActivities('be2f4d76-e020-11ec-9d64-0242ac120002')$entity",
+ "@odata.type": "#microsoft.graph.learningSelfInitiatedCourse",
+ "completedDateTime": null,
+ "completionPercentage": 20,
+ "externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002",
+ "id": "be2f4d76-e020-11ec-9d64-0242ac120002",
+ "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
+ "learningProviderId": "13727311-e7bb-470d-8b20-6a23d9030d70",
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
+ "startedDateTime": "2021-05-21T22:57:17+00:00",
+ "status": "inProgress"
+ }
+ ]
}- ```
v1.0 Learningcourseactivity Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/learningcourseactivity-update.md
doc_type: apiPageType
# Update learningCourseActivity+ Namespace: microsoft.graph + Update the properties of a [learningCourseActivity](../resources/learningcourseactivity.md) object. ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|Not supported.|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningAssignedCourse.ReadWrite.All, LearningSelfInitiatedCourse.ReadWrite.All|
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | LearningAssignedCourse.ReadWrite.All, LearningSelfInitiatedCourse.ReadWrite.All |
## HTTP request
PATCH /employeeExperience/learningCourseActivities/{learningCourseActivityId}
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| |Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [learningCourseActivity](../resources/learningcourseactivity.md) object.
+In the request body, use @odata.type to specify the type of [learningCourseActivity](../resources/learningcourseactivity.md) resource ([learningAssignment](../resources/learningassignment.md) or [learningSelfInitiated](../resources/learningselfinitiatedcourse.md)), and include the properties of that type to update.
-The following table lists the properties of a assigned learning course activity that can be updated:
+The following table lists the properties that you can change for an assigned learning course activity (**learningAssignment**).
|Property|Type|Description| |:|:|:|
-|@odata.type|String|Indicates whether this is a [learningAssignment](../resources/learningassignment.md) or [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) course activity. Required.|
|assignedDateTime|DateTimeOffset|Assigned date for the course activity. Optional.|
-|assignmentType|assignmentType|The assignment type for the course activity. Possible values are `required`, `recommended`, `UnknownFutureValue`. Required.|
-|completedDateTime|DateTimeOffset|Date time value when the assignment was completed. Optional.|
-|completionPercentage|Integer|The percentage of the course completed by the user. If the value is provided, the value needs to be in between 0 and 100 (inclusive). Optional.|
+|assignmentType|assignmentType|The assignment type for the course activity. Possible values are: `required`, `recommended`, `unknownFutureValue`. Required.|
+|completedDateTime|DateTimeOffset|Date and time when the assignment was completed. Optional.|
+|completionPercentage|Int32|The percentage of the course completed by the user. If a value is provided, it must be between `0` and `100` (inclusive). Optional.|
|dueDateTime|DateTimeOffset|Due date for the course activity. Optional.| |notes|String|Notes for the course activity. Optional.|
-|status|courseStatus|Represents status of the course activity. Possible values are `notStarted`, `inProgress`, `completed`. Required.|
+|status|courseStatus|The status of the course activity. Possible values are `notStarted`, `inProgress`, `completed`. Required.|
-The following table lists the properties of a self-initiated learning course activity that can be updated:
+The following table lists the properties that you can change for a self-initiated learning course activity (**learningSelfInitiated**).
|Property|Type|Description| |:|:|:|
-|@odata.type|String|Indicates whether this is a [learningAssignment](../resources/learningassignment.md) or [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) course activity. Required.|
-|completedDateTime|DateTimeOffset|Date time value when the assignment was completed. (Optional)|
-|completionPercentage|Integer|The percentage of the course completed by the user. If the value is provided, the value needs to be in between 0 and 100 (inclusive). Optional.|
-|status|courseStatus|Represents status of the course activity. Possible values are `notStarted`, `inProgress`, `completed`. Required.|
-|startedDateTime|DateTimeOffset|The date time value on which the self-initiated course was started by the learner.|
+|completedDateTime|DateTimeOffset|Date and time when the assignment was completed. Optional.|
+|completionPercentage|Int32|The percentage of the course completed by the user. If a value is provided, it must be between `0` and `100` (inclusive). Optional.|
+|status|courseStatus|The status of the course activity. Possible values are: `notStarted`, `inProgress`, `completed`. Required.|
+|startedDateTime|DateTimeOffset|The date and time when the self-initiated course was started by the learner.|
## Response
-If successful, this method returns a `204 OK` response code.
+
+If successful, this method returns a `204 No Content` response code.
## Examples ### Example 1: Update an assigned learning course activity #### Request+ The following example shows the request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_assigned_learning_courseactivity"
Content-Type: application/json
"assignmentType": "required", "assignerUserId": "cea1684d-57dc-438d-a9d1-e666ec1a7f3d", "completedDateTime": null,
- "completionPercentage":20,
+ "completionPercentage": 20,
"learningProviderId": "01e8f81b-3060-4dec-acf0-0389665a0a38", "dueDateTime": {
- "dateTime": "2022-09-22T16:05:00.0000000",
- "timeZone": "UTC"
+ "dateTime": "2022-09-22T16:05:00.0000000",
+ "timeZone": "UTC"
}, "externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
- "learnerUserId":"7ba2228a-e020-11ec-9d64-0242ac120002",
- "notes":
- {
- "contentType": "text",
- "content": "required assignment added for user"
+ "learnerUserId": "7ba2228a-e020-11ec-9d64-0242ac120002",
+ "notes": {
+ "contentType": "text",
+ "content": "required assignment added for user"
}, "status": "inProgress" }- ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ #### Response+ The following example shows the response. <!-- {
The following example shows the response.
HTTP/1.1 204 No Content ```
-### Example 2: Update an self-initiated learning course activity
+### Example 2: Update a self-initiated learning course activity
### Request+ The following example shows the request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_selfinitiated_learning_courseactivity"
Content-Type: application/json
{ "@odata.type": "#microsoft.graph.learningSelfInitiatedCourse", "completedDateTime": null,
- "completionPercentage":30,
+ "completionPercentage": 30,
"externalCourseActivityId": "12a2228a-e020-11ec-9d64-0242ac120002", "learningContentId": "57baf9dc-e020-11ec-9d64-0242ac120002",
- "learningProviderId": "01e8f81b-3060-4dec-acf0-0389665a0a38",
+ "learningProviderId": "01e8f81b-3060-4dec-acf0-0389665a0a38",
"startedDateTime": "2021-05-11T22:57:17+00:00",
- "status": "inProgress"
+ "status": "inProgress"
}- ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response+ The following example shows the response. <!-- {
v1.0 Learningprovider Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/learningprovider-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|LearningProvider.Read|
+|Delegated (work or school account)|LearningProvider.Read, LearningProvider.ReadWrite|
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
v1.0 Learningprovider List Learningcontents https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/learningprovider-list-learningcontents.md
One of the following permissions is required to call this API. To learn more, in
|:|:| |Delegated (work or school account)|Not supported.| |Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningContent.Read.All|
+|Application|LearningContent.Read.All, LearningContent.ReadWrite.All|
## HTTP request
v1.0 List Featurerolloutpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/list-featurerolloutpolicies.md
GET https://graph.microsoft.com/beta/policies/featureRolloutPolicies
[!INCLUDE [sample-code](../includes/snippets/php/get-featurerolloutpolicies-policies-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Listitem Createlink https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/listitem-createlink.md
All existing permissions are removed when sharing for the first time i
#### Request
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "listItem_createlink_for_itemID_in_specific_list" }--> ```http
-POST sites/{siteId}/lists/{listId}/items/{itemId}/createLink
+POST https://graph.microsoft.com/beta/sites/{siteId}/lists/{listId}/items/{itemId}/createLink
Content-Type: application/json {
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++ #### Response >**Note:** The response object shown here might be shortened for readability.
v1.0 Mailfolder Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/mailfolder-delete.md
DELETE https://graph.microsoft.com/betEzM
[!INCLUDE [sample-code](../includes/snippets/php/delete-mailfolder-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Manageddevice Getcloudpcremoteactionresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/manageddevice-getcloudpcremoteactionresults.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|CloudPC.ReadWrite.All|
+|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
|Delegated (personal Microsoft account)|Not supported.|
-|Application|CloudPC.ReadWrite.All|
+|Application|CloudPC.Read.All, CloudPC.ReadWrite.All|
## HTTP request
v1.0 Managedtenants Conditionalaccesspolicycoverage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/managedtenants-conditionalaccesspolicycoverage-get.md
Read the properties and relationships of a [conditionalAccessPolicyCoverage](../
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.ConditionalAccess, and Application.Read.All|
v1.0 Managedtenants Managedtenant List Conditionalaccesspolicycoverages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/managedtenants-managedtenant-list-conditionalaccesspolicycoverages.md
Get a list of the [conditionalAccessPolicyCoverage](../resources/managedtenants-
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.ConditionalAccess, and Application.Read.All|
v1.0 Managedtenants Tenantcustomizedinformation Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/managedtenants-tenantcustomizedinformation-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-tenantcustomizedinformation-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Meetingregistrant Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/meetingregistrant-delete.md
If successful, this method only returns a `204 No Content` response code.
DELETE https://graph.microsoft.com/beta/users/16664f75-11dc-4870-bec6-38c1aaa81431/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZ/registration/registrants/gWWckDBR6UOI8_yzWCzeNw,6pAAiSU1bkGqc8soJZw5Pg,3aMJxgQBxEufdo7_Qube_w,YgKy1Rtx-0SFjRbv-ww1ag,Cuzk8JP_iTTWqCOyVcalVA ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
DELETE https://graph.microsoft.com/beta/users/16664f75-11dc-4870-bec6-38c1aaa814
[!INCLUDE [sample-code](../includes/snippets/javascript/delete-registratrant-user-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Meetingregistration List Registrants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/meetingregistration-list-registrants.md
If successful, this method returns a `200 OK` response code and a collection of
GET https://graph.microsoft.com/beta/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZ/registration/registrants ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZ
[!INCLUDE [sample-code](../includes/snippets/javascript/list-registratrants-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Meetingregistration Post Registrants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/meetingregistration-post-registrants.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/add-registratrant-user-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/add-registratrant-app-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
v1.0 Namedlocation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/namedlocation-delete.md
Delete a [namedLocation](../resources/namedlocation.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Oauth2permissiongrant Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/oauth2permissiongrant-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-oauth2permissiongrant-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Onattributecollectionexternalusersselfservicesignup Delete Attributes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onattributecollectionexternalusersselfservicesignup-delete-attributes.md
+
+ Title: "Remove attribute (from user flow)"
+description: "Remove an attribute from an externalUsersSelfServiceSignupEventsFlow."
+
+ms.localizationpriority: medium
++
+# Remove attribute (from user flow)
+Namespace: microsoft.graph
++
+Remove an attribute from an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object. You can add both custom and built-in attributes to a user flow.
+
+After this step, [PATCH the user flow](../api/authenticationeventsflow-update.md) to remove the attribute from the attribute collection step.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes/$ref
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. If unsuccessful, a `4xx` error will be returned with specific details.
+
+## Examples
+
+#### Request
+The following is an example of a request that removes city as an attribute from the attribute collection step of an external identities self-service sign-up user flow. After executing this step, [update the attributes collected in the userflow](../api/authenticationeventsflow-update.md).
+<!-- {
+ "blockType": "request",
+ "name": "create_onAttributeCollectionExternalUsersSelfServiceSignUp"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/beta/identity/userFlowAttributes/city"
+}
+```
++
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Onattributecollectionexternalusersselfservicesignup List Attributes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onattributecollectionexternalusersselfservicesignup-list-attributes.md
+
+ Title: "List attributes (of a user flow)"
+description: "List attributes for an externalusersselfservicesignupeventsflow."
+
+ms.localizationpriority: medium
++
+# List attributes (of a user flow)
+Namespace: microsoft.graph
++
+Get an [identityUserFlowAttribute](../resources/identityuserflowattribute.md) collection associated with an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object. These are the attributes that are collected from the user during the authentication experience that's defined by the user flow.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes/
+```
+
+## Optional query parameters
+
+This method supports the `$filter`, `$expand`, `$orderby`, and `$top` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+Do not supply a request body for this method.
++
+## Response
+
+If successful, this method returns a `200 OK` response code and a new [identityUserFlowAttribute](../resources/identityuserflowattribute.md) object in the response body.
+
+## Examples
+
+#### Request
+The following is an example of a request to retrieve the attributes associated with a user flow.
+<!-- {
+ "blockType": "request",
+ "name": "get_onAttributeCollectionExternalUsersSelfServiceSignUp"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes/
+```
+
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionPage"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.identityUserFlowAttribute)",
+ "value": [
+ {
+ "id": "email",
+ "displayName": "Email Address",
+ "description": "Email address of the user",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "displayName",
+ "displayName": "Display Name",
+ "description": "Display Name of the User.",
+ "userFlowAttributeType": "builtIn",
+ "dataType": "string"
+ },
+ {
+ "id": "extension_6ea3bc85aec24b1c92ff4a117afb6621_Favoritecolor",
+ "displayName": "Favorite color",
+ "description": "what is your favorite color",
+ "userFlowAttributeType": "custom",
+ "dataType": "string"
+ }
+ ]
+}
+```
v1.0 Onattributecollectionexternalusersselfservicesignup Post Attributes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onattributecollectionexternalusersselfservicesignup-post-attributes.md
+
+ Title: "Add attribute (to user flow)"
+description: "Add attribute to an externalUsersSelfServiceSignupEventsFlow."
+
+ms.localizationpriority: medium
++
+# Add attribute (to user flow)
+Namespace: microsoft.graph
++
+Add an attribute to an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object. You can add both custom and built-in attributes to a user flow.
+
+Prior to this step, [PATCH the user flow](../api/authenticationeventsflow-update.md) to add the attribute to the attribute collection step (to determine how it will be displayed).
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes/$ref
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+In the request body, supply an **odata.id** property with the ID of the [identityUserFlowAttribute](../resources/identityuserflowattribute.md) object to add to the user flow.
+
+## Response
+If successful, this method returns a `204 No Content` response code. If unsuccessful, a `4xx` error will be returned with specific details.
+
+## Examples
+
+#### Request
+
+The following is an example of a request that adds city as an attribute for attribute collection step of an external identities self-service sign-up user flow. Before you can add an attribute to the attribute collection step, you must first [add it among the attributes to be collected in the user flow](../api/authenticationeventsflow-update.md).
+
+<!-- {
+ "blockType": "request",
+ "name": "create_onAttributeCollectionExternalUsersSelfServiceSignUp"
+}
+-->
+
+``` http
+POST https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/beta/identity/userFlowAttributes/city"
+}
+
+```
+
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Onauthenticationmethodloadstartexternalusersselfservicesignup Delete Identityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onauthenticationmethodloadstartexternalusersselfservicesignup-delete-identityproviders.md
+
+ Title: "Remove identityProvider (from a user flow)"
+description: "Remove an identity provider from an externalUsersSelfServiceSignupEventsFlow."
+
+ms.localizationpriority: medium
++
+# Remove identityProvider (from a user flow)
+Namespace: microsoft.graph
++
+Remove an identity provider from an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object type.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAuthenticationMethodLoadStart/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders/$ref
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. If unsuccessful, a `4xx` error will be returned with specific details.
+
+## Examples
+
+#### Request
+The following is an example of a request to remove Facebook as an identity provider option for account creation.
+<!-- {
+ "blockType": "request",
+ "name": "delete_onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp_identityProviders"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAuthenticationMethodLoadStart/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders/Facebook-OAUTH/$ref
+```
++
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Onauthenticationmethodloadstartexternalusersselfservicesignup List Identityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onauthenticationmethodloadstartexternalusersselfservicesignup-list-identityproviders.md
+
+ Title: "List identityProviders (in a user flow)"
+description: "List identity provider for an externalusersselfservicesignupeventsflow."
+
+ms.localizationpriority: medium
++
+# List identityProviders (in a user flow)
+Namespace: microsoft.graph
++
+Get the identity providers that are defined for an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object type.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAuthenticationMethodLoadStart/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders/
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+Do not supply a request body for this method.
++
+## Response
+
+If successful, this method returns a `200 OK` response code and a new [identityProviders](../resources/identityprovider.md) object in the response body.
+
+## Examples
+
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp_identityProviders"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAuthenticationMethodLoadStart/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders/
+```
+
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.identityProviderBase)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.identityProviderBase)",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.builtInIdentityProvider",
+ "id": "EmailPassword-OAUTH",
+ "displayName": "Email with password",
+ "identityProviderType": "EmailPassword",
+ "state": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.socialIdentityProvider",
+ "id": "Google-OAUTH",
+ "displayName": "Google",
+ "identityProviderType": "Google",
+ "clientId": "{googleClientId}",
+ "clientSecret": "******"
+ }
+ ]
+}
+```
v1.0 Onauthenticationmethodloadstartexternalusersselfservicesignup Post Identityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onauthenticationmethodloadstartexternalusersselfservicesignup-post-identityproviders.md
+
+ Title: "Add identityProvider (to a user flow)"
+description: "Add an identity provider to an externalUsersSelfServiceSignupEventsFlow."
+
+ms.localizationpriority: medium
++
+# Add identityProvider (to a user flow)
+Namespace: microsoft.graph
++
+Add an identity provider to an external identities self-service sign up user flow that's represented by an [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object type. The [identity provider must first be configured in the tenant](../api/identitycontainer-list-identityproviders.md).
++
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EventListener.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EventListener.ReadWrite.All|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identity/authenticationEventsFlows/{authenticationEventsFlow-id}/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAuthenticationMethodLoadStart/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders/$ref
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, provide a JSON representation of the ID of the [identityProvider](../resources/identityproviderbase.md) you want to add. For self-service sign up user flows, the values can be `EmailPassword-OAUTH`, `EmailOtpSignup-OAUTH`, `Google-OAUTH` or `Facebook-OAUTH`.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. If unsuccessful, a `4xx` error will be returned with specific details.
+
+## Examples
+
+#### Request
+The following is an example of a request that adds Google as identity provider option for account creation.
+<!-- {
+ "blockType": "request",
+ "name": "update_authenticationeventsflow"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identity/authenticationEventsFlows/0313cc37-d421-421d-857b-87804d61e33e/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAuthenticationMethodLoadStart/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders/$ref
+
+{
+ "@odata.id": "https://graph.microsoft.com/beta/identityProviders/Google-OAUTH"
+}
+```
++
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Onenote Post Notebooks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onenote-post-notebooks.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Create a new OneNote [notebook](../resources/notebook.md).+ ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type | Permissions (from least to most privileged) |
One of the following permissions is required to call this API. To learn more, in
|Application | Notes.ReadWrite.All | ## HTTP request+ <!-- { "blockType": "ignored" } --> ```http POST /me/onenote/notebooks
POST /users/{id | userPrincipalName}/onenote/notebooks
POST /groups/{id}/onenote/notebooks POST /sites/{id}/onenote/notebooks ```+ ## Request headers+ | Name | Type | Description| |:|:--|:-| | Authorization | string | Bearer {token}. Required. | | Content-Type | string | `application/json` | ## Request body+ In the request body, supply a name for the notebook. Notebook names must be unique. The name cannot contain more than 128 characters or contain the following characters: ?*\/:<>|'"
Notebook names must be unique. The name cannot contain more than 128 characters
If successful, this method returns a `201 Created` response code and the new [notebook](../resources/notebook.md) object in the response body. ## Example+ ### Request
-Here is an example of the request.
+
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
Content-type: application/json
### Response
-Here is an example of the response. Note: The response object shown here is truncated for brevity. All of the properties will be returned from an actual call.
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
] } -->--
v1.0 Onlinemeeting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onlinemeeting-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:|
-| Delegated (work or school account) | OnlineMeetingArtifact.Read.All, OnlineMeetings.Read, OnlineMeetings.ReadWrite |
+| Delegated (work or school account) | OnlineMeetings.Read, OnlineMeetings.ReadWrite |
| Delegated (personal Microsoft account) | Not Supported. |
-| Application | OnlineMeetingArtifact.Read.All, OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
+| Application | OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
To use application permission for this API, tenant administrators must create an [application access policy](/graph/cloud-communication-online-meeting-application-access-policy) and grant it to a user to authorize the app configured in the policy to fetch online meetings and/or online meeting artifacts on behalf of that user (with user ID specified in the request path).
v1.0 Onpremisesdirectorysynchronization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/onpremisesdirectorysynchronization-get.md
GET https://graph.microsoft.com/beta/directory/onPremisesSynchronization/{id}
[!INCLUDE [sample-code](../includes/snippets/php/get-onpremisesdirectorysynchronization-e1-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
Content-Type: application/json
"@odata.context": "https://graph.microsoft.com/beta/$metadata#directory/onPremisesSynchronization/$entity", "id": "12cce4b4-4ab8-40b7-be4d-f5d7742ec185", "configuration": {
- "synchronizationInterval": "PT30M",
- "customerRequestedSynchronizationInterval": "PT1H",
"accidentalDeletionPrevention": { "synchronizationPreventionType": "enabledForCount", "alertThreshold": 500
+ },
+ "synchronizationInterval": "PT30M",
+ "customerRequestedSynchronizationInterval": "PT1H",
+ "anchorAttribute": "extensionAttribute4",
+ "applicationId": "1651564e-7ce4-4d99-88be-0a65050d8dc3",
+ "synchronizationClientVersion": "2.1.16.0",
+ "currentExportData": {
+ "pendingObjectsAddition": 63,
+ "pendingObjectsDeletion": 18,
+ "pendingObjectsUpdate": 290,
+ "successfulLinksProvisioningCount": 0,
+ "successfulObjectsProvisioningCount": 0,
+ "clientMachineName": "ABCD-SYNC-01",
+ "serviceAccount": "Synchronization-01@Contoso.onmicrosoft.com",
+ "totalConnectorSpaceObjects": 123456789
+ },
+ "writebackConfiguration": {
+ "unifiedGroupContainer": "unified-group-container-value",
+ "userContainer": "user-container-value"
} }, "features": {
v1.0 Orgcontact Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-get.md
Content-type: application/json
"number": null, "type": "business" }
- ]
+ ],
+ "serviceProvisioningErrors": [],
} ```
v1.0 Orgcontact Retryserviceprovisioning https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-retryserviceprovisioning.md
+
+ Title: "orgContact: retryServiceProvisioning"
+description: "Retries orgContact service provisioning."
+ms.localizationpriority: medium
+++
+# orgContact: retryServiceProvisioning
+
+Namespace: microsoft.graph
++
+Retry the [orgContact](../resources/orgContact.md) service provisioning.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | OrgContact.Read.All, Directory.Read.All, Directory.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | OrgContact.Read.All, Directory.Read.All, Directory.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+POST /orgContacts/{id}/retryServiceProvisioning
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+This operation has no request content.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+<!-- {
+ "blockType": "request",
+ "name": "orgcontact_retryserviceprovisioning"
+}-->
+```http
+POST https://graph.microsoft.com/beta/orgContacts/{id}/retryServiceProvisioning
+```
+
+### Response
+
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+```http
+HTTP/1.1 204 No Content
+```
v1.0 Outlooktask List Attachments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/outlooktask-list-attachments.md
GET https://graph.microsoft.com/beta/users/{id}/outlook/tasks/{id}/attachments
[!INCLUDE [sample-code](../includes/snippets/php/outlook-task-get-attachments-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Outlooktaskgroup List Taskfolders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/outlooktaskgroup-list-taskfolders.md
GET https://graph.microsoft.com/beta/me/outlook/taskGroups/AAMkADIyAAAhrbe-AAA=/
[!INCLUDE [sample-code](../includes/snippets/php/get-taskfolders-1-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ##### Response
v1.0 Permission Revokegrants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/permission-revokegrants.md
Content-Type: application/json
- ### Response If successful, this method returns a [Permission](../resources/permission.md) resource in the response body that represents the updated state of the sharing link.
v1.0 Personannotation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/personannotation-get.md
GET https://graph.microsoft.com/beta/me/profile/notes/{id}
[!INCLUDE [sample-code](../includes/snippets/php/get-personannotation-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Personinterest Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/personinterest-delete.md
DELETE https://graph.microsoft.com/beta/me/profile/interests/{id}
[!INCLUDE [sample-code](../includes/snippets/php/delete-personinterest-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Planner List Plans https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/planner-list-plans.md
Title: "List plans"
-description: "Retrieve a list of **plannerplan** objects."
+description: "Get a list of plannerPlan objects."
ms.localizationpriority: medium ms.prod: "planner"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve a list of **plannerplan** objects.
+Get a list of [plannerPlan](../resources/plannerplan.md) objects.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
```http GET /planner/plans ```+ ## Optional query parameters This method requires owner [filter](/graph/query-parameters) to be specified.
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and collection of [plannerPlan](../resources/plannerplan.md) objects in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [plannerPlan](../resources/plannerplan.md) objects in the response body.
This method can return any of the [HTTP status codes](/graph/errors). The most common errors that apps should handle for this method are the 403 and 404 responses. For more information about these errors, see [Common Planner error conditions](../resources/planner-overview.md#common-planner-error-conditions). ## Example
-##### Request
-Here is an example of the request.
+
+### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/beta/planner/plans
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
v1.0 Plannerplan Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerplan-get.md
Content-type: application/json
"containerId": "ebf3b108-5234-4e22-b93d-656d7dae5874", "type": "group" },
+ "sharedWithContainers": [
+ {
+ "@odata.type": "microsoft.graph.plannerSharedWithContainer"
+ }
+ ],
"title": "title-value", "id": "xqQg5FS2LkCp935s-FIFm2QAFkHM" }
v1.0 Plannerroster List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerroster-list-members.md
Title: "List members of a roster"
+ Title: "List plannerRosterMembers"
description: "Get the plannerRosterMember resources from the members navigation property." ms.localizationpriority: medium
ms.prod: "planner"
doc_type: apiPageType
-# List members of a roster
+# List plannerRosterMembers
+ Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
GET /planner/rosters/{plannerRosterId}/members
``` ## Optional query parameters
-This method only supports following OData query parameters:
--- $select
-For general information, see [OData query parameters](/graph/query-parameters).
+This method only supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `200 OK` response code and a collection of
### Request
+The following is an example of the request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
GET https://graph.microsoft.com/beta/planner/rosters/6519868f-868f-6519-8f86-196
### Response
-**Note:** The response object shown here might be shortened for readability.
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-Type: application/json
] } ```-
v1.0 Plannerroster List Plans https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerroster-list-plans.md
Title: "List plans"
-description: "Get the plannerPlan resources from the plans navigation property."
+description: "Get the plannerPlans contained by a plannerRoster."
ms.localizationpriority: medium ms.prod: "planner"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Get the [plannerPlans](../resources/plannerplan.md) contained by the [plannerRoster](../resources/plannerRoster.md).
+Get the [plannerPlans](../resources/plannerplan.md) contained by the [plannerRoster](../resources/plannerroster.md).
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
GET /planner/rosters/{plannerRosterId}/plans
``` ## Optional query parameters
-This method only supports following OData query parameters:
-- $select-
-For general information, see [OData query parameters](/graph/query-parameters).
+This method only supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
## Request headers |Name|Description|
If successful, this method returns a `200 OK` response code and a collection of
### Request
+The following is an example of the request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
GET https://graph.microsoft.com/beta/planner/rosters/6519868f-868f-6519-8f86-196
### Response
-**Note:** The response object shown here might be shortened for readability.
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-Type: application/json
] } ```-
v1.0 Plannerroster Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerroster-post-members.md
doc_type: apiPageType
# Create plannerRosterMember+ Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
Namespace: microsoft.graph
Add a member to the [plannerRoster](../resources/plannerrostermember.md) object. ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)|
POST /planner/rosters/{plannerRosterId}/members
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| |Content-Type|application/json. Required.| ## Request body+ In the request body, supply a JSON representation of the [plannerRosterMember](../resources/plannerrostermember.md) object. The following table shows the properties that are required when you create the [plannerRosterMember](../resources/plannerrostermember.md). |Property|Type|Description| |:|:|:|
+|roles|String collection|Additional roles assigned to the user. Optional. Currently, no additional roles are available for users.|
+|tenantId|String|Identifier of the tenant the user belongs to. Optional. Currently, roster members cannot be from different tenants.|
|userId|String|Identifier of the user.|
-|tenantId|String|Identifier of the tenant the user belongs to. Optional. Currently roster members cannot be from different tenants.|
-|roles|String collection|Additional roles assigned to the user. Optional. Currently there are no additional roles available for users.|
-- ## Response
If successful, this method returns a `201 Created` response code and a [plannerR
### Request
+The following is an example of the request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
Content-Type: application/json
### Response
-**Note:** The response object shown here might be shortened for readability.
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-Type: application/json
] } ```-
v1.0 Plannerrostermember Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerrostermember-delete.md
Title: "Delete plannerRosterMember"
-description: "Deletes a plannerRosterMember object."
+description: "Delete a plannerRosterMember object."
ms.localizationpriority: medium ms.prod: "planner"
doc_type: apiPageType
# Delete plannerRosterMember+ Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
Namespace: microsoft.graph
Delete a [plannerRosterMember](../resources/plannerrostermember.md) object. ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)|
DELETE /planner/rosters/{plannerRosterId}/members/{plannerRosterMemberId}
``` ## Request headers+ |Name|Description| |:|:| |Authorization|Bearer {token}. Required.| ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `204 No Content` response code.
### Request
+The following is an example of the request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
DELETE https://graph.microsoft.com/beta/planner/rosters/523a9d5a-f9d5-45c1-929f-
### Response+
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
DELETE https://graph.microsoft.com/beta/planner/rosters/523a9d5a-f9d5-45c1-929f-
``` http HTTP/1.1 204 No Content ```-
v1.0 Plannerrostermember Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerrostermember-get.md
GET /planner/rosters/{plannerRosterId}/members/{plannerRosterMemberId}
``` ## Optional query parameters
-This method only supports following OData query parameters:
-- $select-
-For general information, see [OData query parameters](/graph/query-parameters).
+This method only supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
## Request headers |Name|Description|
If successful, this method returns a `200 OK` response code and a [plannerRoster
### Request
+The following is an example of the request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
GET https://graph.microsoft.com/beta/planner/rosters/523a9d5a-f9d5-45c1-929f-b85
### Response
-**Note:** The response object shown here might be shortened for readability.
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
v1.0 Planneruser List Rosterplans https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/planneruser-list-rosterplans.md
Title: "List rosterPlans"
-description: "Get the plannerPlan resources from the rosterPlans navigation property."
+description: "Get the list of plannerPlans that are contained by the plannerRosters of which the user is a member."
ms.localizationpriority: medium ms.prod: "planner"
GET /users/{usersId}/planner/rosterPlans
``` ## Optional query parameters
-This method only supports following OData query parameters:
-- $select-
-For general information, see [OData query parameters](/graph/query-parameters).
+This method only supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
## Request headers |Name|Description|
If successful, this method returns a `200 OK` response code and a collection of
### Request
+The following is an example of the request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
GET https://graph.microsoft.com/beta/users/{usersId}/planner/rosterPlans
### Response
-**Note:** The response object shown here might be shortened for readability.
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-Type: application/json
] } ```-
v1.0 Planneruser Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/planneruser-update.md
If-Match: W/"JzEtVXNlckRldGFpbHMgQEBAQEBAQEBAQEBAQEBIWCc="
[!INCLUDE [sample-code](../includes/snippets/php/update-planneruser-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ##### Response
v1.0 Presence Setstatusmessage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/presence-setstatusmessage.md
The following permission is required to call the API. To learn more, including h
| :- | : | | Delegated (work or school account) | Presence.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
+| Application | Presence.ReadWrite.All |
## HTTP Request <!-- { "blockType": "ignored" } -->
v1.0 Printdocument Createuploadsession https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printdocument-createuploadsession.md
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/printdocument-createuploadsession-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printdocument Get File https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printdocument-get-file.md
The following example shows how to call this API to acquire a pre-authenticated
GET https://graph.microsoft.com/beta/print/printers/fcb0bc53-a446-41d0-bfc3-5c56cdbb0f2a/jobs/46140/documents/bd260b1a-044e-4ca6-afa9-17d9a587d254/$value ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/print/printers/fcb0bc53-a446-41d0-bfc3-5c56
[!INCLUDE [sample-code](../includes/snippets/javascript/get-document-value-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printer List Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printer-list-jobs.md
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/printers/{id}/jobs ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/print/printers/{id}/jobs
[!INCLUDE [sample-code](../includes/snippets/javascript/get-jobs-1-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printer Post Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printer-post-jobs.md
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/create-printjob-1-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printershare List Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printershare-list-jobs.md
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/shares/{id}/jobs ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/print/shares/{id}/jobs
[!INCLUDE [sample-code](../includes/snippets/javascript/get-jobs-2-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printershare Post Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printershare-post-jobs.md
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/create-printjob-2-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Abort https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printjob-abort.md
The following is an example of the request.
POST https://graph.microsoft.com/beta/print/printers/{id}/jobs/{id}/abort ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/beta/print/printers/{id}/jobs/{id}/abort
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-abort-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printjob-cancel.md
The following is an example of the request.
POST https://graph.microsoft.com/beta/print/printers/{id}/jobs/{id}/cancel ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/beta/print/printers/{id}/jobs/{id}/cancel
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-cancel-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printjob-get.md
The following is an example of a request to get metadata for a print job.
GET https://graph.microsoft.com/beta/print/printers/c05f3726-0d4b-4aa1-8fe9-2eb981bb26fb/jobs/5182 ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/print/printers/c05f3726-0d4b-4aa1-8fe9-2eb9
[!INCLUDE [sample-code](../includes/snippets/javascript/get-printjob-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
The following is a request to get a print job and any [tasks](../resources/print
GET https://graph.microsoft.com/beta/print/printers/c05f3726-0d4b-4aa1-8fe9-2eb981bb26fb/jobs/5182?$expand=tasks ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/print/printers/c05f3726-0d4b-4aa1-8fe9-2eb9
[!INCLUDE [sample-code](../includes/snippets/javascript/get-printjob-withtasks-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
The following is an example of a request to get a print job and its associated d
GET https://graph.microsoft.com/beta/print/printers/86b6d420-7e6b-4797-a05c-af4e56cd81bd/jobs/31216?$expand=documents ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/print/printers/86b6d420-7e6b-4797-a05c-af4e
[!INCLUDE [sample-code](../includes/snippets/javascript/get-printjob-withdocumentdata-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
v1.0 Printjob Redirect https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printjob-redirect.md
POST https://graph.microsoft.com/beta/print/printers/d5ef6ec4-07ca-4212-baf9-d45
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/beta/print/printers/d5ef6ec4-07ca-4212-baf9-d45
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-redirect-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printjob-update.md
PATCH https://graph.microsoft.com/beta/print/printers/d5ef6ec4-07ca-4212-baf9-d4
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
PATCH https://graph.microsoft.com/beta/print/printers/d5ef6ec4-07ca-4212-baf9-d4
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-update-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printusagebyprinter Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printusagebyprinter-get.md
If successful, this method returns a `200 OK` response code and a [printUsageByP
### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_printUsageByPrinter",
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByPrinter/016b5565-3bbf-4067-b9ff-4d68167eb1a6 ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Printusagebyuser Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printusagebyuser-get.md
If successful, this method returns a `200 OK` response code and a [printUsageByU
### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_printUsageByUser",
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByUser/016b5565-3bbf-4067-b9ff-4d68167eb1a6 ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Privilegedaccessgroup List Assignmentscheduleinstances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-list-assignmentscheduleinstances.md
+
+ Title: "List assignmentScheduleInstances"
+description: "Get a list of the privilegedAccessGroupAssignmentScheduleInstance objects and their properties."
+
+ms.localizationpriority: medium
++
+# List assignmentScheduleInstances
+Namespace: microsoft.graph
+
+Get a list of the [privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentScheduleInstances?$filter=groupId eq 'groupId'
+GET /identityGovernance/privilegedAccess/group/assignmentScheduleInstances?$filter=principalId eq 'principalId'
+```
+
+## Optional query parameters
+This method supports the `$select`, `$filter`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroupassignmentscheduleinstance"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleInstances?$filter=groupId eq '2b5ed229-4072-478d-9504-a047ebd4b07d'
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupAssignmentScheduleInstance)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentScheduleInstances",
+ "value": [
+ {
+ "id": "lAPpYvVpN0KRkAEhdxReEAWz5Gtet_xOv8wxvTtTpfg-1",
+ "principalId": "6be4b305-b75e-4efc-bfcc-31bd3b53a5f8",
+ "appScopeId": null,
+ "startDateTime": null,
+ "endDateTime": null,
+ "assignmentType": "Assigned",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ "assignmentScheduleId": "lAPpYvVpN0KRkAEhdxReEAWz5Gtet_xOv8wxvTtTpfg-1"
+ },
+ {
+ "id": "lAPpYvVpN0KRkAEhdxReEBLS8lac5ONCgpgBiOW-8JQ-1",
+ "principalId": "56f2d212-e49c-42e3-8298-0188e5bef094",
+ "appScopeId": null,
+ "startDateTime": null,
+ "endDateTime": null,
+ "assignmentType": "Assigned",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ "assignmentScheduleId": "lAPpYvVpN0KRkAEhdxReEBLS8lac5ONCgpgBiOW-8JQ-1"
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroup List Assignmentschedulerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-list-assignmentschedulerequests.md
+
+ Title: "List assignmentScheduleRequests"
+description: "Get a list of the privilegedAccessGroupAssignmentScheduleRequest objects and their properties."
+
+ms.localizationpriority: medium
++
+# List assignmentScheduleRequests
+Namespace: microsoft.graph
++
+Get a list of the [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentScheduleRequests
+```
+
+## Optional query parameters
+This method supports the `$select`, `$filter`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroupassignmentschedulerequest"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleRequests
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest",
+ "id": "6aacaee8-4089-4048-9510-3119367fc943",
+ "status": "Provisioned",
+ "completedDateTime": "2023-02-07T07:05:53.7895614Z",
+ "createdDateTime": "2023-02-07T07:05:55.3404527Z",
+ "approvalId": null,
+ "customData": null,
+ "createdBy": {
+ "user": {
+ "id": "3cce9d87-3986-4f19-8335-7ed075408ca2"
+ }
+ },
+ "action": "adminAssign",
+ "isValidationOnly": false,
+ "justification": "Retrieve requests",
+ "scheduleInfo": {
+ "startDateTime": "2023-02-07T06:57:55.6183972Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "afterDateTime",
+ "endDateTime": "2023-02-07T19:56:00Z",
+ "duration": null
+ }
+ },
+ "ticketInfo": {
+ "ticketNumber": null,
+ "ticketSystem": null
+ },
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "targetScheduleId": "2b5ed229-4072-478d-9504-a047ebd4b07d_member_6aacaee8-4089-4048-9510-3119367fc943"
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroup List Assignmentschedules https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-list-assignmentschedules.md
+
+ Title: "List assignmentSchedules"
+description: "Get a list of the privilegedAccessGroupAssignmentSchedule objects and their properties."
+
+ms.localizationpriority: medium
++
+# List assignmentSchedules
+Namespace: microsoft.graph
++
+Get a list of the [privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentSchedules?$filter=groupId eq 'groupId'
+GET /identityGovernance/privilegedAccess/group/assignmentSchedules?$filter=principalId eq 'principalId'
+```
+
+## Optional query parameters
+This method supports the `$select`, `$filter`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroupassignmentschedule"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentSchedules?filter=principalId eq '3cce9d87-3986-4f19-8335-7ed075408ca2'
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupAssignmentSchedule)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentSchedule",
+ "id": "8ba569e8-7024-f5f8-91ec-9b75d92897f1",
+ "scheduleInfo": {
+ "startDateTime": "2022-04-11T11:50:06.343Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "noExpiration",
+ "endDateTime": null,
+ "duration": null
+ }
+ },
+ "createdDateTime": "2023-01-11T11:50:06.343Z",
+ "modifiedDateTime": null,
+ "createdUsing": "String",
+ "status": "Provisioned",
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ "assignmentType": "Assigned"
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroup List Eligibilityscheduleinstances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-list-eligibilityscheduleinstances.md
+
+ Title: "List eligibilityScheduleInstances"
+description: "Get a list of the privilegedAccessGroupEligibilityScheduleInstance objects and their properties."
+
+ms.localizationpriority: medium
++
+# List eligibilityScheduleInstances
+Namespace: microsoft.graph
++
+Get a list of the [privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilityScheduleInstances?$filter=groupId eq 'groupId'
+GET /identityGovernance/privilegedAccess/group/eligibilityScheduleInstances?filter=principalId eq 'principalId'
+```
+
+## Optional query parameters
+This method supports the `$select`, `$filter`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroupeligibilityscheduleinstance"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleInstances$filter=groupId eq '2b5ed229-4072-478d-9504-a047ebd4b07d'
+```
++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilityScheduleInstance)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleInstances/$entity",
+ "value": [
+ {
+ "id": "772d5185-39b7-58be-4915-137ffaa7e42e",
+ "startDateTime": "String (timestamp)",
+ "endDateTime": null,
+ "accessId": null,
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ },
+ {
+ "id": "lAPpYvVpN0KRkAEhdxReEBLS8lac5ONCgpgBiOW-8JQ-1",
+ "startDateTime": "String (timestamp)",
+ "endDateTime": null,
+ "accessId": null,
+ "principalId": "56f2d212-e49c-42e3-8298-0188e5bef094",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroup List Eligibilityschedulerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-list-eligibilityschedulerequests.md
+
+ Title: "List eligibilityScheduleRequests"
+description: "Get a list of the privilegedAccessGroupEligibilityScheduleRequest objects and their properties."
+
+ms.localizationpriority: medium
++
+# List eligibilityScheduleRequests
+Namespace: microsoft.graph
++
+Get a list of the [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilityScheduleRequests
+```
+
+## Optional query parameters
+This method supports the `$select`, `$filter`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) objects in the response body.
+
+## Examples
+
+### Example 1: Retrieve all the eligibility requests
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroup_eligibilityschedulerequest_beta_e1"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/$entity",
+ "value": [
+ {
+ "id": "534b3d4d-3ba0-8429-3568-5e9cce6c2cbd",
+ "status": "Provisioned",
+ "completedDateTime": "2022-04-12T09:05:41.853Z",
+ "createdDateTime": "2022-04-12T09:05:41.807Z",
+ "approvalId": null,
+ "customData": null,
+ "createdBy": {
+ "user": {
+ "displayName": null,
+ "id": "3fbd929d-8c56-4462-851e-0eb9a7b3a2a5"
+ }
+ },
+ "action": "adminAssign",
+ "isValidationOnly": false,
+ "justification": "Assign eligibility to user for PIM for groups.",
+ "scheduleInfo": {
+ "startDateTime": "2022-04-12T09:05:41.8532931Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "afterDateTime",
+ "endDateTime": "2024-04-10T00:00:00Z",
+ "duration": null
+ }
+ },
+ "ticketInfo": {
+ "ticketNumber": null,
+ "ticketSystem": null
+ },
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "targetScheduleId": "534b3d4d-3ba0-8429-3568-5e9cce6c2cbd"
+ }
+ ]
+}
+```
+
+### Example 2: Retrieve specific properties of all eligibility requests
+
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroup_eligibilityschedulerequest_beta_e2"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests$select=principalId,action,groupId
+```
++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/$entity",
+ "value": [
+ {
+ "action": "adminAssign",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroup List Eligibilityschedules https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-list-eligibilityschedules.md
+
+ Title: "List eligibilitySchedules"
+description: "Get a list of the privilegedAccessGroupEligibilitySchedule objects and their properties."
+
+ms.localizationpriority: medium
++
+# List eligibilitySchedules
+Namespace: microsoft.graph
++
+Get a list of the [privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilitySchedules?$filter=groupId eq 'groupId'
+GET /identityGovernance/privilegedAccess/group/eligibilitySchedules?filter=principalId eq 'principalId'
+```
+
+## Optional query parameters
+This method supports the `$select`, `$filter`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) objects in the response body.
+
+## Examples
+
+### Example 1: Retrieve all eligibility schedules
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroupeligibilityschedule_beta_e1"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilitySchedules?filter=principalId eq '3cce9d87-3986-4f19-8335-7ed075408ca2'
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilitySchedule)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilitySchedules/$entity",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilitySchedule",
+ "id": "8ba569e8-7024-f5f8-91ec-9b75d92897f1",
+ "scheduleInfo": {
+ "startDateTime": "2022-04-12T14:44:50.287Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "afterDateTime",
+ "endDateTime": "2024-04-10T00:00:00Z",
+ "duration": null
+ }
+ },
+ "createdUsing": "77f71919-62f3-4d0c-9f88-0a0391b665cd",
+ "createdDateTime": "2022-04-12T14:44:50.287Z",
+ "modifiedDateTime": "0001-01-01T08:00:00Z",
+ "status": "Provisioned",
+ "memberType": "Direct",
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ }
+ ]
+}
+```
+
+### Example 2: Retrieve specific properties of all eligibility schedules
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_privilegedaccessgroupeligibilityschedule_beta_e2"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilitySchedules?$select=accessId,principalId,groupId
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilitySchedule)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilitySchedules/$entity",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilitySchedule",
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ }
+ ]
+}
+```
v1.0 Privilegedaccessgroup Post Assignmentschedulerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-post-assignmentschedulerequests.md
+
+ Title: "Create assignmentScheduleRequest"
+description: "Create a new privilegedAccessGroupAssignmentScheduleRequest object."
+
+ms.localizationpriority: medium
++
+# Create assignmentScheduleRequest
+Namespace: microsoft.graph
++
+Create a new [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/privilegedAccess/group/assignmentScheduleRequests
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) object.
+
+You can specify the following properties when creating a **privilegedAccessGroupAssignmentScheduleRequest**.
+
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of the membership or ownership assignment relationship to the group. The possible values are: `owner`, `member`. Required.|
+|action|String|Represents the type of the operation on the group membership or ownership assignment request. The possible values are: `adminAssign`, `adminUpdate`, `adminRemove`, `selfActivate`, `selfDeactivate`, `adminExtend`, `adminRenew`. <br/><ul><li>`adminAssign`: For administrators to assign group membership or ownership to principals.</li><li>`adminRemove`: For administrators to remove principals from group membership or ownership.</li><li> `adminUpdate`: For administrators to change existing group membership or ownership assignments.</li><li>`adminExtend`: For administrators to extend expiring assignments.</li><li>`adminRenew`: For administrators to renew expired assignments.</li><li>`selfActivate`: For principals to activate their assignments.</li><li>`selfDeactivate`: For principals to deactivate their active assignments.</li></ul> Required.|
+|customData|String|Free text field to define any custom data for the request. Optional.|
+|groupId|String|The identifier of the group representing the scope of the membership or ownership assignment through PIM for groups. Required.|
+|justification|String|A message provided by users and administrators when they create the **privilegedAccessGroupAssignmentScheduleRequest** object. Optional.|
+|principalId|String|The identifier of the principal whose membership or ownership assignment is granted through PIM for groups. Required.|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|The period of the group membership or ownership assignment for PIM for groups. Recurring schedules are currently unsupported. Required.|
+|ticketInfo|[ticketInfo](../resources/ticketinfo.md)|Ticket details linked to the group membership or ownership assignment request including details of the ticket number and ticket system. Optional.|
+
+## Response
+
+If successful, this method returns a `201 Created` response code and a [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) object in the response body.
+
+## Examples
+
+### Example 1: Create an assignment schedule request
+
+The following request creates an assignment schedule request to assign a principal active membership to the specified group. The active membership expires after two hours.
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_privilegedaccessgroupassignmentschedulerequest_from_beta_e1"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleRequests
+Content-Type: application/json
+
+{
+ "accessId": "member",
+ΓÇ» "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ΓÇ» "groupId": "68e55cce-cf7e-4a2d-9046-3e4e75c4bfa7",
+ΓÇ» "action": "adminAssign",
+ΓÇ» "scheduleInfo": {
+ΓÇ» ΓÇ» ΓÇ» "startDateTime": "2022-12-08T07:43:00.000Z",
+ΓÇ» ΓÇ» ΓÇ» "expiration": {
+ΓÇ» ΓÇ» ΓÇ» ΓÇ» ΓÇ» "type": "afterDuration",
+ΓÇ» ΓÇ» ΓÇ» ΓÇ» ΓÇ» "duration": "PT2H"
+ΓÇ» ΓÇ» ΓÇ» }
+ΓÇ» },
+ΓÇ» "justification": "Assign active member access."
+}
+```
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.type": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentScheduleRequests/$entity",
+ "id": "34e963f6-150f-cf79-678c-6fcaf978bb49",
+ "status": "Provisioned",
+ "completedDateTime": "2023-02-07T07:05:55.3404527Z",
+ "createdDateTime": "2023-02-07T07:05:53.7895614Z",
+ "approvalId": null,
+ "customData": null,
+ "createdBy": {
+ "user": {
+ "id": "3cce9d87-3986-4f19-8335-7ed075408ca2"
+ }
+ },
+ "action": "adminAssign",
+ "isValidationOnly": false,
+ "justification": "Assign active member access.",
+ "scheduleInfo": {
+ "startDateTime": "2023-02-07T07:05:55.3404527Z",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "PT2H"
+ }
+ },
+ "ticketInfo": {
+ "ticketNumber": null,
+ "ticketSystem": null
+ },
+ "accessId": "member",
+ΓÇ» "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ΓÇ» "groupId": "68e55cce-cf7e-4a2d-9046-3e4e75c4bfa7",
+ "targetScheduleId": "2b5ed229-4072-478d-9504-a047ebd4b07d_member_6aacaee8-4089-4048-9510-3119367fc943"
+}
+```
+
+### Example 2: User activates their eligible assignment for PIM for Groups
+
+In the following request, a user identified by **principalId** `3cce9d87-3986-4f19-8335-7ed075408ca2` activates their *eligible membership* to a group managed by PIM identified by **groupId** `2b5ed229-4072-478d-9504-a047ebd4b07d`.
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_privilegedaccessgroupassignmentschedulerequest_from_beta_e2"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleRequests
+Content-Type: application/json
+
+{
+ "accessId": "member",
+ΓÇ» "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ΓÇ» "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ΓÇ» "action": "selfActivate",
+ΓÇ» "scheduleInfo": {
+ΓÇ» ΓÇ» ΓÇ» "startDateTime": "2023-02-08T07:43:00.000Z",
+ΓÇ» ΓÇ» ΓÇ» "expiration": {
+ΓÇ» ΓÇ» ΓÇ» ΓÇ» ΓÇ» "type": "afterDuration",
+ΓÇ» ΓÇ» ΓÇ» ΓÇ» ΓÇ» "duration": "PT2H"
+ΓÇ» ΓÇ» ΓÇ» }
+ΓÇ» },
+ΓÇ» "justification": "Activate assignment."
+}
+```
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
++++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.type": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentScheduleRequests/$entity",
+ "id": "6aacaee8-4089-4048-9510-3119367fc943",
+ "status": "Provisioned",
+ "completedDateTime": "2023-02-07T07:05:55.3404527Z",
+ "createdDateTime": "2023-02-07T07:05:53.7895614Z",
+ "approvalId": null,
+ "customData": null,
+ "createdBy": {
+ "user": {
+ "id": "3cce9d87-3986-4f19-8335-7ed075408ca2"
+ }
+ },
+ "action": "selfActivate",
+ "isValidationOnly": false,
+ "justification": "Activate assignment.",
+ "scheduleInfo": {
+ "startDateTime": "2023-02-07T07:05:55.3404527Z",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "PT2H"
+ }
+ },
+ "ticketInfo": {
+ "ticketNumber": null,
+ "ticketSystem": null
+ },
+ "accessId": "member",
+ΓÇ» "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ΓÇ» "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "targetScheduleId": "2b5ed229-4072-478d-9504-a047ebd4b07d_member_6aacaee8-4089-4048-9510-3119367fc943"
+}
+```
+
v1.0 Privilegedaccessgroup Post Eligibilityschedulerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroup-post-eligibilityschedulerequests.md
+
+ Title: "Create eligibilityScheduleRequest"
+description: "Create a new privilegedAccessGroupEligibilityScheduleRequest object."
+
+ms.localizationpriority: medium
++
+# Create eligibilityScheduleRequest
+Namespace: microsoft.graph
++
+Create a new [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/privilegedAccess/group/eligibilityScheduleRequests
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) object.
+
+You can specify the following properties when creating a **privilegedAccessGroupEligibilityScheduleRequest**.
+
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of the membership or ownership eligibility relationship to the group. The possible values are: `owner`, `member`. Required.|
+|action|String|Represents the type of operation on the group membership or ownership eligibility assignment request. The possible values are: `adminAssign`, `adminUpdate`, `adminRemove`, `selfActivate`, `selfDeactivate`, `adminExtend`, `adminRenew`. <br/><ul><li>`adminAssign`: For administrators to assign group membership or ownership eligibility to principals.</li><li>`adminRemove`: For administrators to remove principals from group membership or ownership eligibilities.</li><li> `adminUpdate`: For administrators to change existing eligible assignments.</li><li>`adminExtend`: For administrators to extend expiring eligible assignments.</li><li>`adminRenew`: For administrators to renew expired eligible assignments.</li><li>`selfActivate`: For principals to activate their eligible assignments.</li><li>`selfDeactivate`: For principals to deactivate their eligible assignments.</li></ul>|
+|groupId|String|The identifier of the group representing the scope of the membership or ownership eligibility through PIM for groups. Required.|
+|justification|String|A message provided by users and administrators when they create the **privilegedAccessGroupAssignmentScheduleRequest** object.|
+|principalId|String|The identifier of the principal whose membership or ownership eligibility to the group is managed through PIM for groups. Required.|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|The period of the group membership or ownership assignment for PIM for groups. Recurring schedules are currently unsupported. Required.|
+|ticketInfo|[ticketInfo](../resources/ticketinfo.md)|Ticket details linked to the group membership or ownership assignment request including details of the ticket number and ticket system. Optional.|
++
+## Response
+
+If successful, this method returns a `201 Created` response code and a [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) object in the response body.
+
+## Examples
+
+### Example 1: An admin creates an eligible group ownership request for a principal
+
+The following request creates an eligibility schedule request to make a principal eligible to be a group owner. The eligible ownership expires after two hours.
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_request_for_principal_from_admin_beta_e1"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests
+Content-Type: application/json
+
+{
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "action": "AdminAssign",
+ "scheduleInfo": {
+ "startDateTime": "2023-02-06T19:25:00.000Z",
+ "expiration": {
+ "type": "AfterDateTime",
+ "endDateTime": "2023-02-07T19:56:00.000Z"
+ }
+ },
+ "justification": "Assign eligible request."
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/$entity",
+ "id": "f8bd9e2d-bc15-49b1-8a9b-c571b3cf9555",
+ "status": "Provisioned",
+ "createdDateTime": "2023-02-07T06:57:54.1633903Z",
+ "completedDateTime": "2023-02-07T06:57:55.6183972Z",
+ "action": "adminAssign",
+ "isValidationOnly": false,
+ "justification": "Assign eligible request.",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "targetScheduleId": "2b5ed229-4072-478d-9504-a047ebd4b07d_member_f8bd9e2d-bc15-49b1-8a9b-c571b3cf9555",
+ "createdBy": {
+ "user": {
+ "id": "3cce9d87-3986-4f19-8335-7ed075408ca2"
+ }
+ },
+ "scheduleInfo": {
+ "startDateTime": "2023-02-07T06:57:55.6183972Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "afterDateTime",
+ "endDateTime": "2023-02-07T19:56:00Z",
+ "duration": null
+ }
+ }
+}
+```
+
+### Example 2: An admin extends an eligible group membership for a principal
+
+The following request extends an existing eligibility schedule request before it expires.
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "extend_group_membership_for_principal_from_admin_beta_e2"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests
+Content-Type: application/json
+
+{
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "action": "AdminExtend",
+ "scheduleInfo": {
+ "startDateTime": "2023-02-06T19:25:00.000Z",
+ "expiration": {
+ "type": "AfterDateTime",
+ "endDateTime": "2023-02-07T20:56:00.000Z"
+ }
+ },
+ "justification": "Extend eligible request."
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/$entity",
+ "id": "e3405b79-c0d8-4597-87b5-a84451e29224",
+ "status": "Provisioned",
+ "createdDateTime": "2023-02-07T07:01:25.9239454Z",
+ "completedDateTime": "2023-02-07T07:01:27.3379548Z",
+ "action": "adminExtend",
+ "isValidationOnly": false,
+ "justification": "Extend eligible request.",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "targetScheduleId": "2b5ed229-4072-478d-9504-a047ebd4b07d_member_e3405b79-c0d8-4597-87b5-a84451e29224",
+ "createdBy": {
+ "user": {
+ "id": "3cce9d87-3986-4f19-8335-7ed075408ca2"
+ }
+ },
+ "scheduleInfo": {
+ "startDateTime": "2023-02-07T07:01:27.3379548Z",
+ "expiration": {
+ "type": "afterDateTime",
+ "endDateTime": "2023-02-07T20:56:00Z",
+ "duration": null
+ }
+ }
+}
+```
v1.0 Privilegedaccessgroupassignmentschedule Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupassignmentschedule-filterbycurrentuser.md
+
+ Title: "privilegedAccessGroupAssignmentSchedule: filterByCurrentUser"
+description: "In PIM for groups, retrieve the schedules for membership or ownership assignments for the calling principal to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupAssignmentSchedule: filterByCurrentUser
+Namespace: microsoft.graph
++
+In PIM for groups, retrieve the schedules for membership or ownership assignments for the calling principal to groups that are governed by PIM.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentSchedules/filterByCurrentUser(on='parameterValue')
+```
+
+## Function parameters
+In the request URL, provide the following query parameters with values.
+The following table shows the parameters that can be used with this function.
+
+|Parameter|Type|Description|
+|:|:|:|
+|on|assignmentScheduleFilterByCurrentUserOptions|Filter used to query assignmentSchedules. The possible values are `principal`, `unknownFutureValue`. Required.|
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) collection in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupassignmentschedulethis.filterbycurrentuser"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentSchedules/filterByCurrentUser(on='principal')
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupAssignmentSchedule)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentScheduleRequests/$entity",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentSchedule",
+ "id": "lAPpYvVpN0KRkAEhdxReEJ2SvT9WjGJEhR4OuaezoqU-1",
+ "scheduleInfo": {
+ "startDateTime": "2023-01-11T19:31:50.5613964Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "noExpiration",
+ "endDateTime": null,
+ "duration": null
+ }
+ },
+ "createdDateTime": null,
+ "modifiedDateTime": null,
+ "createdUsing": null,
+ "status": "Provisioned",
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ "assignmentType": "Assigned"
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroupassignmentschedule Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupassignmentschedule-get.md
+
+ Title: "Get privilegedAccessGroupAssignmentSchedule"
+description: "Read the properties and relationships of a privilegedAccessGroupAssignmentSchedule object."
+
+ms.localizationpriority: medium
++
+# Get privilegedAccessGroupAssignmentSchedule
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentSchedules/{privilegedAccessGroupAssignmentScheduleId}
+```
+
+## Optional query parameters
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) object in the response body.
+
+## Examples
+
+### Example 1: Retrieve an assignment schedule
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_privilegedaccessgroupassignmentschedule"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentSchedules/8ba569e8-7024-f5f8-91ec-9b75d92897f1
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentSchedule"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentSchedules/$entity",
+ "id": "8ba569e8-7024-f5f8-91ec-9b75d92897f1",
+ "scheduleInfo": {
+ "startDateTime": "2022-04-11T11:50:06.343Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "noExpiration",
+ "endDateTime": null,
+ "duration": null
+ }
+ },
+ "createdDateTime": "2022-04-11T11:50:06.343Z",
+ "modifiedDateTime": null,
+ "createdUsing": "8ba569e8-7024-f5f8-91ec-9b75d92897f1",
+ "status": "Provisioned",
+ "assignmentType": "Assigned",
+ "memberType": "Direct",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "14b9e371-5c2c-4ee5-a4a5-2980060d4f4e",
+}
+```
+
v1.0 Privilegedaccessgroupassignmentscheduleinstance Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupassignmentscheduleinstance-filterbycurrentuser.md
+
+ Title: "privilegedAccessGroupAssignmentScheduleInstance: filterByCurrentUser"
+description: "In PIM for groups, retrieve the schedule instances for membership or ownership assignments for the calling principal to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupAssignmentScheduleInstance: filterByCurrentUser
+Namespace: microsoft.graph
++
+In PIM for groups, retrieve the schedule instances for membership or ownership assignments for the calling principal to groups that are governed by PIM.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentScheduleInstances/filterByCurrentUser(on=parameterValue)
+```
+
+## Function parameters
+In the request URL, provide the following query parameters with values.
+The following table shows the parameters that are required with this function.
+
+|Parameter|Type|Description|
+|:|:|:|
+|on|assignmentScheduleInstanceFilterByCurrentUserOptions|Filter used to query assignmentScheduleInstances. The possible values are `principal`, `unknownFutureValue`. Required.|
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) collection in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupassignmentscheduleinstancethis.filterbycurrentuser"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleInstances/filterByCurrentUser(on='principal')
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupAssignmentScheduleInstance)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentScheduleInstance",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentScheduleInstance",
+ "id": "lAPpYvVpN0KRkAEhdxReEJ2SvT9WjGJEhR4OuaezoqU-1",
+ "startDateTime": null,
+ "endDateTime": null,
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ "assignmentType": "Assigned",
+ "assignmentScheduleId": "lAPpYvVpN0KRkAEhdxReEJ2SvT9WjGJEhR4OuaezoqU-1"
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroupassignmentscheduleinstance Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupassignmentscheduleinstance-get.md
+
+ Title: "Get privilegedAccessGroupAssignmentScheduleInstance"
+description: "Read the properties and relationships of a privilegedAccessGroupAssignmentScheduleInstance object."
+
+ms.localizationpriority: medium
++
+# Get privilegedAccessGroupAssignmentScheduleInstance
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentScheduleInstances/{privilegedAccessGroupAssignmentScheduleInstanceId}
+```
+
+## Optional query parameters
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_privilegedaccessgroupassignmentscheduleinstance"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleInstances/48fe5560-de56-2750-ae7c-2bbf1da9e452
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentScheduleInstance"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentScheduleInstances/$entity",
+ "id": "48fe5560-de56-2750-ae7c-2bbf1da9e452",
+ "startDateTime": null,
+ "endDateTime": null,
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct",
+ "assignmentType": "Assigned",
+ "assignmentScheduleId": "48fe5560-de56-2750-ae7c-2bbf1da9e452"
+}
+```
+
v1.0 Privilegedaccessgroupassignmentschedulerequest Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupassignmentschedulerequest-cancel.md
+
+ Title: "privilegedAccessGroupAssignmentScheduleRequest: cancel"
+description: "Cancel an access assignment request to a group whose membership and ownership are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupAssignmentScheduleRequest: cancel
+Namespace: microsoft.graph
++
+Cancel an access assignment request to a group whose membership and ownership are governed by PIM.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/privilegedAccess/group/assignmentScheduleRequests/{privilegedAccessGroupAssignmentScheduleRequestId}/cancel
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this action returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupassignmentschedulerequestthis.cancel"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleRequests/f4b57a8c-da56-4ae0-8aef-65c3a043dab4/cancel
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Privilegedaccessgroupassignmentschedulerequest Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupassignmentschedulerequest-filterbycurrentuser.md
+
+ Title: "privilegedAccessGroupAssignmentScheduleRequest: filterByCurrentUser"
+description: "In PIM for groups, retrieve the requests for membership or ownership assignments for the calling principal to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupAssignmentScheduleRequest: filterByCurrentUser
+Namespace: microsoft.graph
++
+In PIM for groups, retrieve the requests for membership or ownership assignments for the calling principal to groups that are governed by PIM.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.Read.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentScheduleRequests/filterByCurrentUser(on='parameterValue')
+```
+
+## Function parameters
+In the request URL, provide the following query parameters with values.
+The following table shows the parameters that can be used with this function.
+
+|Parameter|Type|Description|
+|:|:|:|
+|on|assignmentScheduleRequestFilterByCurrentUserOptions|Filter used to query assignmentScheduleRequests. The possible values are `principal`, `createdBy`, `approver`, `unknownFutureValue`. Required.|
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) collection in the response body.
+
+## Examples
+
+### Example 1: Retrieve a principal's requests scoped to a specific group and that are pending approval
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupassignmentschedulerequestthis.filterbycurrentuser"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleRequests/filterByCurrentUser(on='principal')?$filter=status eq 'PendingApproval' and groupId eq 'd5f0ad2e-6b34-401b-b6da-0c8fc2c5a3fc'
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest",
+ "id": "12345",  
+ "accessId": "member",
+ "principalId": "c277c8cb-6bb7-42e5-a17f-0add9a718151",  
+ "groupId": "d5f0ad2e-6b34-401b-b6da-0c8fc2c5a3fc",
+ "status": "PendingApproval",
+ "createdDateTIme": "2022-02-26T08:00:00.000Z",
+ "completedDateTIme": null,
+ "isValidationOnly": false,
+ "action": "SelfActivate",  
+ "scheduleInfo":
+ {
+ "startDateTime": "2022-04-01T08:00:00.000Z",
+ "expiration":
+ {
+ "type": "AfterDuration",
+ "duration" : "PT8H",
+ }
+ },
+ "justification":"Activate access",
+ "ticketInfo":
+ {
+ "ticketNumber": "09876"
+ }
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroupassignmentschedulerequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupassignmentschedulerequest-get.md
+
+ Title: "Get privilegedAccessGroupAssignmentScheduleRequest"
+description: "Read the properties and relationships of a privilegedAccessGroupAssignmentScheduleRequest object."
+
+ms.localizationpriority: medium
++
+# Get privilegedAccessGroupAssignmentScheduleRequest
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/assignmentScheduleRequests/{privilegedAccessGroupAssignmentScheduleRequestId}
+```
+
+## Optional query parameters
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_privilegedaccessgroupassignmentschedulerequest"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/assignmentScheduleRequests/34e963f6-150f-cf79-678c-6fcaf978bb49
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/assignmentScheduleRequests/$entity",
+ "id": "34e963f6-150f-cf79-678c-6fcaf978bb49",
+ "status": "Provisioned",
+ "completedDateTime": "2023-01-11T11:50:06Z",
+ "createdDateTime": "2023-01-11T11:50:05.95Z",
+ "approvalId": null,
+ "customData": null,
+ "createdBy": {
+ "user": {
+ "displayName": null,
+ "id": "3fbd929d-8c56-4462-851e-0eb9a7b3a2a5"
+ }
+ },
+ "action": "adminAssign",
+ "isValidationOnly": false,
+ "justification": "Assign active member access.",
+ "scheduleInfo": {
+ "startDateTime": "2023-01-11T11:50:05.9999343Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "noExpiration",
+ "endDateTime": null,
+ "duration": null
+ }
+ },
+ "ticketInfo": {
+ "ticketNumber": null,
+ "ticketSystem": null
+ },
+ "principalId": "071cc716-8147-4397-a5ba-b2105951cc0b",
+ "accessId": "member",
+ "groupId": "68e55cce-cf7e-4a2d-9046-3e4e75c4bfa7",
+ "targetScheduleId": "34e963f6-150f-cf79-678c-6fcaf978bb49"
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityschedule Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupeligibilityschedule-filterbycurrentuser.md
+
+ Title: "privilegedAccessGroupEligibilitySchedule: filterByCurrentUser"
+description: "Retrieve schedules of membership and ownership eligibility requests for the calling principal."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupEligibilitySchedule: filterByCurrentUser
+Namespace: microsoft.graph
++
+Retrieve schedules of membership and ownership eligibility requests for the calling principal.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilitySchedules/filterByCurrentUser(on='parameterValue')
+```
+
+## Function parameters
+In the request URL, provide the following query parameters with values.
+The following table shows the parameters that must be used with this function.
+
+|Parameter|Type|Description|
+|:|:|:|
+|on|eligibilityScheduleFilterByCurrentUserOptions|Filter used to query eligibilitySchedules. The possible values are `principal`, `unknownFutureValue`. Required.|
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) collection in the response body.
+
+## Examples
+Note: this method requires either the principalId or groupId filter property.
+
+### Example 1: Retrieve eligibility schedules for the calling principal
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupeligibilityschedulethis.filterbycurrentuser_beta_e1"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilitySchedules/filterByCurrentUser(on='principal')
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilitySchedule)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(privilegedAccessGroupEligibilitySchedule)",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilitySchedule",
+ "id": "14b9e371-5c2c-4ee5-a4a5-2980060d4f4e_member_f9003cf6-8905-4c69-a9f8-fd6d04caec69",
+ "createdDateTime": "2022-03-14T19:26:07.06Z",
+ "modifiedDateTime": "0001-01-01T08:00:00Z",
+ "createdUsing": "f9003cf6-8905-4c69-a9f8-fd6d04caec69",
+ "status": "Provisioned",
+ "scheduleInfo": {
+ "startDateTime": "2022-04-11T19:31:50.5613964Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "noExpiration",
+ "endDateTime": null,
+ "duration": null
+ }
+ },
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "14b9e371-5c2c-4ee5-a4a5-2980060d4f4e",
+ "memberType": "direct"
+ }
+ ]
+}
+```
+
+### Example 2: Retrieve eligibility schedules for the principal and filter by a group and accessId
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupeligibilityschedulethis.filterbycurrentuser_beta_e2"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilitySchedules/filterByCurrentUser(on='principal')?$filter=groupId eq 'd5f0ad2e-6b34-401b-b6da-0c8fc2c5a3fc' and accessId eq 'member'
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilitySchedule)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(privilegedAccessGroupEligibilitySchedule)",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilitySchedule",
+ "id": "14b9e371-5c2c-4ee5-a4a5-2980060d4f4e_member_f9003cf6-8905-4c69-a9f8-fd6d04caec69",
+ "createdDateTime": "2022-03-14T19:26:07.06Z",
+ "modifiedDateTime": "0001-01-01T08:00:00Z",
+ "createdUsing": "f9003cf6-8905-4c69-a9f8-fd6d04caec69",
+ "status": "Provisioned",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "14b9e371-5c2c-4ee5-a4a5-2980060d4f4e",
+ "memberType": "direct",
+ "scheduleInfo": {
+ "startDateTime": "2022-03-14T19:26:07.06Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "afterDateTime",
+ "endDateTime": "2023-03-14T19:25:46.4Z",
+ "duration": null
+ }
+ }
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityschedule Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupeligibilityschedule-get.md
+
+ Title: "Get privilegedAccessGroupEligibilitySchedule"
+description: "Read the properties and relationships of a privilegedAccessGroupEligibilitySchedule object."
+
+ms.localizationpriority: medium
++
+# Get privilegedAccessGroupEligibilitySchedule
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilitySchedules/{privilegedAccessGroupEligibilityScheduleId}
+```
+
+## Optional query parameters
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) object in the response body.
+
+## Examples
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_privilegedaccessgroupeligibilityschedule"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilitySchedules/37bf27ec-70a7-60e0-8239-aa3ffa7719ac
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilitySchedule"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilitySchedules/$entity",
+ "id": "37bf27ec-70a7-60e0-8239-aa3ffa7719ac",
+ "scheduleInfo": {
+ "startDateTime": "2022-04-11T11:50:06.343Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "noExpiration",
+ "endDateTime": null,
+ "duration": null
+ }
+ },
+ "createdUsing": "95c690fb-3eb3-4942-a03f-4524aed6f31e",
+ "createdDateTime": "2022-04-11T11:50:06.343Z",
+ "modifiedDateTime": null,
+ "status": "Provisioned",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "memberType": "Direct"
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityscheduleinstance Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupeligibilityscheduleinstance-filterbycurrentuser.md
+
+ Title: "privilegedAccessGroupEligibilityScheduleInstance: filterByCurrentUser"
+description: "Return instances of membership and ownership eligibility schedules for the calling principal."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupEligibilityScheduleInstance: filterByCurrentUser
+Namespace: microsoft.graph
++
+Return instances of membership and ownership eligibility schedules for the calling principal.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilityScheduleInstances/filterByCurrentUser(on='parameterValue')
+```
+
+## Function parameters
+In the request URL, provide the following query parameters with values.
+The following table shows the parameters that must be used with this function.
+
+|Parameter|Type|Description|
+|:|:|:|
+|on|eligibilityScheduleInstanceFilterByCurrentUserOptions|Filter used to query eligibilityScheduleInstances. The possible values are `principal`, `unknownFutureValue`. Required.|
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) collection in the response body.
+
+## Examples
+
+### Example 1: Retrieve schedule instances for the calling principal
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupeligibilityscheduleinstancethis.filterbycurrentuser"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleInstances/filterByCurrentUser(on='principal')
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilityScheduleInstance)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilityScheduleInstance",
+ "id": "8MYkhImhnkm70CbBdTyW1BbHHAdHgZdDpbqyEFlRzAs-1-e",
+ "startDateTime": "2022-04-12T14:44:50.287Z",
+ "endDateTime": "2024-04-10T00:00:00Z",
+ "memberType": "Direct",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "eligibilityScheduleId": "77f71919-62f3-4d0c-9f88-0a0391b665cd"
+ }
+ ]
+}
+```
v1.0 Privilegedaccessgroupeligibilityscheduleinstance Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupeligibilityscheduleinstance-get.md
+
+ Title: "Get privilegedAccessGroupEligibilityScheduleInstance"
+description: "Read the properties and relationships of a privilegedAccessGroupEligibilityScheduleInstance object."
+
+ms.localizationpriority: medium
++
+# Get privilegedAccessGroupEligibilityScheduleInstance
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilityScheduleInstances/{privilegedAccessGroupEligibilityScheduleInstanceId}
+```
+
+## Optional query parameters
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) object in the response body.
+
+## Examples
+
+### Example 1: Get all eligibility schedule instances
+
+#### Request
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_privilegedaccessgroupeligibilityscheduleinstance"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleInstances/d5f0ad2e-6b34-401b-b6da-0c8fc2c5a3fc
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilityScheduleInstance"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilityScheduleInstance",
+ "id": "b88fc7b0-a4ff-45fc-82c4-1d31a807315e",
+ "accessId": "member",
+ "principalId": "c277c8cb-6bb7-42e5-a17f-0add9a718151",
+ "groupId": "d5f0ad2e-6b34-401b-b6da-0c8fc2c5a3fc",
+ "startDateTime": "2020-08-27T18:58:35.967Z",
+ "endDateTime": "2020-08-29T18:57:38Z",
+ "memberType": "Direct",
+ "memberEligibilityScheduleId": "04e755d8-488a-4abb-a27f-19091d73c970"
+ }
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityschedulerequest Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupeligibilityschedulerequest-cancel.md
+
+ Title: "privilegedAccessGroupEligibilityScheduleRequest: cancel"
+description: "Cancel an eligibility assignment request to a group whose membership and ownership are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupEligibilityScheduleRequest: cancel
+Namespace: microsoft.graph
++
+Cancel an eligibility assignment request to a group whose membership and ownership are governed by PIM.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/{privilegedAccessGroupEligibilityScheduleRequestId}/cancel
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this action returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupeligibilityschedulerequestthis.cancel"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/f4b57a8c-da56-4ae0-8aef-65c3a043dab4/cancel
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Privilegedaccessgroupeligibilityschedulerequest Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupeligibilityschedulerequest-filterbycurrentuser.md
+
+ Title: "privilegedAccessGroupEligibilityScheduleRequest: filterByCurrentUser"
+description: "In PIM for groups, retrieve the requests for membership or ownership eligibilities for the calling principal to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupEligibilityScheduleRequest: filterByCurrentUser
+Namespace: microsoft.graph
++
+In PIM for groups, retrieve the requests for membership or ownership eligibilities for the calling principal to groups that are governed by PIM.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.Read.AzureADGroup, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/filterByCurrentUser(on='parameterValue')
+```
+
+## Function parameters
+In the request URL, provide the following query parameters with values.
+The following table shows the parameters that are required with this function.
+
+|Parameter|Type|Description|
+|:|:|:|
+|on|eligibilityScheduleRequestFilterByCurrentUserOptions|Filter used to query eligibilityScheduleRequests. The possible values are `principal`, `createdBy`, `approver`, `unknownFutureValue`. Required.|
++
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) collection in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "privilegedaccessgroupeligibilityschedulerequestthis.filterbycurrentuser"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/filterByCurrentUser(on='principal')
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/$entity",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest",
+ "id": "50877283-9d40-433c-bab8-7986dc10458a",
+ "status": "Provisioned",
+ "createdDateTime": "2022-04-12T09:05:41.807Z",
+ "completedDateTime": "2022-04-12T09:05:41.853Z",
+ "approvalId": null,
+ "customData": null,
+ "createdBy": {
+ "user": {
+ "displayName": null,
+ "id": "3fbd929d-8c56-4462-851e-0eb9a7b3a2a5"
+ }
+ },
+ "action": "adminAssign",
+ "isValidationOnly": false,
+ "justification": "Assign eligibility to user for PIM for Groups membership.",
+ "scheduleInfo": {
+ "startDateTime": "2022-04-12T09:05:41.8532931Z",
+ "recurrence": null,
+ "expiration": {
+ "type": "afterDateTime",
+ "endDateTime": "2024-04-10T00:00:00Z",
+ "duration": null
+ }
+ },
+ "ticketInfo": {
+ "ticketNumber": null,
+ "ticketSystem": null
+ },
+ "accessId": "member",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "targetScheduleId": "50877283-9d40-433c-bab8-7986dc10458a"
+ }
+ ]
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityschedulerequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedaccessgroupeligibilityschedulerequest-get.md
+
+ Title: "Get privilegedAccessGroupEligibilityScheduleRequest"
+description: "Read the properties and relationships of a privilegedAccessGroupEligibilityScheduleRequest object."
+
+ms.localizationpriority: medium
++
+# Get privilegedAccessGroupEligibilityScheduleRequest
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup|
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/{privilegedAccessGroupEligibilityScheduleRequestId}
+```
+
+## Optional query parameters
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) object in the response body.
+
+## Examples
+
+### Example 1: Get all eligibility schedule requests
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_privilegedaccessgroupeligibilityschedulerequest_beta_e1"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/534b3d4d-3ba0-8429-3568-5e9cce6c2cbd
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/$entity",
+ "id": "534b3d4d-3ba0-8429-3568-5e9cce6c2cbd",
+ "status": "Revoked",
+ "completedDateTime": null,
+ "createdDateTime": "2022-04-12T09:12:18.187Z",
+ "approvalId": null,
+ "customData": null,
+ "createdBy": {
+ "user": {
+ "displayName": null,
+ "id": "3fbd929d-8c56-4462-851e-0eb9a7b3a2a5"
+ }
+ },
+ "action": "adminRemove",
+ "isValidationOnly": false,
+ "justification": null,
+ "scheduleInfo": null,
+ "ticketInfo": {
+ "ticketNumber": null,
+ "ticketSystem": null
+ },
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "accessId": "member",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d",
+ "targetScheduleId": null
+}
+```
+
+### Example 2: Get specific properties of all eligibility schedule requests
+
+#### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_privilegedaccessgroupeligibilityschedulerequest_beta_e2"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/534b3d4d-3ba0-8429-3568-5e9cce6c2cbd?$select=principalId,action,groupId
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/privilegedAccess/group/eligibilityScheduleRequests/$entity",
+ "principalId": "3cce9d87-3986-4f19-8335-7ed075408ca2",
+ "action": "adminRemove",
+ "groupId": "2b5ed229-4072-478d-9504-a047ebd4b07d"
+}
+```
v1.0 Privilegedapproval Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-get.md
- Title: "Get privilegedApproval"
-description: "Retrieve the properties and relationships of privilegedapproval object."
-doc_type: apiPageType
---
-# Get privilegedApproval
-
-Namespace: microsoft.graph
---
-Retrieve the properties and relationships of privilegedapproval object.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedApproval/{id}
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and [privilegedApproval](../resources/privilegedapproval.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedapproval_1"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedApproval/{id}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedApproval"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "approvalType": "approvalType-value",
- "approvalState": "approvalState-value",
- "approvalDuration": "datetime-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Get privilegedApproval",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedapproval List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-list.md
- Title: "List privilegedApproval"
-description: "Retrieve a list of privilegedapproval objects."
-doc_type: apiPageType
---
-# List privilegedApproval
-
-Namespace: microsoft.graph
---
-Retrieve a list of privilegedapproval objects.
-
-To filter the results from the query, use the standard OData ``$filter`` expressions in the URIs.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedApproval
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [privilegedApproval](../resources/privilegedapproval.md) objects in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedapproval_2"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedApproval
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedApproval",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "approvalType": "approvalType-value",
- "approvalState": "approvalState-value",
- "approvalDuration": "datetime-value"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List privilegedApproval",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedapproval Myrequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-myrequests.md
- Title: "privilegedApproval: myRequests"
-description: "Get the requestor's approval requests."
-doc_type: apiPageType
---
-# privilegedApproval: myRequests
-
-Namespace: microsoft.graph
---
-Get the requestor's approval requests.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedApproval/myRequests
-
-```
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-
-## Response
-
-If successful, this method returns `200 OK` response code and [privilegedApproval](../resources/privilegedapproval.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-
-## Example
-Here is an example of how to call this API.
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "privilegedapproval_myrequests"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedApproval/myRequests
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedApproval"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "approvalType": "approvalType-value",
- "approvalState": "approvalState-value",
- "approvalDuration": "datetime-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedApproval: myRequests",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedapproval Post Privilegedapproval https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-post-privilegedapproval.md
- Title: "Create privilegedApproval"
-description: "Use this API to create a new privilegedApproval."
-doc_type: apiPageType
---
-# Create privilegedApproval
-
-Namespace: microsoft.graph
---
-Use this API to create a new privilegedApproval.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedApproval
-
-```
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply a JSON representation of [privilegedApproval](../resources/privilegedapproval.md) object.
-
-## Response
-
-If successful, this method returns `201 Created` response code and [privilegedApproval](../resources/privilegedapproval.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_privilegedapproval_from_privilegedapproval"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedApproval
-Content-type: application/json
-
-{
- "userId": "userId-value",
- "roleId": "roleId-value",
- "approvalType": "approvalType-value",
- "approvalState": "approvalState-value",
- "approvalDuration": "datetime-value"
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-In the request body, supply a JSON representation of [privilegedApproval](../resources/privilegedapproval.md) object.
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedApproval"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "approvalType": "approvalType-value",
- "approvalState": "approvalState-value",
- "approvalDuration": "datetime-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Create privilegedApproval",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedapproval Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-update.md
- Title: "Update privilegedapproval"
-description: "Update the properties of privilegedapproval object."
-doc_type: apiPageType
---
-# Update privilegedapproval
-
-Namespace: microsoft.graph
---
-Update the properties of privilegedapproval object.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-PATCH /privilegedApproval/{id}
-```
-## Optional request headers
-| Name | Description|
-|:--|:--|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply the values for relevant fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't changed.
-
-| Property | Type |Description|
-|:|:--|:-|
-|approvalDuration|Duration||
-|approvalState|string| Possible values are: `pending`, `approved`, `denied`, `aborted`, `canceled`.|
-|approvalType|String||
-|approverReason|String||
-|endDateTime|DateTimeOffset||
-|requestorReason|String||
-|roleId|String||
-|startDateTime|DateTimeOffset||
-|userId|String||
-
-## Response
-
-If successful, this method returns a `204 No Content` response code
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "update_privilegedapproval"
-}-->
-```http
-PATCH https://graph.microsoft.com/beta/privilegedApproval/{requestId}
-Content-type: application/json
-
-{
- "approvalState": "approvalState-value",
- "approverReason": "approverReason-value"
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response"
-} -->
-```http
-HTTP/1.1 204 No Content
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Update privilegedapproval",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Privilegedoperationevent List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedoperationevent-list.md
- Title: "List privilegedOperationEvents"
-description: "Retrieve audit events generated by PIM for role operations."
-doc_type: apiPageType
---
-# List privilegedOperationEvents
-
-Namespace: microsoft.graph
---
-Retrieve a list of [privilegedOperationEvent](../resources/privilegedoperationevent.md) objects, which represent the audit events that are generated by Privileged Identity Management for the role operations. For the details about the audit event, refer [privilegedOperationEvent](../resources/privilegedoperationevent.md). To filter the query results, use the standard OData ``$filter`` expression.
--
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have one of the following roles: _Privileged Role Administrator_, _Global Administrator_, _Security Administrator_, or _Security Reader_.
-
-
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedOperationEvents
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [privilegedOperationEvent](../resources/privilegedoperationevent.md) objects in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Examples
-
-### Get audit events for role assignment operations
-##### Request
-The following example shows a request to get the audit events for the role assignment operations. In this case, ``requestType`` value is ``Assign``.
-
-<!-- { "blockType": "request" } -->
-```http
-GET https://graph.microsoft.com/beta/privilegedOperationEvents?$filter=requestType%20eq%20'Assign'
-```
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedOperationEvent",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "201707240003469369",
- "userId": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f80",
- "userName": "admin1",
- "userMail": "admin1@contoso.onmicrosoft.com",
- "roleId": "9360feb5-f418-4baa-8175-e2a00bac4301",
- "roleName": "Directory Writers",
- "expirationDateTime": "0001-01-01T00:00:00Z",
- "creationDateTime": "2017-07-24T18:32:38.7589078Z",
- "requestorId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "requestorName": "admin",
- "tenantId": "ef73ae8b-cc96-4325-9bd1-dc82594b0b40",
- "requestType": "Assign",
- "additionalInformation": null,
- "referenceKey": null,
- "referenceSystem": null
- },
- {
- "id": "201707240003469372",
- "userId": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f80",
- "userName": "admin",
- "userMail": "admin1@contoso.onmicrosoft.com",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "roleName": "Guest Inviter",
- "expirationDateTime": "0001-01-01T00:00:00Z",
- "creationDateTime": "2017-07-24T18:33:00.7607701Z",
- "requestorId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "requestorName": "admin",
- "tenantId": "ef73ae8b-cc96-4325-9bd1-dc82594b0b40",
- "requestType": "Assign",
- "additionalInformation": null,
- "referenceKey": null,
- "referenceSystem": null
- }
- ]
-}
-```
-### Get audit events for the operations of self role activation and makePermanent
-##### Request
-The following example shows a request to get the audit events for the operations of self role activation and makePermanent. In this case, ``requestType`` value is ``Activate``.
-
-<!-- { "blockType": "request" } -->
-```http
-GET https://graph.microsoft.com/beta/privilegedOperationEvents?$filter=requestType%20eq%20'Activate'
-```
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedOperationEvent",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "201707240003469811",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "userName": "admin1",
- "userMail": "admin1@contoso.onmicrosoft.com",
- "roleId": "44367163-eba1-44c3-98af-f5787879f96a",
- "roleName": "CRM Service Administrator",
- "expirationDateTime": "0001-01-01T00:00:00Z",
- "creationDateTime": "2017-07-24T23:34:41.9661094Z",
- "requestorId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "requestorName": "admin1",
- "tenantId": "ef73ae8b-cc96-4325-9bd1-dc82594b0b40",
- "requestType": "Activate",
- "additionalInformation": "Make permanent admin",
- "referenceKey": null,
- "referenceSystem": null
- },
- {
- "id": "201707240003469814",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "userName": "admin1",
- "userMail": "admin1@contoso.onmicrosoft.com",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "roleName": "Guest Inviter",
- "expirationDateTime": "2017-07-25T00:37:07.3402169Z",
- "creationDateTime": "2017-07-24T23:37:08.0052112Z",
- "requestorId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "requestorName": "admin1",
- "tenantId": "ef73ae8b-cc96-4325-9bd1-dc82594b0b40",
- "requestType": "Activate",
- "additionalInformation": "self activate",
- "referenceKey": "",
- "referenceSystem": ""
- }
- ]
-}
-```
-
-### Get audit events for role assignment deactivation
-##### Request
-The following example shows a request to get the audit events for role assignment deactivation. In this case, ``requestType`` value is ``Deactivate``.
-
-<!-- { "blockType": "request" } -->
-```http
-GET https://graph.microsoft.com/beta/privilegedOperationEvents?$filter=requestType%20eq%20'Deactivate'
-```
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedOperationEvent",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "201707240003469375",
- "userId": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f80",
- "userName": "admin1",
- "userMail": "admin1@contoso.onmicrosoft.com",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "roleName": "Guest Inviter",
- "expirationDateTime": "0001-01-01T00:00:00Z",
- "creationDateTime": "2017-07-24T18:33:28.3408971Z",
- "requestorId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "requestorName": "admin1",
- "tenantId": "ef73ae8b-cc96-4325-9bd1-dc82594b0b40",
- "requestType": "Deactivate",
- "additionalInformation": "Make eligible admin",
- "referenceKey": null,
- "referenceSystem": null
- }
- ]
-}
-```
-### Get audit events created in a time range
-##### Request
-The following example shows a request to get the audit events created in a time range.
-
-<!-- { "blockType": "request" } -->
-```http
-GET https://graph.microsoft.com/beta/privilegedOperationEvents?$filter=(creationDateTime%20ge%202017-06-25T07:00:00Z)%20and%20(creationDateTime%20le%202017-07-25T17:30:17Z)&$count=true&$orderby=creationDateTime%20desc
-```
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedOperationEvent",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#privilegedOperationEvents",
- "@odata.count": 2,
- "value": [
- {
- "id": "201707250003471056",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "userName": "admin",
- "userMail": "admin@contoso.onmicrosoft.com",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "roleName": "Guest Inviter",
- "expirationDateTime": "2017-07-25T17:38:49.5640383Z",
- "creationDateTime": "2017-07-25T16:38:50.3681771Z",
- "requestorId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "requestorName": "admin",
- "tenantId": "ef73ae8b-cc96-4325-9bd1-dc82594b0b40",
- "requestType": "Activate",
- "additionalInformation": "activate test",
- "referenceKey": "",
- "referenceSystem": ""
- },
- {
- "id": "201707250003469896",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "userName": "admin",
- "userMail": "admin@contoso.onmicrosoft.com",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "roleName": "Guest Inviter",
- "expirationDateTime": "0001-01-01T00:00:00Z",
- "creationDateTime": "2017-07-25T00:37:08.6172407Z",
- "requestorId": "6b61baec-bb80-4a8a-b8bd-fa5ba1f12386",
- "requestorName": "Azure AD PIM",
- "tenantId": "ef73ae8b-cc96-4325-9bd1-dc82594b0b40",
- "requestType": "Deactivate",
- "additionalInformation": "Expired",
- "referenceKey": "",
- "referenceSystem": ""
- }
- ]
-}
-```
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List privilegedOperationEvents",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>
v1.0 Privilegedrole Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-get.md
- Title: "Get privilegedRole"
-description: "Retrieve the properties and relationships of privilegedRole object. "
-doc_type: apiPageType
---
-# Get privilegedRole
-
-Namespace: microsoft.graph
---
-Retrieve the properties and relationships of [privilegedRole](../resources/privilegedrole.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have one of the following roles: _Privileged Role Administrator_, _Global Administrator_, _Security Administrator_, or _Security Reader_.
-
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoles/{id}
-GET /privilegedRoleAssignments/{id}/roleInfo
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and [privilegedRole](../resources/privilegedrole.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedrole"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoles/{id}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRole"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "name": "name-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Get privilegedRole",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedrole List Assignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-list-assignments.md
- Title: "List assignments"
-description: "Retrieve a list of privilegedRoleAssignment objects that are associated with the role. Each privilegedRoleAssignment represents a role assignment to a user."
-doc_type: apiPageType
---
-# List assignments
-
-Namespace: microsoft.graph
---
-Retrieve a list of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) objects that are associated with the role. Each [privilegedRoleAssignment](../resources/privilegedroleassignment.md) represents a role assignment to a user.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have one of the following roles: _Privileged Role Administrator_, _Global Administrator_, _Security Administrator_, or _Security Reader_.
-
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoles/{id}/assignments
-```
-
-Note that ``{id}`` is the target role id.
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) objects in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_assignments_forrole"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoles/{id}/assignments
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List assignments",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedrole List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-list.md
- Title: "List privilegedRoles"
-description: "Retrieve a list of privilegedRole objects."
-doc_type: apiPageType
---
-# List privilegedRoles
-
-Namespace: microsoft.graph
---
-Retrieve a list of [privilegedRole](../resources/privilegedrole.md) objects.
-
-To filter the results from the query, use the standard OData ``$filter`` expressions in the URIs.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have one of the following roles: _Privileged Role Administrator_, _Global Administrator_, _Security Administrator_, or _Security Reader_.
-
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoles
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [privilegedRole](../resources/privilegedrole.md) objects in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedroles"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoles
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRole",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "id-value",
- "name": "name-value"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List privilegedRoles",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedrole Selfactivate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-selfactivate.md
- Title: "privilegedRole: selfActivate"
-description: "Activate the role that is assigned to the requester."
-doc_type: apiPageType
---
-# privilegedRole: selfActivate
-
-Namespace: microsoft.graph
---
-Activate the role that is assigned to the requester.
-
->**Note:** Effective December 2018, this API will no longer be supported and should not be used. Use the [Create PrivilegedRoleAssignmentRequest](privilegedroleassignmentrequest-post.md) instead.
--
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor can only call ```selfActivate``` for the role that is assigned to him.
-
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoles/{id}/selfActivate
-```
-
-Note that ``{id}`` is the target role ID.
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, provide a JSON object with the following parameters.
-
-| Parameter | Type |Description|
-|:|:--|:-|
-|reason|string|Optional. Description about the reason for this role activation.|
-|duration|string|Optional. Valid values could be ```min``` (minimal activation duration), ```default``` (default activation duration for the role), or a double value to specify how many hours is the activation. The specified duration cannot be longer than the role's activation duration from the role setting. |
-|ticketNumber|string|Optional. The ticket number that is used to tracking this role activation.|
-|ticketSystem|string|Optional. The ticket system.|
-
-## Response
-
-If successful, this method returns a `200 OK` response code and a [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-The following example shows how to call this API.
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "privilegedrole_selfactivate"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedRoles/{id}/selfActivate
-Content-type: application/json
-
-{
- "reason": "reason-value",
- "duration": "duration-value",
- "ticketNumber": "ticketNumber-value",
- "ticketSystem": "ticketSystem-value"
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response.
-
->**Note:** The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRole: selfActivate",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedrole Selfdeactivate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-selfdeactivate.md
- Title: "privilegedRole: selfDeactivate"
-description: "Deactivate the role that is assigned to the requestor."
-doc_type: apiPageType
---
-# privilegedRole: selfDeactivate
-
-Namespace: microsoft.graph
---
-Deactivate the role that is assigned to the requestor.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor can only call ```selfDeactivate``` for the role that is assigned to him.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoles/{id}/selfDeactivate
-```
-
-Note that ``{id}`` is the target role id.
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns `200 OK` response code and [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-Here is an example of how to call this API.
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "privilegedrole_selfdeactivate"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedRoles/{id}/selfDeactivate
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRole: selfDeactivate",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-delete.md
- Title: "Delete privilegedRoleAssignment"
-description: "Delete privilegedRoleAssignment."
-doc_type: apiPageType
---
-# Delete privilegedRoleAssignment
-
-Namespace: microsoft.graph
---
-Delete [privilegedRoleAssignment](../resources/privilegedroleassignment.md).
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have _Privileged Role Administrator_ role.
-
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-DELETE /privilegedRoleAssignments/{id}
-```
-
-Note that ``{id}`` is in the format of 'userId_roleId', where userId is the GUID string for Azure AD user id, and roleId is the GUID string for Azure administrator role id.
-
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "delete_privilegedroleassignment"
-}-->
-```http
-DELETE https://graph.microsoft.com/beta/privilegedRoleAssignments/{id}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true
-} -->
-```http
-HTTP/1.1 204 No Content
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Delete privilegedRoleAssignment",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-get.md
- Title: "Get privilegedRoleAssignment"
-description: "Retrieve the properties and relationships of privilegedRoleAssignment object."
-doc_type: apiPageType
---
-# Get privilegedRoleAssignment
-
-Namespace: microsoft.graph
---
-Retrieve the properties and relationships of privilegedRoleAssignment object.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have one of the following roles: _Privileged Role Administrator_, _Global Administrator_, _Security Administrator_, or _Security Reader_.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoleAssignments/{id}
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedroleassignment"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignments/{id}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Get privilegedRoleAssignment",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedroleassignment List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-list.md
- Title: "List privilegedRoleAssignments"
-description: "Retrieve a list of privilegedRoleAssignment objects, which correspond to all role assignments for the organization."
-doc_type: apiPageType
---
-# List privilegedRoleAssignments
-
-Namespace: microsoft.graph
---
-Retrieve a list of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) objects, which correspond to all role assignments for the organization.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have one of the following roles: _Privileged Role Administrator_, _Global Administrator_, _Security Administrator_, or _Security Reader_.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoleAssignments
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) objects in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Examples
-### Get all role assignments
-##### Request
-The following example shows a request to get all role assignments:
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedroleassignments_1"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignments
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
- }
- ]
-}
-```
-### Get active role assignments
-##### Request
-The following example shows a request to query active role assignments:
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedroleassignments_2"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignments?$filter=isElevated%20eq%20true
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "0f693614-c255-4cf5-92fa-74e770c656d8_62e90394-69f5-4237-9190-012177145e10",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "roleId": "62e90394-69f5-4237-9190-012177145e10",
- "isElevated": true,
- "expirationDateTime": null,
- "resultMessage": null
- },
- {
- "id": "0f693614-c255-4cf5-92fa-74e770c656d8_95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "isElevated": true,
- "expirationDateTime": "2017-07-25T17:38:49.563Z",
- "resultMessage": null
- }
- ]
-}
-```
-### Get permanent role assignments
-##### Request
-The following example shows a request to query permanent role assignments, where ``expirationDateTime`` value is ``null``:
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedroleassignments_3"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignments?$filter=isElevated%20eq%20true%20and%20expirationDateTime%20eq%20null
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "0f693614-c255-4cf5-92fa-74e770c656d8_194ae4cb-b126-40b2-bd5b-6091b380977d",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "roleId": "194ae4cb-b126-40b2-bd5b-6091b380977d",
- "isElevated": true,
- "expirationDateTime": null,
- "resultMessage": null
- },
- {
- "id": "0f693614-c255-4cf5-92fa-74e770c656d8_44367163-eba1-44c3-98af-f5787879f96a",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "roleId": "44367163-eba1-44c3-98af-f5787879f96a",
- "isElevated": true,
- "expirationDateTime": null,
- "resultMessage": null
- }
- ]
-}
-```
-### Get eligible role assignments
-##### Request
-The following example shows a request to query eligible role assignments, including the active and non-active ones:
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedroleassignments_4"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignments?$filter=isElevated%20eq%20true%20and%20expirationDateTime%20ne%20null%20or%20isElevated%20eq%20false
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-The following example shows the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "0f693614-c255-4cf5-92fa-74e770c656d8_95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "userId": "0f693614-c255-4cf5-92fa-74e770c656d8",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "isElevated": true,
- "expirationDateTime": "2017-07-25T18:42:26.823Z",
- "resultMessage": null
- },
- {
- "id": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f81_194ae4cb-b126-40b2-bd5b-6091b380977d",
- "userId": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f81",
- "roleId": "194ae4cb-b126-40b2-bd5b-6091b380977d",
- "isElevated": false,
- "expirationDateTime": null,
- "resultMessage": null
- },
- {
- "id": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f81_9360feb5-f418-4baa-8175-e2a00bac4301",
- "userId": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f81",
- "roleId": "9360feb5-f418-4baa-8175-e2a00bac4301",
- "isElevated": false,
- "expirationDateTime": null,
- "resultMessage": null
- },
- {
- "id": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f81_95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "userId": "2cf9eef8-bc67-4aa4-bb65-75cc9e5c3f81",
- "roleId": "95e79109-95c0-4d8e-aee3-d01accf2d47b",
- "isElevated": false,
- "expirationDateTime": null,
- "resultMessage": null
- }
- ]
-}
-```
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List privilegedRoleAssignments",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedroleassignment Makeeligible https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-makeeligible.md
- Title: "privilegedRoleAssignment: makeEligible"
-description: "Make the role assignment eligible."
-doc_type: apiPageType
---
-# privilegedRoleAssignment: makeEligible
-
-Namespace: microsoft.graph
---
-Make the role assignment eligible. If the role assignment is already eligible before the call, it does nothing. If the role assignment is permanent and the requestor is different from the target user, the role assignment will become eligible and the role will be deactivated for the target user. If the requestor is the target user and the role is Security Administrator or Privileged Role Administrator, the role will be activated with the default expiration.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have _Privileged Role Administrator_ role.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoleAssignments/{id}/makeEligible
-```
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns `200 OK` response code and [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-Here is an example of how to call this API.
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "privilegedroleassignment_makeeligible"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedRoleAssignments/{id}/makeEligible
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleAssignment: makeEligible",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignment Makepermanent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-makepermanent.md
- Title: "privilegedRoleAssignment: makePermanent"
-description: "Make the role assignment permanent."
-doc_type: apiPageType
---
-# privilegedRoleAssignment: makePermanent
-
-Namespace: microsoft.graph
---
-Make the role assignment permanent.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The tenant needs to be registered to PIM. Otherwise, HTTP 403 Forbidden error will be returned.
-
-The requestor needs to have _Privileged Role Administrator_ role.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoleAssignments/{id}/makePermanent
-```
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, provide a JSON object with the following parameters.
-
-| Parameter | Type |Description|
-|:|:--|:-|
-|reason|string|Optional. The reason to make this call.|
-|ticketNumber|string|Optional. The ticket number that is associated with this action.|
-|ticketSystem|string|Optional. The ticket system.|
-
-## Response
-
-If successful, this method returns `200 OK` response code and [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object in the response body.
-
-## Example
-Here is an example of how to call this API.
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "privilegedroleassignment_makepermanent"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedRoleAssignments/{id}/makePermanent
-Content-type: application/json
-
-{
- "reason": "reason-value",
- "ticketNumber": "ticketNumber-value",
- "ticketSystem": "ticketSystem-value"
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleAssignment: makePermanent",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignment My https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-my.md
- Title: "privilegedRoleAssignment: my"
-description: "Get the requestor's privileged role assignments."
-doc_type: apiPageType
---
-# privilegedRoleAssignment: my
-
-Namespace: microsoft.graph
---
-Get the requestor's privileged role assignments.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoleAssignments/my
-```
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns `200 OK` response code and [privilegedRoleAssignment](../resources/privilegedroleassignment.md) collection object in the response body.
-
-## Example
-Here is an example of how to call this API.
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "privilegedroleassignment_my"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignments/my
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleAssignment: my",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignment Post Privilegedroleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-post-privilegedroleassignments.md
- Title: "Create privilegedRoleAssignment"
-description: "Use this API to create a new privilegedRoleAssignment."
-doc_type: apiPageType
---
-# Create privilegedRoleAssignment
-
-Namespace: microsoft.graph
---
-Use this API to create a new [privilegedRoleAssignment](../resources/privilegedroleassignment.md).
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have _Privileged Role Administrator_ role.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoleAssignments
-```
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply a JSON representation of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object.
-
-## Response
-
-If successful, this method returns `201 Created` response code and [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_privilegedroleassignment_from_privilegedroleassignments"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedRoleAssignments
-Content-type: application/json
-
-{
- "userId": "userId-value",
- "roleId": "roleId-value"
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-In the request body, supply a JSON representation of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) object.
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignment"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "id": "id-value",
- "userId": "userId-value",
- "roleId": "roleId-value",
- "isElevated": true,
- "expirationDateTime": "2016-10-19T10:37:00Z",
- "resultMessage": "resultMessage-value"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Create privilegedRoleAssignment",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignmentrequest Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-cancel.md
- Title: "Cancel privilegedRoleAssignmentRequest"
-description: "Cancel a privilegedRoleAssignmentRequest."
-doc_type: apiPageType
---
-# Cancel privilegedRoleAssignmentRequest
-
-Namespace: microsoft.graph
---
-Cancel a [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md).
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
--
-### HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoleAssignmentRequests/{requestid}/cancel
-```
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 Ok` response code. It returns [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md) in the response body.
-
-### Error codes
-This API returns the standard HTTP error codes. In addition, it returns the custom error codes listed in the following table.
-
-|Error code | Error message |
-|:--| :|
-| 400 BadRequest | RequestId cannot be Null. |
-| 400 BadRequest | Request with request ID not found. |
-| 400 BadRequest | Cancellation can be done only on status Scheduled and PendingApproval. |
-| 403 UnAuthorized | Requester not allowed to make Cancel call or request not found. |
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "cancel_privilegedRoleAssignmentRequests"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedRoleAssignmentRequests/7c53453e-d5a4-41e0-8eb1-32d5ec8bfdee/cancel
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-<!-- {
- "blockType": "response",
- "truncated": false,
- "@odata.type": "microsoft.graph.privilegedRoleAssignmentRequest"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#privilegedRoleAssignmentRequests/$entity",
- "schedule": {
- "type": "activation",
- "startDateTime": "2018-02-08T02:35:17.903Z",
- "endDateTime": null,
- "duration" : null
- },
- "id": "bcfb11e3-fc0d-49ea-b3d5-7d60a48e5043",
- "evaluateOnly": false,
- "type": "UserAdd",
- "assignmentState": "Active",
- "requestedDateTime": "2018-02-08T02:35:42.9137335Z",
- "status": "Cancelling",
- "duration": "2",
- "reason": "Activate the role for business purpose",
- "ticketNumber": "234",
- "ticketSystem": "system",
- "userId": "Self",
- "roleId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Cancel privilegedRoleAssignmentRequests",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignmentrequest List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-list.md
- Title: "List privilegedRoleAssignmentRequests"
-description: "Retrieve a collection of privilegedRoleAssignmentRequest. "
-doc_type: apiPageType
---
-# List privilegedRoleAssignmentRequests
-
-Namespace: microsoft.graph
---
-Retrieve a collection of [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md).
-
-**Note:** This requester must have at least one role assignment on the resource.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD, Directory.Read.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoleAssignmentRequests
-```
-
-## Optional query parameters
-This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns a `200 OK` response code and a collection of [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md) objects in the response body.
-
-## Example
-##### Request
-The following is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedroleassignmentrequest"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignmentRequests
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-The following is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignmentRequest",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "@odata.context":"https://https://graph.microsoft.com/beta/$metadata#privilegedRoleAssignmentRequests",
- "value":[
- {
- "schedule":{
- "type":"activation","startDateTime":"2018-02-07T22:55:00Z","endDateTime":null,"duration" : null
- },"id":"03ea0c3d-90a0-42d4-b220-11c049c506fb","userId": "Self","roleId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b","type":"UserAdd","assignmentState":"Active","requestedDateTime":"2018-02-07T22:17:37.2215343Z","status":"ApprovalAborted","duration":"1","reason":"Activate for testing","ticketNumber":"222","ticketSystem":"222"
- },{
- "schedule":{
- "type":"assignment","startDateTime":"2018-01-23T02:43:15.258242Z","endDateTime":null,"duration" : null
- },"id":"fe4450bb-6d28-4583-8fc4-25b0ea91daf5","userId": "Self","roleId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b","type":"UserAdd","assignmentState":"Active","requestedDateTime":"2018-01-23T02:42:55.628338Z","status":"Completed","duration":"1","reason":"asdf","ticketNumber":null,"ticketSystem":null
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List privilegedRoleAssignmentRequest",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignmentrequest My https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-my.md
- Title: "privilegedRoleAssignmentRequest: my"
-description: "Get the requester's privileged role assignment requests."
-doc_type: apiPageType
---
-# privilegedRoleAssignmentRequest: my
-
-Namespace: microsoft.graph
---
-Get the requester's privileged role assignment requests.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD, Directory.Read.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoleAssignmentRequests/my
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-If successful, this method returns `200 OK` response code and [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md) collection object in the response body.
-
-## Example
-##### Request
-The following is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "privilegedroleassignmentrequest_my)"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoleAssignmentRequests/my
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
---
-##### Response
-The following is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignmentRequest"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#privilegedRoleAssignmentRequests",
- "@odata.count": 4,
- "value": [{
- "schedule": {
- "type": "activation",
- "startDateTime": "2018-02-08T02:35:17.903Z",
- "endDateTime": null,
- "duration" : null
- },
- "id": "e13ef8a0-c1cb-4d03-aaae-9cd1c8ede2d1",
- "userId": "Self",
- "roleId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
- "type": "UserAdd",
- "assignmentState": "Active",
- "requestedDateTime": "2018-02-08T02:35:42.9137335Z",
- "status": "RequestedApproval",
- "duration": "2",
- "reason": "Activate the role for business purpose",
- "ticketNumber": "234",
- "ticketSystem": "system",
- "roleInfo": {
- "id": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
- "name": "Directory Readers"
- }
- }, {
- "schedule": {
- "type": "activation",
- "startDateTime": "2018-02-07T22:55:00Z",
- "endDateTime": null,
- "duration" : null
- },
- "id": "03ea0c3d-90a0-42d4-b220-11c049c506fb",
- "userId": "Self",
- "roleId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
- "type": "UserAdd",
- "assignmentState": "Active",
- "requestedDateTime": "2018-02-07T22:17:37.2215343Z",
- "status": "ApprovalAborted",
- "duration": "1",
- "reason": "Activate for testing",
- "ticketNumber": "222",
- "ticketSystem": "222",
- "roleInfo": {
- "id": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
- "name": "Directory Readers"
- }
- }]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleAssignmentRequest: my",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedroleassignmentrequest Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-post.md
- Title: "Create privilegedRoleAssignmentRequest"
-description: "Create a privilegedroleassignmentrequest object."
-doc_type: apiPageType
---
-# Create privilegedRoleAssignmentRequest
-
-Namespace: microsoft.graph
---
-Create a [privilegedroleassignmentrequest](../resources/privilegedroleassignmentrequest.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /privilegedRoleAssignmentRequests
-```
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply a JSON representation of [privilegedroleassignmentrequest](../resources/privilegedroleassignmentrequest.md) object.
-
-| Property | Type | Description|
-|:|:--|:-|
-|roleId|String|The ID of the role. Required.|
-|type|String|Represents the type of the operation on the role assignment. The value can be `AdminAdd`: Administrators add users to roles;`UserAdd`: Users add role assignments. Required.|
-|assignmentState|String|The state of the assignment. The value can be `Eligible` for eligible assignment `Active` - if it is directly assigned `Active` by administrators, or activated on an eligible assignment by the users. Possible values are: ``NotStarted``, `Completed`, `RequestedApproval`, `Scheduled`, `Approved`, `ApprovalDenied`, `ApprovalAborted`, `Cancelling`, `Cancelled`, `Revoked`, `RequestExpired`. Required.|
-|reason|String|The reason needs to be provided for the role assignment request for audit and review purpose.|
-|schedule|[governanceSchedule](../resources/governanceschedule.md)|The schedule of the role assignment request.|
-
-## Response
-If successful, this method returns a `201 Created` response code and a [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md) object in the response body.
-
-### Error codes
-This API returns that standard HTTP error codes. In addition, it can return the error codes listed in the following table.
-
-|Error code | Error message |
-|:--| :|
-| 400 BadRequest | RoleAssignmentRequest property was NULL |
-| 400 BadRequest | Unable to deserialize roleAssignmentRequest Object. |
-| 400 BadRequest | RoleId is required. |
-| 400 BadRequest | Schedule start date must be specified and should be greater than Now. |
-| 400 BadRequest | A schedule already exists for this user, role and schedule type. |
-| 400 BadRequest | A pending approval already exists for this user, role and approval type. |
-| 400 BadRequest | Requestor reason is missing. |
-| 400 BadRequest | Requestor reason should be less than 500 characters. |
-| 400 BadRequest | Elevation duration must be between 0.5 and {from setting}. |
-| 400 BadRequest | There is a overlap between scheduled activation and the request. |
-| 400 BadRequest | The role is already activated. |
-| 400 BadRequest | GenericElevateUserToRoleAssignments: Tickting information is required and not supplied in the activation process. |
-| 400 BadRequest | There is a overlap between scheduled activation and the request. |
-| 403 UnAuthorized | Elevation requires Multi-Factor Authentication. |
-| 403 UnAuthorized | On behalf of elevation is not allowed. |
-
-## Example
-##### Request
-The following is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "post_privilegedroleassignmentrequest"
-}-->
-```http
-POST https://graph.microsoft.com/beta/privilegedRoleAssignmentRequests
-Content-type: application/json
-
-{
- "duration": "2",
- "reason": "Activate the role for business purpose",
- "ticketNumber": "234",
- "ticketSystem": "system",
- "schedule": {
- "startDateTime": "2018-02-08T02:35:17.903Z"
- },
- "type": "UserAdd",
- "assignmentState": "Active",
- "roleId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-The following is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleAssignmentRequest"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
--
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#privilegedRoleAssignmentRequests/$entity",
- "schedule": {
- "type": "activation",
- "startDateTime": "2018-02-08T02:35:17.903Z",
- "endDateTime": null,
- "duration" : null
- },
- "id": "e13ef8a0-c1cb-4d03-aaae-9cd1c8ede2d1",
- "type": "UserAdd",
- "assignmentState": "Active",
- "requestedDateTime": "2018-02-08T02:35:42.9137335Z",
- "status": "NotStarted",
- "duration": "2",
- "reason": "Activate the role for business purpose",
- "ticketNumber": "234",
- "ticketSystem": "system",
- "userId": "Self",
- "roleId": "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Post privilegedRoleAssignmentRequest",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedrolesettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrolesettings-get.md
- Title: "Get privilegedRoleSettings"
-description: "Retrieve the role settings for the given role. A privilegedRoleSettings object will be returned."
-doc_type: apiPageType
---
-# Get privilegedRoleSettings
-
-Namespace: microsoft.graph
---
-Retrieve the role settings for the given role. A [privilegedRoleSettings](../resources/privilegedrolesettings.md) object will be returned.
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-The requestor needs to have one of the following roles: _Privileged Role Administrator_, _Global Administrator_, _Security Administrator_, or _Security Reader_.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoles/{id}/settings
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and [privilegedRoleSettings](../resources/privilegedrolesettings.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedrolesettings"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoles/{id}/settings
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleSettings"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "minElevationDuration": "2016-10-19T10:37:00Z",
- "maxElavationDuration": "2016-10-19T10:37:00Z",
- "elevationDuration": "2016-10-19T10:37:00Z",
- "id": "id-value",
- "notificationToUserOnElevation": true,
- "ticketingInfoOnElevation": true
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Get privilegedRoleSettings",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Privilegedrolesettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrolesettings-update.md
- Title: "Update privilegedRoleSettings"
-description: "Update the role settings for the given role setting. A privilegedRoleSettings object will be returned."
-doc_type: apiPageType
---
-# Update privilegedRoleSettings
-
-Namespace: microsoft.graph
--
-Update the role settings for the given role setting. A [privilegedRoleSettings](../resources/privilegedrolesettings.md) object will be returned.
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
->**Note:** The requester must have the Privileged Role Administrator role to update role settings.
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-PUT /privilegedRoles/{id}/settings
-```
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply a JSON representation of a [privilegedRoleSettings](../resources/privilegedrolesettings.md) object.
-
-The following table lists the properties that you can supply when you update a role setting.
-
-|Property|Type|Description|
-|:|:--|:-|
-|elevationDuration|duration|The duration when the role is activated. Required.|
-|id|string|The unique identifier for the role settings. Read-only. Required.|
-|isMfaOnElevationConfigurable|boolean|**true** if mfaOnElevation is configurable. **false** if mfaOnElevation is not configurable. Required.|
-|lastGlobalAdmin|Boolean|For internal use only.|
-|maxElavationDuration|duration|Maximum duration for the activated role. Required.|
-|mfaOnElevation|Boolean|**true** if MFA is required to activate the role. **false** if MFA is not required to activate the role. Required.|
-|minElevationDuration|duration|Minimum duration for the activated role. Required.|
-|notificationToUserOnElevation|Boolean|**true** if send notification to the end user when the role is activated. **false** if do not send notification when the role is activated. Required.|
-|ticketingInfoOnElevation|Boolean|**true** if the ticketing information is required when activate the role. **false** if the ticketing information is not required when activate the role. Required.|
-|approvalOnElevation|Boolean|**true** if the approval is required when activate the role. **false** if the approval is not required when activate the role. Required.|
-|approverIds|string collection|List of Approval IDs, if approval is required for activation.|
-
-## Response
-
-If successful, this method returns a `204 No Content` response code.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "put_privilegedrolesettings"
-}-->
-```http
-PUT https://graph.microsoft.com/beta/privilegedRoles/{id}/settings
-Content-type: application/json
-
-{
- "id": "9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3",
- "elevationDuration": "PT8H",
- "notificationToUserOnElevation": false,
- "ticketingInfoOnElevation": true,
- "mfaOnElevation": false,
- "maxElavationDuration": "PT0S",
- "minElevationDuration": "PT0S",
- "lastGlobalAdmin": false,
- "isMfaOnElevationConfigurable": true,
- "approvalOnElevation": false,
- "approverIds": ["e2b2a2fb-13d7-495c-adc9-941fe966793f", "22770e3f-b9b4-418e-9dea-d0e3d2f275dd"]
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
---
-##### Response
-Here is an example of the response.
-<!-- {
- "blockType": "response",
- "truncated": true
-}-->
-```http
-HTTP/1.1 204 No Content
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Update privilegedRoleSettings",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Privilegedrolesummary Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrolesummary-get.md
- Title: "Get privilegedRoleSummary"
-description: "Retrieve the properties and relationships of privilegedRoleSummary object."
-doc_type: apiPageType
---
-# Get privilegedRoleSummary
-
-Namespace: microsoft.graph
---
-Retrieve the properties and relationships of [privilegedRoleSummary](../resources/privilegedrolesummary.md) object.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /privilegedRoles/{id}?$expand=summary
-```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and [privilegedRoleSummary](../resources/privilegedrolesummary.md) object in the response body.
-
-Note that the tenant needs to be registered to PIM. Otherwise, the HTTP 403 Forbidden status code will be returned.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_privilegedrolesummary"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/privilegedRoles/{id}/summary
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.privilegedRoleSummary"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "id": "id-value",
- "status": "status-value",
- "usersCount": 99,
- "managedCount": 99,
- "elevatedCount": 99,
- "mfaEnabled": true
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Get privilegedRoleSummary",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Profilephoto Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/profilephoto-get.md
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a contact
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Contacts.Read | Contacts.ReadWrite |
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a group
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Group.Read.All | Group.ReadWrite.All |
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a team
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Team.ReadBasic.All | TeamSettings.Read.All, TeamSettings.ReadWrite.All, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a user
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | User.Read | User.ReadBasic.All, User.Read.All, User.ReadWrite, User.ReadWrite.All |
v1.0 Profilephoto Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/profilephoto-update.md
The following tables show the least privileged permission or permissions require
### To update the profile photo of a contact
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Contacts.ReadWrite | Contacts.ReadWrite.Shared |
The following tables show the least privileged permission or permissions require
### To update the profile photo of a group
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Group.ReadWrite.All | Not supported. |
The following tables show the least privileged permission or permissions require
### To update the profile photo of a team
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| | Delegated (work or school account) | TeamSettings.ReadWrite.All | Group.ReadWrite.All*, Directory.ReadWrite.All* |
The following tables show the least privileged permission or permissions require
### To update the profile photo of the signed-in user
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | User.ReadWrite | User.ReadWrite.All |
v1.0 Provisioningobjectsummary List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/provisioningobjectsummary-list.md
Get all provisioning events that occurred in your tenant, such as the deletion o
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Range Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/range-update.md
Content-type: application/json
} ```
-# [C#](#tab/csharp)
- # [Go](#tab/go) [!INCLUDE [sample-code](../includes/snippets/go/update-range-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Rbacapplication List Roleassignmentscheduleinstances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/rbacapplication-list-roleassignmentscheduleinstances.md
GET https://graph.microsoft.com/beta/roleManagement/directory/roleAssignmentSche
[!INCLUDE [sample-code](../includes/snippets/php/list-unifiedroleassignmentscheduleinstance-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Recommendation List Impactedresources https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/recommendation-list-impactedresources.md
The following is an example of a request.
GET https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-471f-a6fb-468c1a847088_Microsoft.Identity.IAM.Insights.TurnOffPerUserMFA/impactedResources ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/directory/recommendations/0cb31920-84b9-471
[!INCLUDE [sample-code](../includes/snippets/javascript/list-impactedresource-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Reportroot Getteamsteamactivitydetail https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-getteamsteamactivitydetail.md
In the request URL, provide the following parameters with a valid value.
| Parameter | Type | Description | | :-- | :-- | : | | period | string | Specifies the length of time over which the report is aggregated. The supported values for {period_value} are: `D7`, `D30`, `D90`, and `D180`. These values follow the format D*n* where *n* represents the number of days over which the report is aggregated. Required. |
-| date | Date | Specifies the date for which you would like to view details about activities across one or more teams. {date_value} must have a format of YYYY-MM-DD. As this report is only available for the past 30 days, {date_value} should be a date from that range. |
-
-> **Note:** You need to set either **period** or **date** in the request URL.
## Optional query parameters
v1.0 Reportroot List Dailyprintusagebyprinter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-dailyprintusagebyprinter.md
If successful, this method returns a `200 OK` response code and a collection of
### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_endpoints_3"
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByPrinter ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Reportroot List Dailyprintusagebyuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-dailyprintusagebyuser.md
If successful, this method returns a `200 OK` response code and a collection of
### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_endpoints_4"
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByUser ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Reportroot List Monthlyprintusagebyprinter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-monthlyprintusagebyprinter.md
If successful, this method returns a `200 OK` response code and a collection of
### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_endpoints_5"
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/monthlyPrintUsageByPrinter ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Reportroot List Monthlyprintusagebyuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-monthlyprintusagebyuser.md
If successful, this method returns a `200 OK` response code and a collection of
### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_endpoints_6"
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/monthlyPrintUsageByUser ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Reports Getgrouparchivedprintjobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reports-getgrouparchivedprintjobs.md
The following example shows how to call this API.
##### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "reports-getgrouparchivedprintjobs",
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/getGroupArchivedPrintJobs(groupId='016b5565-3bbf-4067-b9ff-4d68167eb1a6',startDateTime=2021-05-24,endDateTime=2021-05-25) ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ##### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Reports Getprinterarchivedprintjobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reports-getprinterarchivedprintjobs.md
The following example shows how to call this API.
##### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "reports-getprinterarchivedprintjobs",
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/getPrinterArchivedPrintJobs(printerId='016b5565-3bbf-4067-b9ff-4d68167eb1a6',startDateTime=2021-05-24,endDateTime=2021-05-25) ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ##### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Reports Getuserarchivedprintjobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reports-getuserarchivedprintjobs.md
The following example shows how to call this API.
##### Request The following is an example of the request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "reports-getuserarchivedprintjobs",
The following is an example of the request.
GET https://graph.microsoft.com/beta/print/reports/getUserArchivedPrintJobs(userId='016b5565-3bbf-4067-b9ff-4d68167eb1a6',startDateTime=2021-05-24,endDateTime=2021-05-25) ```
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
--- ##### Response The following is an example of the response. >**Note:** The response object shown here might be shortened for readability.
v1.0 Schemaextension Post Schemaextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schemaextension-post-schemaextensions.md
use the schema extension definition to [create a new group with training course
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All |
v1.0 Schemaextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schemaextension-update.md
This criteria for the **owner** property allows a signed-in user to make updates
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All |
v1.0 Security Ediscoverycase Close https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverycase-close.md
POST https://graph.microsoft.com/security/cases/ediscoveryCases/061b9a92-8926-4b
[!INCLUDE [sample-code](../includes/snippets/php/close-ediscoverycase-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycasesettings Resettodefault https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverycasesettings-resettodefault.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/settings-resettodefault-value-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycustodian Activate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverycustodian-activate.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/{ediscovery
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisactivate-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycustodian Applyhold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverycustodian-applyhold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/start-ediscoverycustodianthisapplyhold-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisapplyhold-single-custodian-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverycustodian Release https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverycustodian-release.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisrelease-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycustodian Removehold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverycustodian-removehold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisremovehold-forids-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisremovehold-single-custodian-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverycustodian Updateindex https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverycustodian-updateindex.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisupdateindex-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverynoncustodialdatasource Applyhold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverynoncustodialdatasource-applyhold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/start-ediscoverynoncustialdatasourceapplyhold-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverynoncustialdatasourceapplyhold-singlenoncustodial-datastore-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverynoncustodialdatasource Release https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverynoncustodialdatasource-release.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/{ediscovery
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverynoncustodialdatasourcethisrelease-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverynoncustodialdatasource Removehold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverynoncustodialdatasource-removehold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/start-ediscoverycustodianthisremovehold-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisremovehold-single-noncustodial-source-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverynoncustodialdatasource Updateindex https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverynoncustodialdatasource-updateindex.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverynoncustodialdatasourcethisupdateindex-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoveryreviewset Addtoreviewset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewset-addtoreviewset.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoveryreviewsetthisaddtoreviewset-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoveryreviewset Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewset-export.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoveryreviewsetthisexport-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoveryreviewsetquery Applytags https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewsetquery-applytags.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoveryreviewsetquerythisapplytags-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoveryreviewsetquery Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewsetquery-export.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoveryreviewsetquerythisexport-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoveryreviewsetquery Run https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewsetquery-run.md
The following is an example of a request.
GET https://graph.microsoft.com/beta/security/cases/ediscoveryCases/58399dff-cebe-478f-b1af-d3227f1fd645/reviewSets/273f11a1-17aa-419c-981d-ff10d33e420f/queries/837335b0-1943-444d-a3d1-5522cc21c5a4/run ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/security/cases/ediscoveryCases/58399dff-ceb
[!INCLUDE [sample-code](../includes/snippets/javascript/ediscoveryreviewsetquerythisrun-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverysearch Estimatestatistics https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverysearch-estimatestatistics.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverysearchthisestimatestatistics-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverysearch Purgedata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoverysearch-purgedata.md
POST https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverysearchthispurgedata-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Incident Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-incident-get.md
GET https://graph.microsoft.com/beta/security/incidents/2972395
[!INCLUDE [sample-code](../includes/snippets/php/get-incident-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Retentioneventtype Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-retentioneventtype-delete.md
DELETE https://graph.microsoft.com/beta/security/triggerTypes/retentionEventType
[!INCLUDE [sample-code](../includes/snippets/php/delete-retentioneventtype-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Retentioneventtype List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-retentioneventtype-list.md
GET https://graph.microsoft.com/beta/security/triggerTypes/retentionEventTypes
[!INCLUDE [sample-code](../includes/snippets/php/list-retentioneventtype-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Security Sensitivitylabel Evaluateapplication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-sensitivitylabel-evaluateapplication.md
User-agent: ContosoLobApp/1.0
[!INCLUDE [sample-code](../includes/snippets/php/sensitivitylabelthisevaluateapplication-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Sensitivitylabel Evaluateremoval https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-sensitivitylabel-evaluateremoval.md
User-agent: ContosoLOBApp/1.0
[!INCLUDE [sample-code](../includes/snippets/php/sensitivitylabelthisevaluateremoval-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Sensitivitylabel Extractcontentlabel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-sensitivitylabel-extractcontentlabel.md
User-agent: ContosoLOBApp/1.0
[!INCLUDE [sample-code](../includes/snippets/php/sensitivitylabelthisextractcontentlabel-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Urlthreatsubmission Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-urlthreatsubmission-get.md
GET https://graph.microsoft.com/beta/security/threatSubmission/urlThreats/49c5ef
[!INCLUDE [sample-code](../includes/snippets/php/get-urlthreatsubmission-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Serviceprincipal Createpasswordsinglesignoncredentials https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-createpasswordsinglesignoncredentials.md
Create single sign-on credentials using a password for a user or group.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All, Directory.ReadWrite.All |
v1.0 Serviceprincipal Delete Claimsmappingpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-delete-claimsmappingpolicies.md
Remove a [claimsMappingPolicy](../resources/claimsmappingpolicy.md) from a [serv
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Delete Homerealmdiscoverypolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-delete-homerealmdiscoverypolicies.md
Remove a [homeRealmDiscoveryPolicy](../resources/homerealmdiscoverypolicy.md) fr
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Deletepasswordsinglesignoncredentials https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-deletepasswordsinglesignoncredentials.md
Delete single sign-on credentials using a password for a user or group.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All, Directory.ReadWrite.All |
v1.0 Serviceprincipal Getpasswordsinglesignoncredentials https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-getpasswordsinglesignoncredentials.md
Get a list of single sign-on credentials using a password for a user or group.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All, Directory.ReadWrite.All |
v1.0 Serviceprincipal List Claimsmappingpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-list-claimsmappingpolicies.md
List the [claimsMappingPolicy](../resources/claimsmappingpolicy.md) objects that
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal List Homerealmdiscoverypolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-list-homerealmdiscoverypolicies.md
List the [homeRealmDiscoveryPolicy](../resources/homerealmdiscoverypolicy.md) ob
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Post Approleassignedto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-post-approleassignedto.md
To grant an app role assignment, you need three identifiers:
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All |
v1.0 Serviceprincipal Post Approleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-post-approleassignments.md
To grant an app role assignment to a client service principal, you need three id
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All |
v1.0 Serviceprincipal Post Claimsmappingpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-post-claimsmappingpolicies.md
Assign a [claimsMappingPolicy](../resources/claimsmappingpolicy.md) to a [servic
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Post Homerealmdiscoverypolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-post-homerealmdiscoverypolicies.md
Assign a [homeRealmDiscoveryPolicy](../resources/homerealmdiscoverypolicy.md) to
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Post Owners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-post-owners.md
Add an owner for the [servicePrincipal](../resources/serviceprincipal.md). Servi
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All, Application.ReadWrite.All and Directory.ReadWrite.All |
v1.0 Serviceprincipal Updatepasswordsinglesignoncredentials https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-updatepasswordsinglesignoncredentials.md
Update single sign-on credentials using a password for a user or group.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All, Directory.ReadWrite.All |
v1.0 Serviceprincipalriskdetection Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipalriskdetection-get.md
GET https://graph.microsoft.com/beta/identityProtection/servicePrincipalRiskDete
[!INCLUDE [sample-code](../includes/snippets/php/get-serviceprincipalriskdetection-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- #### Response
v1.0 Sharepointsettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/sharepointsettings-get.md
+
+ Title: "Get sharepointSettings"
+description: "Get the tenant-level settings for SharePoint and OneDrive."
+
+ms.localizationpriority: medium
++
+# Get settings
+Namespace: microsoft.graph
++
+Get the tenant-level [settings](../resources/sharepointsettings.md) for SharePoint and OneDrive.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|SharePointTenantSettings.Read.All, SharePointTenantSettings.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|SharePointTenantSettings.Read.All, SharePointTenantSettings.ReadWrite.All|
+
+When calling on behalf of a user, the user needs to belong to one of the following admin roles. To learn more about admin roles, see [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles):
+* Global Administrator
+* Global Reader
+* SharePoint Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /admin/sharepoint/settings
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [settings](../resources/sharepointsettings.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_settings_at_tenant_level"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/admin/sharepoint/settings
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.sharepointSettings"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.sharepointSettings",
+ "allowedDomainGuidsForSyncApp": [
+ "bdd1ab9b-3fd0-4def-a761-ec8d7471732c",
+ "ad31vb6b-5zd0-7tyg-m231-kj8d6578432c"
+ ],
+ "availableManagedPathsForSiteCreation": [
+ "/sites/",
+ "/teams/"
+ ],
+ "deletedUserPersonalSiteRetentionPeriodInDays": 344,
+ "excludedFileExtensionsForSyncApp": [
+ ".md",
+ ".git"
+ ],
+ "idleSessionSignOut": {
+ "isEnabled": true,
+ "warnAfterInSeconds": 120,
+ "signOutAfterInSeconds": 300
+ },
+ "imageTaggingOption": "basic",
+ "isCommentingOnSitePagesEnabled": true,
+ "isFileActivityNotificationEnabled": true,
+ "isLegacyAuthProtocolsEnabled": false,
+ "isLoopEnabled": true,
+ "isMacSyncAppEnabled": false,
+ "isRequireAcceptingUserToMatchInvitedUserEnabled": true,
+ "isResharingByExternalUsersEnabled": true,
+ "isSharePointMobileNotificationEnabled": true,
+ "isSharePointNewsfeedEnabled": true,
+ "isSiteCreationEnabled": true,
+ "isSiteCreationUIEnabled": true,
+ "isSitePagesCreationEnabled": true,
+ "isSitesStorageLimitAutomatic": true,
+ "isSyncButtonHiddenOnPersonalSite": true,
+ "isUnmanagedSyncAppForTenantRestricted": true,
+ "personalSiteDefaultStorageLimitInMB": 113664,
+ "sharingAllowedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingBlockedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingCapability": "externalUserAndGuestSharing",
+ "sharingDomainRestrictionMode": "allowList",
+ "siteCreationDefaultManagedPath": "/sites/",
+ "siteCreationDefaultStorageLimitInMB": 808034,
+ "tenantDefaultTimezone": "(UTC-05:00) Eastern Time (US and Canada)"
+ }
+}
+```
v1.0 Sharepointsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/sharepointsettings-update.md
+
+ Title: "Update sharepointSettings"
+description: "Update one or more tenant-level settings for SharePoint and OneDrive."
+
+ms.localizationpriority: medium
++
+# Update settings
+Namespace: microsoft.graph
++
+Update one or more tenant-level [settings](../resources/sharepointsettings.md) for SharePoint and OneDrive.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|SharePointTenantSettings.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|SharePointTenantSettings.ReadWrite.All|
+
+When calling on behalf of a user, the user needs to belong to one of the following admin roles. To learn more about admin roles, see [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles):
+* Global Administrator
+* SharePoint Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /admin/sharepoint/settings
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+|Property|Type|Description|
+|:|:|:|
+| allowedDomainGuidsForSyncApp | GUID collection | Collection of trusted domain GUIDs for the OneDrive sync app. |
+| deletedUserPersonalSiteRetentionPeriodInDays | Int32 | The number of days for preserving a deleted user's OneDrive. |
+| excludedFileExtensionsForSyncApp | String collection | Collection of file extensions not uploaded by the OneDrive sync app. |
+| idleSessionSignOut | [microsoft.graph.idleSessionSignOut](../resources/idlesessionsignout.md) | Specifies the idle session sign-out policies for the tenant. |
+| imageTaggingOption | imageTaggingChoice | Specifies the image tagging option for the tenant. Possible values are: `disabled`, `basic`, `enhanced`. |
+| isCommentingOnSitePagesEnabled | Boolean | Indicates whether comments are allowed on modern site pages in SharePoint. |
+| isFileActivityNotificationEnabled | Boolean | Indicates whether push notifications are enabled for OneDrive events. |
+| isLegacyAuthProtocolsEnabled | Boolean | Indicates whether legacy authentication protocols are enabled for the tenant. |
+| isLoopEnabled | Boolean | Indicates whether Fluid Framework is allowed on SharePoint sites. |
+| isMacSyncAppEnabled | Boolean | Indicates whether files can be synced using the OneDrive sync app for Mac. |
+| isRequireAcceptingUserToMatchInvitedUserEnabled | Boolean | Indicates whether guests must sign in using the same account to which sharing invitations are sent. |
+| isResharingByExternalUsersEnabled | Boolean | Indicates whether guests are allowed to reshare files, folders, and sites they don't own. |
+| isSharePointMobileNotificationEnabled | Boolean | Indicates whether mobile push notifications are enabled for SharePoint. |
+| isSharePointNewsfeedEnabled | Boolean | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. |
+| isSiteCreationEnabled | Boolean | Indicates whether users are allowed to create sites. |
+| isSiteCreationUIEnabled | Boolean | Indicates whether the UI commands for creating sites are shown. |
+| isSitePagesCreationEnabled | Boolean | Indicates whether creating new modern pages is allowed on SharePoint sites. |
+| isSitesStorageLimitAutomatic | Boolean | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. |
+| isSyncButtonHiddenOnPersonalSite | Boolean | Indicates whether the sync button in OneDrive is hidden. |
+| isUnmanagedSyncAppForTenantRestricted | Boolean | Indicates whether users are allowed to sync files only on PCs joined to specific domains. |
+| personalSiteDefaultStorageLimitInMB | Int64 | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). |
+| sharingAllowedDomainList | String collection | Collection of email domains that are allowed for sharing outside the organization. |
+| sharingBlockedDomainList | String collection | Collection of email domains that are blocked for sharing outside the organization. |
+| sharingCapability | microsoft.graph.tenantAdmin.sharingCapabilities | Sharing capability for the tenant. Possible values are: `disabled`, `externalUserSharingOnly`, `externalUserAndGuestSharing`, `existingExternalUserSharingOnly`. |
+| sharingDomainRestrictionMode | microsoft.graph.tenantAdmin.sharingDomainRestrictionMode | Specifies the external sharing mode for domains. Possible values are: `none`, `allowList`, `blockList`. |
+| siteCreationDefaultManagedPath | String | The value of the team site managed path. This is the path under which new team sites will be created. |
+| siteCreationDefaultStorageLimitInMB | Int32 | The default storage quota for a new site upon creation. Measured in megabytes (MB). |
+| tenantDefaultTimezone | String | The default timezone of a tenant for newly created sites. For a list of possible values, see [SPRegionalSettings.TimeZones property](/sharepoint/dev/schema/regional-settings-schema). |
++
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [settings](../resources/sharepointsettings.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_tenant_settings"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/admin/sharepoint/settings
+Content-Type: application/json
+Content-length: 1323
+
+{
+ "deletedUserPersonalSiteRetentionPeriodInDays": 365,
+ "excludedFileExtensionsForSyncApp": [".mp3"],
+ "imageTaggingOption": "enhanced",
+ "isLegacyAuthProtocolsEnabled": true,
+ "isSitesStorageLimitAutomatic": false,
+ "isSyncButtonHiddenOnPersonalSite": false,
+ "isUnmanagedSyncAppForTenantRestricted": false,
+ "personalSiteDefaultStorageLimitInMB": 120000
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.sharepointSettings"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.sharepointSettings",
+ "allowedDomainGuidsForSyncApp": [
+ "bdd1ab9b-3fd0-4def-a761-ec8d7471732c",
+ "ad31vb6b-5zd0-7tyg-m231-kj8d6578432c"
+ ],
+ "availableManagedPathsForSiteCreation": [
+ "/sites/",
+ "/teams/"
+ ],
+ "deletedUserPersonalSiteRetentionPeriodInDays": 365,
+ "excludedFileExtensionsForSyncApp": [
+ ".mp3"
+ ],
+ "idleSessionSignOut": {
+ "isEnabled": true,
+ "warnAfterInSeconds": 120,
+ "signOutAfterInSeconds": 300
+ },
+ "imageTaggingOption": "basic",
+ "isCommentingOnSitePagesEnabled": true,
+ "isFileActivityNotificationEnabled": true,
+ "isLegacyAuthProtocolsEnabled": true,
+ "isLoopEnabled": true,
+ "isMacSyncAppEnabled": false,
+ "isRequireAcceptingUserToMatchInvitedUserEnabled": true,
+ "isResharingByExternalUsersEnabled": true,
+ "isSharePointMobileNotificationEnabled": true,
+ "isSharePointNewsfeedEnabled": true,
+ "isSiteCreationEnabled": true,
+ "isSiteCreationUIEnabled": true,
+ "isSitePagesCreationEnabled": true,
+ "isSitesStorageLimitAutomatic": false,
+ "isSyncButtonHiddenOnPersonalSite": false,
+ "isUnmanagedSyncAppForTenantRestricted": false,
+ "personalSiteDefaultStorageLimitInMB": 120000,
+ "sharingAllowedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingBlockedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingCapability": "externalUserAndGuestSharing",
+ "sharingDomainRestrictionMode": "allowList",
+ "siteCreationDefaultManagedPath": "/sites/",
+ "siteCreationDefaultStorageLimitInMB": 808034,
+ "tenantDefaultTimezone": "(UTC-05:00) Eastern Time (US and Canada)"
+}
+```
v1.0 Signin Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/signin-get.md
Get a [signIn](../resources/signin.md) object that contains a specific user sign
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| | Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Signin List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/signin-list.md
The maximum and default page size is 1,000 objects and by default, the most rece
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |: |:- | | Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
GET https://graph.microsoft.com/beta/auditLogs/signIns
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Site Delete Permission https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-delete-permission.md
Delete a [permission](../resources/permission.md) object on a site.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Not supported.
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Sites.FullControl.All
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Sites.FullControl.All |
## HTTP request
If successful, this method returns `204 No Content` response code. It does not r
### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
If successful, this method returns `204 No Content` response code. It does not r
} --> ``` http
-DELETE https://graph.microsoft.com/beta/sites/{sitesId}/permissions/{permissionId}
+DELETE https://graph.microsoft.com/beta/sites/f2d90359-865b-4b6c-8848-d2722dd630e5/permissions/2
``` # [C#](#tab/csharp)
DELETE https://graph.microsoft.com/beta/sites/{sitesId}/permissions/{permissionI
### Response
-Here is an example of the response.
+The following is an example of the response.
<!-- { "blockType": "response", "truncated": true
v1.0 Site Get Permission https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-get-permission.md
Retrieve the properties and relationships of a [permission](../resources/permiss
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Not supported.
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Sites.FullControl.All
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Sites.FullControl.All |
## HTTP request
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and the [permission](../resources/permission.md) object in the response body.
+If successful, this method returns a `200 OK` response code and a [permission](../resources/permission.md) object in the response body.
## Examples ### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_permission"
+ "name": "get_permission",
+ "sampleKeys": ["f2d90359-865b-4b6c-8848-d2722dd630e5", "1"]
} --> ``` http
-GET https://graph.microsoft.com/beta/sites/{sitesId}/permissions/{permissionId}
+GET https://graph.microsoft.com/beta/sites/f2d90359-865b-4b6c-8848-d2722dd630e5/permissions/1
``` # [C#](#tab/csharp)
GET https://graph.microsoft.com/beta/sites/{sitesId}/permissions/{permissionId}
### Response+
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true,
HTTP/1.1 200 OK
Content-Type: application/json {
- "id":"1",
- "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
- "roles":[
- "read"
- ],
- "grantedToIdentities":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Contoso Time Manager App"
- }
+ "id": "1",
+ "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
+ "roles": [
+ "read"
+ ],
+ "grantedToIdentities": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Contoso Time Manager App"
}
- ],
- "grantedToIdentitiesV2":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Contoso Time Manager App"
- }
+ }
+ ],
+ "grantedToIdentitiesV2": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Contoso Time Manager App"
}
- ]
+ }
+ ]
} ```
v1.0 Site List Permissions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-list-permissions.md
Get the [permission](../resources/permission.md) resources from the permissions
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Not supported.
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Sites.FullControl.All
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Sites.FullControl.All |
## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
If successful, this method returns a `200 OK` response code and a collection of
} --> ``` http
-GET https://graph.microsoft.com/beta/sites/{sitesId}/permissions
+GET https://graph.microsoft.com/beta/sites/f2d90359-865b-4b6c-8848-d2722dd630e5/permissions
``` # [C#](#tab/csharp)
GET https://graph.microsoft.com/beta/sites/{sitesId}/permissions
### Response
-**Note:** The response object shown here might be shortened for readability.
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
HTTP/1.1 200 OK
Content-Type: application/json {
- "value":[
- {
- "id":"1",
- "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
- "roles":[
- "read"
- ],
- "grantedToIdentities":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Contoso Time Manager App"
- }
- }
- ],
- "grantedToIdentitiesV2":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Contoso Time Manager App"
- }
- }
- ]
- },
- {
- "id":"2",
- "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
- "roles":[
- "write"
- ],
- "grantedToIdentities":[
- {
- "application":{
- "id":"22f09bb7-dd29-403e-bec2-ab5cde52c2b3",
- "displayName":"Fabrikam Dashboard App"
- }
- }
- ],
- "grantedToIdentitiesV2":[
- {
- "application":{
- "id":"22f09bb7-dd29-403e-bec2-ab5cde52c2b3",
- "displayName":"Fabrikam Dashboard App"
- }
- }
- ]
- }
- ]
+ "value": [
+ {
+ "id": "1",
+ "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
+ "roles": [
+ "read"
+ ],
+ "grantedToIdentities": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Contoso Time Manager App"
+ }
+ }
+ ],
+ "grantedToIdentitiesV2": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Contoso Time Manager App"
+ }
+ }
+ ]
+ },
+ {
+ "id": "2",
+ "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
+ "roles": [
+ "write"
+ ],
+ "grantedToIdentities": [
+ {
+ "application": {
+ "id": "22f09bb7-dd29-403e-bec2-ab5cde52c2b3",
+ "displayName": "Fabrikam Dashboard App"
+ }
+ }
+ ],
+ "grantedToIdentitiesV2": [
+ {
+ "application": {
+ "id": "22f09bb7-dd29-403e-bec2-ab5cde52c2b3",
+ "displayName": "Fabrikam Dashboard App"
+ }
+ }
+ ]
+ }
+ ]
} ```
v1.0 Site Post Permissions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-post-permissions.md
Create a new [permission](../resources/permission.md) object on a site.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Not supported.
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Sites.FullControl.All
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Sites.FullControl.All |
## HTTP request
If successful, this method returns a `201 Created` response code and a [permissi
### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
If successful, this method returns a `201 Created` response code and a [permissi
} --> ``` http
-POST https://graph.microsoft.com/beta/sites/{sitesId}/permissions
+POST https://graph.microsoft.com/beta/sites/f2d90359-865b-4b6c-8848-d2722dd630e5/permissions
Content-Type: application/json {
- "roles":[
- "write"
- ],
- "grantedToIdentities":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Contoso Time Manager App"
- }
+ "roles": [
+ "write"
+ ],
+ "grantedToIdentities": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Contoso Time Manager App"
}
- ]
+ }
+ ]
} ```
Content-Type: application/json
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true,
HTTP/1.1 201 Created
Content-Type: application/json {
- "id":"1",
- "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
- "roles":[
- "write"
- ],
- "grantedToIdentities":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Contoso Time Manager App"
- }
+ "id": "1",
+ "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
+ "roles": [
+ "write"
+ ],
+ "grantedToIdentities": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Contoso Time Manager App"
}
- ],
- "grantedToIdentitiesV2":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Contoso Time Manager App"
- }
+ }
+ ],
+ "grantedToIdentitiesV2": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Contoso Time Manager App"
}
- ]
+ }
+ ]
} ```
v1.0 Site Update Permission https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-update-permission.md
Update the [permission](../resources/permission.md) object on a site.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Not supported.
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Sites.FullControl.All
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Sites.FullControl.All |
## HTTP request
If successful, this method returns a `200 OK` response code and a [permission](.
### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_permission_from_"
+ "name": "update_permission_from_",
+ "sampleKeys": ["f2d90359-865b-4b6c-8848-d2722dd630e5", "2"]
} --> ``` http
-PATCH https://graph.microsoft.com/beta/sites/{sitesId}/permissions/{permissionId}
+PATCH https://graph.microsoft.com/beta/sites/f2d90359-865b-4b6c-8848-d2722dd630e5/permissions/2
Content-Type: application/json {
Content-Type: application/json
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true,
HTTP/1.1 200 OK
Content-Type: application/json {
- "id":"2",
- "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
- "roles":[
- "read"
- ],
- "grantedToIdentities":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Fabrikam Dashboard App"
- }
+ "id": "2",
+ "@deprecated.GrantedToIdentities": "GrantedToIdentities has been deprecated. Refer to GrantedToIdentitiesV2",
+ "roles": [
+ "read"
+ ],
+ "grantedToIdentities": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Fabrikam Dashboard App"
}
- ],
- "grantedToIdentitiesV2":[
- {
- "application":{
- "id":"89ea5c94-7736-4e25-95ad-3fa95f62b66e",
- "displayName":"Fabrikam Dashboard App"
- }
+ }
+ ],
+ "grantedToIdentitiesV2": [
+ {
+ "application": {
+ "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e",
+ "displayName": "Fabrikam Dashboard App"
}
- ]
+ }
+ ]
} ```
v1.0 Sitepage Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/sitepage-create.md
Content-Type: application/json
- ## Response If successful, this method returns a [sitePage][] in the response body for the created page.
v1.0 Subscription Reauthorize https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/subscription-reauthorize.md
If successful, this action returns a `204 No Content` response code.
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "subscriptionthis.reauthorize"
The following is an example of a request.
POST https://graph.microsoft.com/beta/subscriptions/{subscriptionsId}/reauthorize ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++ ### Response The following is an example of the response
v1.0 Swapshiftschangerequest List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/swapshiftschangerequest-list.md
Title: "List swapShiftsChangeRequest"
-description: "Retrieve a list of swapShiftsChangeRequest objects in the team."
+description: "Retrieve a list of swapShiftsChangeRequest objects in a team."
ms.localizationpriority: medium ms.prod: "microsoft-teams"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve a list of [swapShiftsChangeRequest](../resources/swapshiftschangerequest.md) objects in the team.
+Retrieve a list of [swapShiftsChangeRequest](../resources/swapshiftschangerequest.md) objects in a team.
## Permissions
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/teams/{teamId}/schedule/swapShiftsChangeRequests
+GET https://graph.microsoft.com/beta/teams/00d4ce58-658a-4d53-a0ad-99aa318bed28/schedule/swapShiftsChangeRequests
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "id": "0b87dd20-d5ed-4764-9c3e-cfc8516def09",
- "senderShiftId": "5ad10161-6524-4c7c-9beb-4e8677ba2f6d",
- "recipientShiftId": "e73408ca-3ea5-4bbf-96a8-2e06c95f7a2c",
- "assignedTo": "manager",
- "state": "approved",
- "senderUserId": "3fe0bc21-1398-4fd9-9713-52511b434c1e",
- "senderDateTime": "2019-05-01T10:00:00Z",
- "senderMessage": "I can't make my shift, any chance we can swap?",
- "recipientUserId": "567c8ea5-9e32-422a-a663-8270201699cd",
- "recipientActionDateTime": "2019-05-01T11:00:00Z",
- "recipientActionMessage": "Sure!",
- "managerUserId": "fdcc8d43-7f83-438a-9ab1-098e8f2a95ff",
- "managerActionDateTime": "2019-05-01T12:00:00Z",
- "managerActionMessage": "Approved!"
- }
- ]
+ "value": [
+ {
+ "id": "0b87dd20-d5ed-4764-9c3e-cfc8516def09",
+ "senderShiftId": "5ad10161-6524-4c7c-9beb-4e8677ba2f6d",
+ "recipientShiftId": "e73408ca-3ea5-4bbf-96a8-2e06c95f7a2c",
+ "assignedTo": "manager",
+ "state": "approved",
+ "senderUserId": "3fe0bc21-1398-4fd9-9713-52511b434c1e",
+ "senderDateTime": "2019-05-01T10:00:00Z",
+ "senderMessage": "I cannot make my shift, any chance we can swap?",
+ "recipientUserId": "567c8ea5-9e32-422a-a663-8270201699cd",
+ "recipientActionDateTime": "2019-05-01T11:00:00Z",
+ "recipientActionMessage": "Sure!",
+ "managerUserId": "fdcc8d43-7f83-438a-9ab1-098e8f2a95ff",
+ "managerActionDateTime": "2019-05-01T12:00:00Z",
+ "managerActionMessage": "Approved!"
+ }
+ ]
}- ``` <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
Content-type: application/json
"section": "documentation", "tocPath": "" }-->--
v1.0 Synchronization Synchronizationjob Provisionondemand https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/synchronization-synchronizationjob-provisionondemand.md
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Team Sendactivitynotification https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-sendactivitynotification.md
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Teamsappsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/teamsappsettings-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported| |Application|Not supported|
-> [!NOTE]
-> TeamworkAppSettings.* permissions might not be visible in the Azure portal. For details and workarounds, see [known issues](/graph/known-issues#teamworkappsettings-permissions-are-not-visible-in-the-azure-portal).
- ## HTTP request <!-- {
v1.0 Teamtemplatedefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/teamtemplatedefinition-get.md
GET https://graph.microsoft.com/beta/teamwork/teamTemplates/com.microsoft.teams.
[!INCLUDE [sample-code](../includes/snippets/php/get-teamtemplatedefinition-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Teamworktagmember Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/teamworktagmember-post.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/create-teamworktagmember-from--php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Tenantadmin Settings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tenantadmin-settings-get.md
- Title: "Get settings"
-description: "Get the tenant-level settings for SharePoint and OneDrive."
-
-doc_type: apiPageType
--
-# Get settings
-Namespace: microsoft.graph.tenantAdmin
--
-Get the tenant-level [settings](../resources/tenantadmin-settings.md) for SharePoint and OneDrive.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|SharePointTenantSettings.Read.All, SharePointTenantSettings.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|SharePointTenantSettings.Read.All, SharePointTenantSettings.ReadWrite.All|
-
-When calling on behalf of a user, the user needs to belong to one of the following admin roles. To learn more about admin roles, see [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles):
-* Global Administrator
-* Global Reader
-* SharePoint Administrator
-
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-GET /admin/sharepoint/settings
-```
-
-## Optional query parameters
-This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
-
-## Request headers
-|Name|Description|
-|:|:|
-|Authorization|Bearer {token}. Required.|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and a [settings](../resources/tenantadmin-settings.md) object in the response body.
-
-## Examples
-
-### Request
-
-The following is an example of a request.
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_settings_at_tenant_level"
-}
>
-``` http
-GET https://graph.microsoft.com/beta/admin/sharepoint/settings
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
---
-### Response
-
-The following is an example of the response.
-
->**Note:** The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.tenantAdmin.settings"
-}
>
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-
-{
- "value": {
- "@odata.type": "#microsoft.graph.tenantAdmin.settings",
- "id": "e79403fa-abdf-af49-56c5-f7119d8b1948",
- "allowedDomainGuidsForSyncApp": [
- "bdd1ab9b-3fd0-4def-a761-ec8d7471732c",
- "ad31vb6b-5zd0-7tyg-m231-kj8d6578432c"
- ],
- "availableManagedPathsForSiteCreation": [
- "/sites/",
- "/teams/"
- ],
- "deletedUserPersonalSiteRetentionPeriodInDays": 344,
- "excludedFileExtensionsForSyncApp": [
- ".md",
- ".git"
- ],
- "idleSessionSignOut": {
- "isEnabled": true,
- "warnAfterInSeconds": 120,
- "signOutAfterInSeconds": 300
- },
- "imageTaggingOption": "basic",
- "isCommentingOnSitePagesEnabled": true,
- "isFileActivityNotificationEnabled": true,
- "isLegacyAuthProtocolsEnabled": false,
- "isLoopEnabled": true,
- "isMacSyncAppEnabled": false,
- "isRequireAcceptingUserToMatchInvitedUserEnabled": true,
- "isResharingByExternalUsersEnabled": true,
- "isSharePointMobileNotificationEnabled": true,
- "isSharePointNewsfeedEnabled": true,
- "isSiteCreationEnabled": true,
- "isSiteCreationUIEnabled": true,
- "isSitePagesCreationEnabled": true,
- "isSitesStorageLimitAutomatic": true,
- "isSyncButtonHiddenOnPersonalSite": true,
- "isUnmanagedSyncAppForTenantRestricted": true,
- "personalSiteDefaultStorageLimitInMB": 113664,
- "sharingAllowedDomainList" : [
- "contoso.com",
- "fabrikam.com"
- ],
- "sharingBlockedDomainList" : [
- "contoso.com",
- "fabrikam.com"
- ],
- "sharingCapability": "externalUserAndGuestSharing",
- "sharingDomainRestrictionMode": "allowList",
- "siteCreationDefaultManagedPath": "/sites/",
- "siteCreationDefaultStorageLimitInMB": 808034,
- "tenantDefaultTimezone": "(UTC-05:00) Eastern Time (US and Canada)"
- }
-}
-```
-
v1.0 Tenantadmin Settings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tenantadmin-settings-update.md
- Title: "Update settings"
-description: "Update one or more tenant-level settings for SharePoint and OneDrive."
-
-doc_type: apiPageType
--
-# Update settings
-Namespace: microsoft.graph.tenantAdmin
--
-Update one or more tenant-level [settings](../resources/tenantadmin-settings.md) for SharePoint and OneDrive.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|SharePointTenantSettings.ReadWrite.All|
-|Delegated (personal Microsoft account)|Not supported.|
-|Application|SharePointTenantSettings.ReadWrite.All|
-
-When calling on behalf of a user, the user needs to belong to one of the following admin roles. To learn more about admin roles, see [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles):
-* Global Administrator
-* SharePoint Administrator
-
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /admin/sharepoint/settings
-```
-
-## Request headers
-|Name|Description|
-|:|:|
-|Authorization|Bearer {token}. Required.|
-|Content-Type|application/json. Required.|
-
-## Request body
-
-|Property|Type|Description|
-|:|:|:|
-| allowedDomainGuidsForSyncApp | GUID collection | Collection of trusted domain GUIDs for the OneDrive sync app. |
-| deletedUserPersonalSiteRetentionPeriodInDays | Int32 | The number of days for preserving a deleted user's OneDrive. |
-| excludedFileExtensionsForSyncApp | String collection | Collection of file extensions not uploaded by the OneDrive sync app. |
-| idleSessionSignOut | [tenantAdmin.idleSessionSignOut](../resources/tenantadmin-idlesessionsignout.md) | Specifies the idle session sign-out policies for the tenant. |
-| imageTaggingOption | imageTaggingChoice | Specifies the image tagging option for the tenant. Possible values are: `disabled`, `basic`, `enhanced`. |
-| isCommentingOnSitePagesEnabled | Boolean | Indicates whether comments are allowed on modern site pages in SharePoint. |
-| isFileActivityNotificationEnabled | Boolean | Indicates whether push notifications are enabled for OneDrive events. |
-| isLegacyAuthProtocolsEnabled | Boolean | Indicates whether legacy authentication protocols are enabled for the tenant. |
-| isLoopEnabled | Boolean | Indicates whether Fluid Framework is allowed on SharePoint sites. |
-| isMacSyncAppEnabled | Boolean | Indicates whether files can be synced using the OneDrive sync app for Mac. |
-| isRequireAcceptingUserToMatchInvitedUserEnabled | Boolean | Indicates whether guests must sign in using the same account to which sharing invitations are sent. |
-| isResharingByExternalUsersEnabled | Boolean | Indicates whether guests are allowed to reshare files, folders, and sites they don't own. |
-| isSharePointMobileNotificationEnabled | Boolean | Indicates whether mobile push notifications are enabled for SharePoint. |
-| isSharePointNewsfeedEnabled | Boolean | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. |
-| isSiteCreationEnabled | Boolean | Indicates whether users are allowed to create sites. |
-| isSiteCreationUIEnabled | Boolean | Indicates whether the UI commands for creating sites are shown. |
-| isSitePagesCreationEnabled | Boolean | Indicates whether creating new modern pages is allowed on SharePoint sites. |
-| isSitesStorageLimitAutomatic | Boolean | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. |
-| isSyncButtonHiddenOnPersonalSite | Boolean | Indicates whether the sync button in OneDrive is hidden. |
-| isUnmanagedSyncAppForTenantRestricted | Boolean | Indicates whether users are allowed to sync files only on PCs joined to specific domains. |
-| personalSiteDefaultStorageLimitInMB | Int64 | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). |
-| sharingAllowedDomainList | String collection | Collection of email domains that are allowed for sharing outside the organization. |
-| sharingBlockedDomainList | String collection | Collection of email domains that are blocked for sharing outside the organization. |
-| sharingCapability | microsoft.graph.tenantAdmin.sharingCapabilities | Sharing capability for the tenant. Possible values are: `disabled`, `externalUserSharingOnly`, `externalUserAndGuestSharing`, `existingExternalUserSharingOnly`. |
-| sharingDomainRestrictionMode | microsoft.graph.tenantAdmin.sharingDomainRestrictionMode | Specifies the external sharing mode for domains. Possible values are: `none`, `allowList`, `blockList`. |
-| siteCreationDefaultManagedPath | String | The value of the team site managed path. This is the path under which new team sites will be created. |
-| siteCreationDefaultStorageLimitInMB | Int32 | The default storage quota for a new site upon creation. Measured in megabytes (MB). |
-| tenantDefaultTimezone | String | The default timezone of a tenant for newly created sites. For a list of possible values, see [SPRegionalSettings.TimeZones property](/dotnet/api/microsoft.sharepoint.spregionalsettings.timezones). |
--
-## Response
-
-If successful, this method returns a `200 OK` response code and an updated [settings](../resources/tenantadmin-settings.md) object in the response body.
-
-## Examples
-
-### Request
-
-The following is an example of a request.
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "update_tenant_settings"
-}
>
-``` http
-PATCH https://graph.microsoft.com/beta/admin/sharepoint/settings
-Content-Type: application/json
-Content-length: 1323
-
-{
- "deletedUserPersonalSiteRetentionPeriodInDays": 365,
- "excludedFileExtensionsForSyncApp": [".mp3"],
- "imageTaggingOption": "enhanced",
- "isLegacyAuthProtocolsEnabled": true,
- "isSitesStorageLimitAutomatic": false,
- "isSyncButtonHiddenOnPersonalSite": false,
- "isUnmanagedSyncAppForTenantRestricted": false,
- "personalSiteDefaultStorageLimitInMB": 120000
-}
-```
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
-
-# [Java](#tab/java)
-
-# [JavaScript](#tab/javascript)
-
-# [PHP](#tab/php)
---
-### Response
-
-The following is an example of the response.
-
->**Note:** The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.tenantAdmin.settings"
-}
>
-``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-
-{
- "@odata.type": "#microsoft.graph.tenantAdmin.settings",
- "allowedDomainGuidsForSyncApp": [
- "bdd1ab9b-3fd0-4def-a761-ec8d7471732c",
- "ad31vb6b-5zd0-7tyg-m231-kj8d6578432c"
- ],
- "availableManagedPathsForSiteCreation": [
- "/sites/",
- "/teams/"
- ],
- "deletedUserPersonalSiteRetentionPeriodInDays": 365,
- "excludedFileExtensionsForSyncApp": [
- ".mp3"
- ],
- "idleSessionSignOut": {
- "isEnabled": true,
- "warnAfterInSeconds": 120,
- "signOutAfterInSeconds": 300
- },
- "imageTaggingOption": "basic",
- "isCommentingOnSitePagesEnabled": true,
- "isFileActivityNotificationEnabled": true,
- "isLegacyAuthProtocolsEnabled": true,
- "isLoopEnabled": true,
- "isMacSyncAppEnabled": false,
- "isRequireAcceptingUserToMatchInvitedUserEnabled": true,
- "isResharingByExternalUsersEnabled": true,
- "isSharePointMobileNotificationEnabled": true,
- "isSharePointNewsfeedEnabled": true,
- "isSiteCreationEnabled": true,
- "isSiteCreationUIEnabled": true,
- "isSitePagesCreationEnabled": true,
- "isSitesStorageLimitAutomatic": false,
- "isSyncButtonHiddenOnPersonalSite": false,
- "isUnmanagedSyncAppForTenantRestricted": false,
- "personalSiteDefaultStorageLimitInMB": 120000,
- "sharingAllowedDomainList" : [
- "contoso.com",
- "fabrikam.com"
- ],
- "sharingBlockedDomainList" : [
- "contoso.com",
- "fabrikam.com"
- ],
- "sharingCapability": "externalUserAndGuestSharing",
- "sharingDomainRestrictionMode": "allowList",
- "siteCreationDefaultManagedPath": "/sites/",
- "siteCreationDefaultStorageLimitInMB": 808034,
- "tenantDefaultTimezone": "(UTC-05:00) Eastern Time (US and Canada)"
-}
-```
v1.0 Tenantappmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tenantappmanagementpolicy-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-tenantappmanagementpolicy-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Tiindicator Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tiindicator-update.md
Prefer: return=representation
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Timecard Confirm https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timecard-confirm.md
Title: "timeCard: confirm"
-description: "Confirm a specific timecard."
+description: "Confirm a specific timeCard."
ms.localizationpriority: medium ms.prod: "microsoft-teams"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Confirm a specific [timeCard](../resources/timeCard.md).
+Confirm a specific [timeCard](../resources/timecard.md).
## Permissions
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-POST /teams/{teamId}/schedule/timeCards/{timeCardID}/confirm
+POST /teams/{teamId}/schedule/timeCards/{timeCardId}/confirm
``` ## Request headers
v1.0 Timecard Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timecard-delete.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Delete a [timeCard](../resources/timeCard.md) instance in a [schedule](../resources/schedule.md).
+Delete a [timeCard](../resources/timecard.md) instance in a [schedule](../resources/schedule.md).
## Permissions
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE /teams/{teamId}/schedule/timeCards/{timeCardID}
+DELETE /teams/{teamId}/schedule/timeCards/{timeCardId}
``` ## Request headers
v1.0 Timecard Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timecard-get.md
Title: "Get timeCard"
-description: "Get a timeCard by ID."
+description: "Get the properties and relationships of a timeCard object by ID."
ms.localizationpriority: medium ms.prod: "microsoft-teams"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve the properties and relationships of a [timeCard](../resources/timeCard.md) object by ID.
+Get the properties and relationships of a [timeCard](../resources/timecard.md) object by ID.
## Permissions
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET /teams/{teamId}/schedule/timeCards/{timecardID}
-
+GET /teams/{teamId}/schedule/timeCards/{timeCardId}
``` ## Optional query parameters
-This method does not support OData query parameters to customize the response.
+This method does not support [OData query parameters](/graph/query-parameters) to customize the response.
## Request headers
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a [timeCard](../resources/timeCard.md) object in the response body.
+If successful, this method returns a `200 OK` response code and a [timeCard](../resources/timecard.md) object in the response body.
## Example
v1.0 Timecard Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timecard-post.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Create a [timeCard](../resources/timeCard.md) instance in a [schedule](../resources/schedule.md).
+Create a [timeCard](../resources/timecard.md) instance in a [schedule](../resources/schedule.md).
## Permissions
Provide the new [timeCard](../resources/timecard.md) object in the request body
## Response
-If successful, this method returns a `201 Created` response code and a [timeCard](../resources/timeCard.md) object in the response body.
+If successful, this method returns a `201 Created` response code and a [timeCard](../resources/timecard.md) object in the response body.
## Example
HTTP/1.1 201 Created
Content-type: application/json {
- "id":"3895809b-a618-4c0d-86a0-d42b25b7d74f",
- "userId":"a3601044-a1b5-438e-b742-f78d01d68a67",
- "createdDateTime":"2019-03-18T00:00:00.000Z",
- "createdBy":{
- "user":{
- "id":"a3601044-a1b5-438e-b742-f78d01d68a67",
- "displayName":"Dwight Schrute"
- }
- },
- "lastModifiedDateTime":"2019-03-18T00:00:00.000Z",
- "lastModifiedBy":{
- "user":{
- "id":"a3601044-a1b5-438e-b742-f78d01d68a67",
- "displayName":"Dwight Schrute"
- }
- },
- "state":"onBreak",
- "confirmationStatus":"notConfirmed",
- "originalEntry":{
- "clockInEvent":{
- "dateTime":"2019-03-18T00:00:00.000Z",
- "atApprovedLocation":true,
- "notes": {
- "content": "Started late due to traffic in CA 237",
- "contentType": "text"
- },
- },
- "clockOutEvent":null,
- "breaks":[
- {
- "breakId":"string",
- "notes":{
- "content": "Lunch break",
- "contentType": "text"
- },
- "start":{
- "dateTime":"2019-03-18T02:00:00.000Z",
- "atApprovedLocation":true,
- "notes": {
- "content": "Reduced break to make up for lost time",
- "contentType": "text"
- },
- },
- "end":null
- }
- ]
- },
- "clockInEvent":{
- "dateTime":"2019-03-18T00:00:00.000Z",
- "atApprovedLocation":true,
+ "id": "3895809b-a618-4c0d-86a0-d42b25b7d74f",
+ "userId": "a3601044-a1b5-438e-b742-f78d01d68a67",
+ "createdDateTime": "2019-03-18T00:00:00.000Z",
+ "createdBy": {
+ "user": {
+ "id": "a3601044-a1b5-438e-b742-f78d01d68a67",
+ "displayName": "Dwight Schrute"
+ }
+ },
+ "lastModifiedDateTime": "2019-03-18T00:00:00.000Z",
+ "lastModifiedBy": {
+ "user": {
+ "id": "a3601044-a1b5-438e-b742-f78d01d68a67",
+ "displayName": "Dwight Schrute"
+ }
+ },
+ "state": "onBreak",
+ "confirmationStatus": "notConfirmed",
+ "originalEntry": {
+ "clockInEvent": {
+ "dateTime": "2019-03-18T00:00:00.000Z",
+ "atApprovedLocation": true,
"notes": { "content": "Started late due to traffic in CA 237", "contentType": "text"
- },
- },
- "clockOutEvent":null,
- "notes":{
- "content": "8 To 5 Inventory management",
- "contentType": "text"
- },
- "breaks":[
+ }
+ },
+ "clockOutEvent": null,
+ "breaks": [
{
- "breakId":"string",
- "notes":{
- "content": "Lunch break",
- "contentType": "text"
- },
- "start":{
- "dateTime":"2019-03-18T02:00:00.000Z",
- "atApprovedLocation":true,
- "notes": {
- "content": "Reduced break to make up for lost time",
- "contentType": "text"
- },
- },
- "end":null
+ "breakId": "string",
+ "notes": {
+ "content": "Lunch break",
+ "contentType": "text"
+ },
+ "start": {
+ "dateTime": "2019-03-18T02:00:00.000Z",
+ "atApprovedLocation": true,
+ "notes": {
+ "content": "Reduced break to make up for lost time",
+ "contentType": "text"
+ }
+ },
+ "end": null
}
- ]
+ ]
+ },
+ "clockInEvent": {
+ "dateTime": "2019-03-18T00:00:00.000Z",
+ "atApprovedLocation": true,
+ "notes": {
+ "content": "Started late due to traffic in CA 237",
+ "contentType": "text"
+ }
+ },
+ "clockOutEvent": null,
+ "notes": {
+ "content": "8 To 5 Inventory management",
+ "contentType": "text"
+ },
+ "breaks": [
+ {
+ "breakId": "string",
+ "notes": {
+ "content": "Lunch break",
+ "contentType": "text"
+ },
+ "start": {
+ "dateTime": "2019-03-18T02:00:00.000Z",
+ "atApprovedLocation": true,
+ "notes": {
+ "content": "Reduced break to make up for lost time",
+ "contentType": "text"
+ }
+ },
+ "end": null
+ }
+ ]
} ```
v1.0 Tokenissuancepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenissuancepolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/beta/policies/tokenIssuancePolicies/{id}/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/policies/tokenIssuancePolicies/{id}/applies
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-3-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Tokenlifetimepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-4-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Trustframeworkkeyset Generatekey https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/trustframeworkkeyset-generatekey.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/trustframeworkkeyset-generatekey-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Unifiedroleassignmentmultiple Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedroleassignmentmultiple-get.md
GET https://graph.microsoft.com/beta/roleManagement/cloudPC/roleAssignments/dbe9
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Unifiedroleassignmentmultiple Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedroleassignmentmultiple-update.md
To update an existing unfiedRoleAssignmentMultiple for a Cloud PC provider:
<!-- { "blockType": "ignored" } --> ```http
-PATCH /roleManagement/cloudPC/roleAssignments
+PATCH /roleManagement/cloudPC/roleAssignments/{id}
``` To update an existing unfiedRoleAssignmentMultiple for an Intune provider: <!-- { "blockType": "ignored" } --> ```http
-PATCH /roleManagement/deviceManagement/roleAssignments
+PATCH /roleManagement/deviceManagement/roleAssignments/{id}
``` ## Request headers
v1.0 User Assignlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-assignlicense.md
Title: "assignLicense"
-description: "Add or remove licenses for the user to enable or disable their use of Microsoft cloud offerings. For example, an organization can have a Microsoft 365 Enterprise E3 subscription with 100 licenses, and this request assigns one of those licenses to a specific user. You can also enable and disable specific plans associated with a subscription. To learn more about subscriptions and licenses, see this Technet article."
+ Title: "user: assignLicense"
+description: "Add or remove licenses for the user to enable or disable their use of Microsoft cloud offerings. "
ms.localizationpriority: medium ms.prod: "users"
v1.0 User Changepassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-changepassword.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/user-changepassword-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 User Findmeetingtimes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-findmeetingtimes.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | Calendars.Read.Shared, Calendars.ReadWrite.Shared |
+|Delegated (work or school account) | Calendars.Read, Calendars.ReadWrite |
|Delegated (personal Microsoft account) | Not supported. | |Application | Not supported. |
v1.0 User List Agreementacceptances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-agreementacceptances.md
GET https://graph.microsoft.com/beta/me/agreementAcceptances
[!INCLUDE [sample-code](../includes/snippets/php/get-agreementacceptances-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 User List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list.md
GET /users
## Optional query parameters
-This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. The default and maximum page sizes are 100 and 999 user objects respectively, except when you specify `$select=signInActivity` or `$filter=signInActivity`. When `signInActivity` is selected or filtered on, the maximum page size is 120. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). The `$count` and `$search` parameters are currently not available in Azure AD B2C tenants.
+This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. The default and maximum page sizes are 100 and 999 user objects respectively, except when you specify `$select=signInActivity` or `$filter=signInActivity`. When `signInActivity` is selected or filtered on, the maximum page size is 999. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). The `$count` and `$search` parameters are currently not available in Azure AD B2C tenants.
[Extension properties](/graph/extensibility-overview) also support query parameters, in some cases, only with advanced query parameters. For more information, see [support for `$filter` by extension properties](/graph/aad-advanced-queries#:~:text=The%20following%20table%20shows%20support%20for%20%24filter%20by%20extension%20properties%20on%20the%20user%20object.).
Content-type: application/json
The following is an example of the request. Details for the **signInActivity** property require an Azure AD Premium P1/P2 license and the AuditLog.Read.All permission.
->**Note:** When you specify `$select=signInActivity` or `$filter=signInActivity` while listing users, the maximum page size for `$top` is 120. Requests with `$top` set higher than 120 will return pages with up to 120 users. signInActivity supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties.
+>**Note:** signInActivity supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties. You must specify `$select=signInActivity` or `$filter=signInActivity` while [listing users](../api/user-list.md), as the signInActivity property is not returned by default. This property is not returned for a user who has never signed in or last signed in before April 2020.|
# [HTTP](#tab/http)
v1.0 User Post Users https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-post-users.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 User Retryserviceprovisioning https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-retryserviceprovisioning.md
+
+ Title: "user: retryServiceProvisioning"
+description: "Retries user service provisioning."
+ms.localizationpriority: medium
+++
+# user: retryServiceProvisioning
+
+Namespace: microsoft.graph
++
+Retry the [user](../resources/user.md) service provisioning.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | User.ReadWrite, User.ManageIdentities.All, User.EnableDisableAccount.All, User.ReadWrite.All, Directory.ReadWrite.All |
+| Delegated (personal Microsoft account) | User.ReadWrite |
+| Application | User.ManageIdentities.All, User.EnableDisableAccount.All, User.ReadWrite.All, Directory.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+POST /users/{id}/retryServiceProvisioning
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+This operation has no request content.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "user_retryserviceprovisioning"
+}-->
+```http
+POST https://graph.microsoft.com/beta/users/{id}/retryServiceProvisioning
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+```http
+HTTP/1.1 204 No Content
+```
v1.0 User Sendmail https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-sendmail.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Userregistrationdetails Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/userregistrationdetails-get.md
Read the properties and relationships of a [userRegistrationDetails](../resource
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|UserAuthenticationMethod.Read.All and AuditLog.Read.All|
v1.0 Virtualappointment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualappointment-delete.md
ms.prod: "cloud-communications"
doc_type: apiPageType
-# Delete virtualAppointment
+# Delete virtualAppointment (deprecated)
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] > [!CAUTION]
- > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on May 31, 2023.
+> The **virtualAppointment** resource and supporting methods are deprecated and will stop returning data on June 30, 2023. We recommend that you update existing apps that use this API to use the new [Get join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
Delete a [virtualAppointment](../resources/virtualappointment.md) object.
v1.0 Virtualappointment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualappointment-get.md
ms.prod: "cloud-communications"
doc_type: apiPageType
-# Get virtualAppointment
+# Get virtualAppointment (deprecated)
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] > [!CAUTION]
- > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on May 31, 2023. We recommend that you update existing apps that use this API to use the new [Get Virtual appointment join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
+> The **virtualAppointment** resource and supporting methods are deprecated and will stop returning data on June 30, 2023. We recommend that you update existing apps that use this API to use the new [Get join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
Read the properties and relationships of a [virtualAppointment](../resources/virtualappointment.md) object.
v1.0 Virtualappointment Getvirtualappointmentjoinweburl https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualappointment-getvirtualappointmentjoinweburl.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Get a join web URL for [Microsoft Virtual Appointments](/microsoft-365/frontline/virtual-appointments). This web URL includes enhanced business-to-customer experiences such as mobile broswer join and virtual lobby rooms.
+Get a join web URL for an appointment on the [Virtual Appointments](/microsoft-365/frontline/virtual-appointments) app for Teams.
+
+This web URL includes enhanced business-to-customer experiences such as mobile browser join and virtual lobby rooms. With [Teams Premium](/microsoftteams/teams-add-on-licensing/licensing-enhance-teams), you can configure a [custom lobby room](/microsoft-365/frontline/browser-join#customize-the-waiting-room-with-your-company-logo) experience for attendees by adding your company logo and access the [Virtual Appointments usage report](/microsoft-365/frontline/virtual-appointments-usage-report) for organizational analytics.
## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-|:|:|
-| Delegated (work or school account) | VirtualAppointment.Read, VirtualAppointment.ReadWrite, OnlineMeetings.Read, OnlineMeetings.ReadWrite |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | VirtualAppointment.Read.All, VirtualAppointment.ReadWrite.All
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | VirtualAppointment.Read, VirtualAppointment.ReadWrite, OnlineMeetings.Read, OnlineMeetings.ReadWrite |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | VirtualAppointment.Read.All, VirtualAppointment.ReadWrite.All |
## HTTP request
GET /users/{userId}/onlineMeetings/{onlineMeetingId}/getVirtualAppointmentJoinWe
| Accept-Language | Language. Optional. | ## Request body+ Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a String in the response body. The **value** field represents the join web URL for [Microsoft Virtual Appointments](https://learn.microsoft.com/microsoft-365/frontline/virtual-appointments).
+If successful, this method returns a `200 OK` response code and a String in the response body. The **value** property represents the join web URL for [Microsoft Virtual Appointments](/microsoft-365/frontline/virtual-appointments).
## Examples ### Request+ The following is an example of a request. # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_virtualappointment",
+ "name": "get_virtualappointment_getVirtualAppointmentJoinWebUrl",
"sampleKeys": ["MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZi"] } -->
The following is an example of a request.
GET https://graph.microsoft.com/beta/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZi/getVirtualAppointmentJoinWebUrl ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript)+
+# [PHP](#tab/php)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] ### Response+ The following example shows the response. <!-- { "blockType": "response", "truncated": true,
- "@odata.type": "microsoft.graph.virtualAppointment"
+ "@odata.type": "Edm.String"
} --> ``` http HTTP/1.1 200 OK Content-Type: application/json
-{ "value": "https://visit.teams.microsoft.com/webrtc-svc/api/route?tid=a796be92-&convId=19:meeting_=True" }
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Edm.String",
+ "value": "https://visit.teams.microsoft.com/webrtc-svc/api/route?tid=a796be92-&convId=19:meeting_=True"
+}
```
v1.0 Virtualappointment Put https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualappointment-put.md
ms.prod: "cloud-communications"
doc_type: apiPageType
-# Create virtualAppointment
+# Create virtualAppointment (deprecated)
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] > [!CAUTION]
- > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on May 31, 2023. We recommend that you update existing apps that use this API to use the new [Get Virtual appointment join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
+> The **virtualAppointment** resource and supporting methods are deprecated and will stop returning data on June 30, 2023. We recommend that you update existing apps that use this API to use the new [Get join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
Create a new [virtualAppointment](../resources/virtualappointment.md) object.
v1.0 Virtualappointment Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualappointment-update.md
ms.prod: "cloud-communications"
doc_type: apiPageType
-# Update virtualAppointment
+# Update virtualAppointment (deprecated)
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-> [!CAUTION]
- > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on May 31, 2023.
+> [!CAUTION]
+> The **virtualAppointment** resource and supporting methods are deprecated and will stop returning data on June 30, 2023. We recommend that you update existing apps that use this API to use the new [Get join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
Update the properties of a [virtualAppointment](../resources/virtualappointment.md) object.
v1.0 Virtualendpoint List Provisioningpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-list-provisioningpolicies.md
Content-Type: application/json
"onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff", "type": "hybridAzureADJoin" },
+ "domainJoinConfigurations": [
+ {
+ "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff",
+ "type": "hybridAzureADJoin"
+ },
+ {
+ "onPremisesConnectionId": "26e16c71-f210-438b-88ac-d481ccafffff",
+ "type": "hybridAzureADJoin"
+ }
+ ],
"enableSingleSignOn": true, "id": "1d164206-bf41-4fd2-8424-a3192d39ffff", "onPremisesConnectionId": "4e47d0f6-6f77-44f0-8893-c0fe1701ffff",
v1.0 Virtualendpoint Post Provisioningpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-post-provisioningpolicies.md
The following table shows the properties that are required when you create the [
|description|String|The provisioning policy description.| |displayName|String|The display name for the provisioning policy.| |domainJoinConfiguration|[cloudPcDomainJoinConfiguration](../resources/cloudpcdomainjoinconfiguration.md)|Specifies how Cloud PCs will join Azure Active Directory.|
+|domainJoinConfigurations|Collection([microsoft.graph.cloudPcDomainJoinConfiguration](../resources/cloudpcdomainjoinconfiguration.md))|Specifies a list ordered by priority on how Cloud PCs will join Azure AD.|
|imageDisplayName|String|The display name for the OS image youΓÇÖre provisioning.|
-|imageId|String|The ID of the OS image you want to provision on Cloud PCs. The format for a gallery type image is: {publisher_offer_sku}. Supported values for each of the parameters are as follows:<ul><li>publisher: Microsoftwindowsdesktop.</li> <li>offer: windows-ent-cpc.</li> <li>sku: 21h1-ent-cpc-m365, 21h1-ent-cpc-os, 20h2-ent-cpc-m365, 20h2-ent-cpc-os, 20h1-ent-cpc-m365, 20h1-ent-cpc-os, 19h2-ent-cpc-m365 and 19h2-ent-cpc-os.</li></ul>|
+|imageId|String|The ID of the operating system image you want to provision on Cloud PCs. The format for a gallery type image is: {publisher_offer_sku}. Supported values for each of the parameters are as follows:<ul><li>publisher: `Microsoftwindowsdesktop`.</li> <li>offer: `windows-ent-cpc`.</li> <li>sku: `21h1-ent-cpc-m365`, `21h1-ent-cpc-os`, `20h2-ent-cpc-m365`, `20h2-ent-cpc-os`, `20h1-ent-cpc-m365`, `20h1-ent-cpc-os`, `19h2-ent-cpc-m365` and `19h2-ent-cpc-os`.</li></ul>|
|imageType|cloudPcProvisioningPolicyImageType|The type of OS image (custom or gallery) you want to provision on Cloud PCs. Possible values are: `gallery`, `custom`.| |onPremisesConnectionId|String|The ID of the cloudPcOnPremisesConnection. To ensure that Cloud PCs have network connectivity and that they domain join, choose a connection with a virtual network thatΓÇÖs validated by the Cloud PC service.| |provisioningType|[cloudPcProvisioningType](../resources/cloudpcprovisioningpolicy.md#cloudpcprovisioningtype-values)|Specifies the type of license used when provisioning Cloud PCs using this policy. By default, the license type is `dedicated` if the **provisioningType** isn't specified when you create the **cloudPcProvisioningPolicy**. You can't change this property after the **cloudPcProvisioningPolicy** was created. Possible values are: `dedicated`, `shared`, `unknownFutureValue`.|
Content-Type: application/json
"domainJoinType": "hybridAzureADJoin", "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff" },
+ "domainJoinConfigurations": [
+ {
+ "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff",
+ "type": "hybridAzureADJoin"
+ },
+ {
+ "onPremisesConnectionId": "26e16c71-f210-438b-88ac-d481ccafffff",
+ "type": "hybridAzureADJoin"
+ }
+ ],
+ "id": "1d164206-bf41-4fd2-8424-a3192d39ffff",
"enableSingleSignOn": true, "imageDisplayName": "Windows-10 19h1-evd", "imageId": "MicrosoftWindowsDesktop_Windows-10_19h1-evd",
Content-Type: application/json
"onPremisesConnectionId": "4e47d0f6-6f77-44f0-8893-c0fe1701ffff", "type": "hybridAzureADJoin" },
+ "domainJoinConfigurations": [
+ {
+ "onPremisesConnectionId": "16ee6c71-fc10-438b-88ac-daa1ccafffff",
+ "type": "hybridAzureADJoin"
+ },
+ {
+ "onPremisesConnectionId": "26e16c71-f210-438b-88ac-d481ccafffff",
+ "type": "hybridAzureADJoin"
+ }
+ ],
"enableSingleSignOn": true, "id": "1d164206-bf41-4fd2-8424-a3192d39ffff", "imageDisplayName": "Windows-10 19h1-evd",
v1.0 Virtualendpoint Post Usersettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-post-usersettings.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/create-cloudpcusersetting-from--php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Windowsupdates Deploymentaudience Updateaudience https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-deploymentaudience-updateaudience.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-POST /admin/windows/updates/deploymentAudiences/{deploymentAudienceId}]/updateAudience
+POST /admin/windows/updates/deploymentAudiences/{deploymentAudienceId}/updateAudience
``` ## Request headers
v1.0 Windowsupdates Deploymentaudience Updateaudiencebyid https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-deploymentaudience-updateaudiencebyid.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/deploymentaudience-updateaudiencebyid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableasset Enrollassets https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableasset-enrollassets.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableasset-enrollassets-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableasset Enrollassetsbyid https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableasset-enrollassetsbyid.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableasset-enrollassetsbyid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableasset Unenrollassets https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableasset-unenrollassets.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableasset-unenrollassets-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableasset Unenrollassetsbyid https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableasset-unenrollassetsbyid.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableasset-unenrollassetsbyid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableassetgroup Addmembers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableassetgroup-addmembers.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableassetgroup-addmembers-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableassetgroup Addmembersbyid https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableassetgroup-addmembersbyid.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableassetgroup-addmembersbyid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableassetgroup Removemembers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableassetgroup-removemembers.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableassetgroup-removemembers-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Windowsupdates Updatableassetgroup Removemembersbyid https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-updatableassetgroup-removemembersbyid.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/updatableassetgroup-removemembersbyid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Worksheet Usedrange https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/worksheet-usedrange.md
Here is an example of the request.
GET https://graph.microsoft.com/beta/me/drive/items/{id}/workbook/worksheets/{id|name}/UsedRange(valuesOnly=true) ```
-# [C#](#tab/csharp)
- # [Go](#tab/go) [!INCLUDE [sample-code](../includes/snippets/go/worksheet-usedrange-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Admin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/admin.md
Represents an entity that acts as a container for administrator functionality.
| edge | [edge](edge.md) | A container for Microsoft Edge resources. Read-only. | | reportSettings |[microsoft.graph.adminReportSettings](../resources/adminreportsettings.md)|A container for administrative resources to manage reports.| | serviceAnnouncement | [serviceAnnouncement](serviceannouncement.md) | A container for service communications resources. Read-only. |
-| sharepoint |[microsoft.graph.tenantAdmin.sharepoint](../resources/tenantadmin-sharepoint.md)|A container for administrative resources to manage tenant-level settings for SharePoint and OneDrive.|
+| sharepointSettings | [sharepointSettings](../resources/sharepointSettings.md) | A container for administrative resources to manage tenant-level settings for SharePoint and OneDrive. |
| windows |[microsoft.graph.adminWindows](../resources/adminwindows.md)|A container for all Windows administrator functionalities. Read-only.| ## JSON representation
v1.0 Appliedauthenticationeventlistener https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/appliedauthenticationeventlistener.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents the listeners, such as Azure Logic Apps and Azure Functions, that are triggered by the corresponding events in a [sign-in event](../resources/signin.md).
+Represents the [authentication event listeners](authenticationeventlistener.md), such as Azure Logic Apps and Azure Functions, that are triggered by the corresponding events in a [sign-in event](../resources/signin.md).
## Properties |Property|Type|Description| |:|:|:|
-|eventType|authenticationEventType|The type of authentication event that triggered the custom extension request. The possible values are: `tokenIssuanceStart`, `pageRenderStart`, `unknownFutureValue`.|
-|executedListenerId|String|ID of the Event Listener that was executed.|
+|eventType|authenticationEventType|The type of authentication event that triggered the custom authentication extension request. The possible values are: `tokenIssuanceStart`, `pageRenderStart`, `unknownFutureValue`.|
+|executedListenerId|String|ID of the [authentication event listener](authenticationeventlistener.md) that was executed.|
|handlerResult|[authenticationEventHandlerResult](../resources/authenticationeventhandlerresult.md)|The result from the listening client, such as an Azure Logic App and Azure Functions, of this authentication event.| ## Relationships
v1.0 Attacksimulationuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/attacksimulationuser.md
Represents a user in an attack simulation and training campaign.
|:|:|:| |displayName|String|Display name of the user.| |email|String|Email address of the user.|
-|userId|String|This is the **id** property value of the [user](../resources/user.md) resource that represents the user in the Azure Active Directory tenant.|
+|outOfOfficeDays|Number of days the user is OOF during a simulation journey/course of a campaign.|
+|userId|String|**id** property value of the [user](../resources/user.md) resource that represents the user in the Azure Active Directory tenant.|
## Relationships None.
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.attackSimulationUser",
- "userId": "String",
"displayName": "String",
- "email": "String"
+ "email": "String",
+ "outOfOfficeDays": "Int",
+ "userId": "String"
} ```
v1.0 Attendancerecord https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/attendancerecord.md
Contains information associated with an attendance record in a [meetingAttendanc
| Property | Type | Description| |:--|:--|:--| | attendanceIntervals | [attendanceInterval](attendanceinterval.md) collection | List of time periods between joining and leaving a meeting. |
-| emailAddress | String | Email address of the user associated with this atttendance record. |
-| identity | [identity](identity.md) | Identity of the user associated with this atttendance record. The specific type will be one of the following derived types of [identity](identity.md), depending on the type of the user: [communicationsUserIdentity](communicationsUserIdentity.md), [azureCommunicationServicesUserIdentity](azureCommunicationServicesUserIdentity.md). |
+| emailAddress | String | Email address of the user associated with this attendance record. |
+| identity | [identity](identity.md) | Identity of the user associated with this attendance record. The specific type will be one of the following derived types of [identity](identity.md), depending on the type of the user: [communicationsUserIdentity](communicationsUserIdentity.md), [azureCommunicationServicesUserIdentity](azureCommunicationServicesUserIdentity.md). |
| role | String | Role of the attendee. Possible values are: `None`, `Attendee`, `Presenter`, and `Organizer`. | | registrantId | String | Unique identifier of a [meetingRegistrant](meetingregistrantbase.md). Presents when the participant has registered for the meeting. | | totalAttendanceInSeconds | Int32 | Total duration of the attendances in seconds. |
v1.0 Authenticationattributecollectioninputconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationattributecollectioninputconfiguration.md
+
+ Title: "authenticationAttributeCollectionInputConfiguration resource type"
+description: "Represents the configuration of attributes being collected on an attribute collection page that is part of a self-service user flow for external identities."
+
+ms.localizationpriority: medium
++
+# authenticationAttributeCollectionInputConfiguration resource type
+
+Namespace: microsoft.graph
++
+Represents the display configuration of attributes being collected on an attribute collection page that is part of a self-service user flow for external identities.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|attribute|String|The built-in or custom attribute for which a value is being collected.|
+|defaultValue|String|The default value of the attribute displayed to the end user.|
+|editable|Boolean|Whether the attribute is editable by the end user. |
+|hidden|Boolean|Whether the attribute is displayed to the end user.|
+|inputType|authenticationAttributeCollectionInputType|The type of input field. The possible values are: `text`, `radioSingleSelect`, `checkboxMultiSelect`, `boolean`, `checkboxSingleSelect`, `unknownFutureValue`.|
+|label|String|The label of the attribute field that will be displayed to end user, unless overridden.|
+|options|[authenticationAttributeCollectionOptionConfiguration](../resources/authenticationattributecollectionoptionconfiguration.md) collection|The option values for certain multiple-option input types.|
+|required|Boolean|Whether the field is required.|
+|validationRegEx|String|The regex for the value of the field.|
+|writeToDirectory|Boolean|Whether the value collected will be stored.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionInputConfiguration"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationAttributeCollectionInputConfiguration",
+ "attribute": "String",
+ "label": "String",
+ "inputType": "String",
+ "defaultValue": "String",
+ "hidden": "Boolean",
+ "editable": "Boolean",
+ "writeToDirectory": "Boolean",
+ "required": "Boolean",
+ "validationRegEx": "String",
+ "options": [
+ {
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionOptionConfiguration"
+ }
+ ]
+}
+```
+
v1.0 Authenticationattributecollectionoptionconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationattributecollectionoptionconfiguration.md
+
+ Title: "authenticationAttributeCollectionOptionConfiguration resource type"
+description: "Represents the configuration of option values for certain input types on an attribute collection page that is part of a self-service user flow for external identities."
+
+ms.localizationpriority: medium
++
+# authenticationAttributeCollectionOptionConfiguration resource type
+
+Namespace: microsoft.graph
++
+Represents the option values for certain input types, such as radio buttons, on an attribute collection page that is part of a self-service user flow for external identities.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|label|String|The label of the option that will be displayed to user, unless overridden.|
+|value|String|The value of the option that will be stored.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionOptionConfiguration"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationAttributeCollectionOptionConfiguration",
+ "label": "String",
+ "value": "String"
+}
+```
+
v1.0 Authenticationattributecollectionpage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationattributecollectionpage.md
+
+ Title: "authenticationAttributeCollectionPage resource type"
+description: "Represents the attribute collection page that is part of a self-service user flow for external identities."
+
+ms.localizationpriority: medium
++
+# authenticationAttributeCollectionPage resource type
+
+Namespace: microsoft.graph
++
+Represents the attribute collection page that is part of a self-service user flow for external identities.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|customStringsFileId|String|Nullable.|
+|views|[authenticationAttributeCollectionPageViewConfiguration](../resources/authenticationattributecollectionpageviewconfiguration.md) collection|A collection of displays of the attribute collection page.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionPage"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationAttributeCollectionPage",
+ "customStringsFileId": "String",
+ "views": [
+ {
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionPageViewConfiguration"
+ }
+ ]
+}
+```
+
v1.0 Authenticationattributecollectionpageviewconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationattributecollectionpageviewconfiguration.md
+
+ Title: "authenticationAttributeCollectionPageViewConfiguration resource type"
+description: "Represents the view of the attribute collection page that is part of a self-service user flow for external identities."
+
+ms.localizationpriority: medium
++
+# authenticationAttributeCollectionPageViewConfiguration resource type
+
+Namespace: microsoft.graph
++
+Represents the display of the attribute collection page that is part of a self-service user flow for external identities.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|description|String|The description of the page.|
+|inputs|[authenticationAttributeCollectionInputConfiguration](../resources/authenticationattributecollectioninputconfiguration.md) collection|The display configuration of attributes being collected on the attribute collection page.|
+|title|String|The title of the attribute collection page.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionPageViewConfiguration"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationAttributeCollectionPageViewConfiguration",
+ "title": "String",
+ "description": "String",
+ "inputs": [
+ {
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionInputConfiguration"
+ }
+ ]
+}
+```
+
v1.0 Authenticationconditionapplication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationconditionapplication.md
+
+ Title: "authenticationConditionApplication resource type"
+description: "An object representing the application that will be triggered for an authenticationEventListener."
+
+ms.localizationpriority: medium
++
+# authenticationConditionApplication resource type
+
+Namespace: microsoft.graph
++
+An object representing the application that will be triggered for an authenticationEventListener.
+
+## Methods
+
+| Method | Return Type | Description |
+|:-|:|:|
+|[List linked applications](../api/authenticationconditionsapplications-list-includeapplications.md)|[authenticationConditionApplication](../resources/authenticationconditionapplication.md) collection|List listeners associated with an external identities self-service sign-up user flow.|
+|[Add linked application](../api/authenticationconditionsapplications-post-includeapplications.md)|None|List listeners associated with an external identities self-service sign-up user flow.|
+|[Remove linked application](../api/authenticationconditionapplication-delete.md)|None|List listeners associated with an external identities self-service sign-up user flow.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|appId|String|The identifier for an application corresponding to a condition which will trigger an authenticationEventListener.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.authenticationConditionApplication",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationConditionApplication",
+ "appId": "String"
+}
+```
+
v1.0 Authenticationconditions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationconditions.md
+
+ Title: "authenticationConditions resource type"
+description: "The conditions on which an authenticationEventListener should trigger."
+
+ms.localizationpriority: medium
++
+# authenticationConditions resource type
+
+Namespace: microsoft.graph
++
+The conditions on which an authenticationEventListener should trigger, for example, in a [user flow](authenticationeventsflow.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|applications|[authenticationConditionsApplications](../resources/authenticationconditionsapplications.md)|Applications which will trigger a custom authentication extension.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.authenticationConditions"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationConditions",
+ "applications": {
+ "@odata.type": "microsoft.graph.authenticationConditionsApplications"
+ }
+}
+```
+
v1.0 Authenticationconditionsapplications https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationconditionsapplications.md
+
+ Title: "authenticationConditionsApplications resource type"
+description: "The applications on which an authenticationEventListener should trigger."
+
+ms.localizationpriority: medium
++
+# authenticationConditionsApplications resource type
+
+Namespace: microsoft.graph
++
+The applications on which an authenticationEventListener should trigger.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|includeAllApplications|Boolean|Whether the custom authentication extension should trigger for all applications with appIds specified in the **includeApplications** relationship. This property must be set to `false` for listener of type **onTokenIssuanceStartListener**.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|includeApplications|[authenticationConditionApplication](../resources/authenticationconditionapplication.md) collection|Collection of the application conditions on which an authenticationEventListener should trigger.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.authenticationConditionsApplications"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationConditionsApplications",
+ "includeAllApplications": "Boolean"
+}
+```
+
v1.0 Authenticationconfigurationvalidation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationconfigurationvalidation.md
+
+ Title: "authenticationConfigurationValidation resource type"
+description: "The result of a validateAuthenticationConfiguration action that validates a customAuthenticationExtension configuration."
+
+ms.localizationpriority: medium
++
+# authenticationConfigurationValidation resource type
+
+Namespace: microsoft.graph
++
+The validation result of a [validateAuthenticationConfiguration action](../api/customauthenticationextension-validateauthenticationconfiguration.md) that validates a [customAuthenticationExtension](../resources/customauthenticationextension.md) configuration.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|errors|[genericError](../resources/genericerror.md) collection|Errors in the validation result of a [customAuthenticationExtension](../resources/customauthenticationextension.md).|
+|warnings|[genericError](../resources/genericerror.md) collection|Warnings in the validation result of a [customAuthenticationExtension](../resources/customauthenticationextension.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.authenticationConfigurationValidation"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationConfigurationValidation",
+ "errors": [
+ {
+ "@odata.type": "microsoft.graph.genericError"
+ }
+ ],
+ "warnings": [
+ {
+ "@odata.type": "microsoft.graph.genericError"
+ }
+ ]
+}
+```
+
v1.0 Authenticationeventhandlerresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationeventhandlerresult.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-An abstract type that defines the result of authentication to event listeners in Azure AD sign-ins. This abstract type is inherited by the [customExtensionCalloutResult](../resources/customextensioncalloutresult.md) resource type.
+An abstract type that defines the result of authentication to [event listeners](authenticationeventlistener.md) in Azure AD sign-ins. This abstract type is inherited by the [customExtensionCalloutResult](../resources/customextensioncalloutresult.md) resource type.
## Properties None.
v1.0 Authenticationeventlistener https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationeventlistener.md
+
+ Title: "authenticationEventListener resource type"
+description: "**Representation of listener for on events in the authentication process**"
+
+ms.localizationpriority: medium
++
+# authenticationEventListener resource type
+
+Namespace: microsoft.graph
++
+To customize the authentication process, listeners can be registered which specify that for some event, on some conditions, some custom logic can be invoked. This is an abstract type from which the following types are derived.
+
+- [onTokenIssuanceStartListener resource type](../resources/ontokenissuancestartlistener.md) resource type
+- [onInteractiveAuthFlowStartListener resource type](../resources/oninteractiveauthflowstartlistener.md) resource type
+- [onAuthenticationMethodLoadStartListener resource type](../resources/onauthenticationmethodloadstartlistener.md) resource type
+- [onAttributeCollectionListener resource type](../resources/onattributecollectionlistener.md) resource type
+- [onUserCreateStartListener resource type](../resources/onusercreatestartlistener.md) resource type
+
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List authenticationEventListeners](../api/identitycontainer-list-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md) collection|Retrieve a list of the following object types derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Create authenticationEventListener](../api/identitycontainer-post-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Create a new [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Get authenticationEventListener](../api/authenticationeventlistener-get.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Read the properties and relationships of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Update authenticationEventListener](../api/authenticationeventlistener-update.md)|None|Update the properties of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Delete authenticationEventListener](../api/authenticationeventlistener-delete.md)|None|Delete an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationEventsFlowId|String|The identifier of the [authenticationEventsFlow](../resources/authenticationeventsflow.md) object.|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|The conditions on which this authenticationEventListener should trigger.|
+|id|String|Identifier for this authenticationEventListener. Inherited from [entity](../resources/entity.md).|
+|priority|Int32| The priority of this handler. Between 0 (lower priority) and 1000 (higher priority).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.authenticationEventListener",
+ "baseType": "microsoft.graph.entity",
+ "openType": true
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationEventListener",
+ "id": "String (identifier)",
+ "priority": "Integer",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "authenticationEventsFlowId": "String"
+}
+```
+
v1.0 Authenticationeventsflow https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationeventsflow.md
+
+ Title: "authenticationEventsFlow resource type"
+description: "An abstract entity that represents a multi-event policy used to orchestrate an authentication flow."
+
+ms.localizationpriority: medium
++
+# authenticationEventsFlow resource type
+
+Namespace: microsoft.graph
++
+Entity that represents a multi-event policy, that is, a **user flow**, and holds the handler configuration for multiple events. Each property of name *eventType* is optional and corresponds to the handler configuration on the event listener. This is a management level for the atomic authenticationEventListener that allows for managing of multiple listeners under the same priority and condition set. This provides a better managed view of checking which event listeners will be executed under a certain circumstance.
+
+If no handler is set for an event, then this policy will not affect that event in any authentication, i.e. no listener will be created for that event.
+
+Additionally, this entity works as an orchestration step for the various event listeners it manages. For each event listener managed by the entity, it will create, modify, or delete the event listener accordingly. This means on creation time, it will create multiple event listeners and handle any rollback scenarios for any failing requests.
+
+This is an abstract type from which the [externalUsersSelfServiceSignUpEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) object type is derived.
+
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List](../api/identitycontainer-list-authenticationeventsflows.md)|[authenticationEventsFlow](../resources/authenticationeventsflow.md) collection|Retrieve a list of the [authenticationEventsFlow](../resources/authenticationeventsflow.md) objects and their properties. Only objects of the [externalUserSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) subtype are available.|
+|[Create](../api/identitycontainer-post-authenticationeventsflows.md)|[authenticationEventsFlow](../resources/authenticationeventsflow.md)|Create a new [authenticationEventsFlow](../resources/authenticationeventsflow.md) object. Only objects of the [externalUserSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) subtype are supported.|
+|[Get](../api/authenticationeventsflow-get.md)|[authenticationEventsFlow](../resources/authenticationeventsflow.md)|Read the properties and relationships of an [authenticationEventsFlow](../resources/authenticationeventsflow.md) object. Only objects of the [externalUserSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) subtype are available.|
+|[Update](../api/authenticationeventsflow-update.md)|None|Update the properties of an [authenticationEventsFlow](../resources/authenticationeventsflow.md) object. Only objects of the [externalUserSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) subtype are available.|
+|[Delete](../api/authenticationeventsflow-delete.md)|None|Delete an [authenticationEventsFlow](../resources/authenticationeventsflow.md) object. Only objects of the [externalUserSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md) subtype are supported. |
+|[List linked applications](../api/authenticationconditionsapplications-list-includeapplications.md)|[authenticationConditionApplication](../resources/authenticationconditionapplication.md) collection|List listeners associated with an external identities self-service sign-up user flow.|
+|[Add linked application](../api/authenticationconditionsapplications-post-includeapplications.md)|None|List listeners associated with an external identities self-service sign-up user flow.|
+|[Remove linked application](../api/authenticationconditionapplication-delete.md)|None|List listeners associated with an external identities self-service sign-up user flow.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|The unique identifier for the entity. Read-only. Inherited from [entity](../resources/entity.md). Auto-generated.|
+|displayName|String|Required. The display name for the events policy.|
+|description|String|The description of the events policy.|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|The conditions representing the context of the authentication request which will be used to decide whether the events policy will be invoked.|
+|priority|Int32|The priority to use for each individual event of the events policy. If multiple competing listeners for an event have the same priority, one is chosen and an error is silently logged. Defaults to 500.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.authenticationEventsFlow",
+ "baseType": "microsoft.graph.entity",
+ "openType": true
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.authenticationEventsFlow",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "priority": "Integer"
+}
+```
+
v1.0 Authenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationmethodtarget.md
A collection of groups that are enabled to use an authentication method as part
|id|String|Object identifier of an Azure AD user or group.| |isRegistrationRequired|Boolean|Determines if the user is enforced to register the authentication method.| |targetType|authenticationMethodTargetType| Possible values are: `group`, and `unknownFutureValue`. From December 2022, targeting individual users using `user` is no longer recommended. Existing targets will remain but we recommend to move the individual users to a targeted group.|
-|useForSignIn|Boolean|Determines if the authentication method can be used to sign in to Azure AD.|
## Relationships None.
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.authenticationMethodTarget", "id": "String (identifier)", "targetType": "String",
- "isRegistrationRequired": "Boolean",
- "useForSignIn": "Boolean"
+ "isRegistrationRequired": "Boolean"
} ```
v1.0 Authorizationpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authorizationpolicy.md
Represents a policy that can control Azure Active Directory authorization settin
| Property | Type | Description | |-|-|-| |allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
-|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
+|allowedToUseSSPR|Boolean| Indicates whether the Admin Self-Serve Password Reset feature is enabled on the tenant. |
|allowEmailVerifiedUsersToJoinOrganization|Boolean| Indicates whether a user can join the tenant by email validation. | |allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. See more in the [table below](#allowinvitesfrom-values).|
-|allowUserConsentForRiskyApps|Boolean| Indicates whether [user consent for risky apps](/azure/active-directory/manage-apps/configure-risk-based-step-up-consent) is allowed. We recommend to keep this as `false`. |
+|allowUserConsentForRiskyApps|Boolean| Indicates whether [user consent for risky apps](/azure/active-directory/manage-apps/configure-risk-based-step-up-consent) is allowed. Default value is `false`. We recommend that you keep the value set to `false`. |
|blockMsolPowerShell|Boolean| To disable the use of the [MSOnline PowerShell module](/powershell/module/msonline) set this property to `true`. This will also disable user-based access to the legacy service endpoint used by the MSOnline PowerShell module. This does not affect Azure AD Connect or Microsoft Graph. | |defaultUserRolePermissions|[defaultUserRolePermissions](defaultUserRolePermissions.md)| Specifies certain customizable permissions for default user role. | |description|String| Description of this policy.|
The following is a JSON representation of the resource.
```json {
- "id": "String (identifier)",
+ "allowEmailVerifiedUsersToJoinOrganization": "Boolean",
+ "allowInvitesFrom": "String",
+ "allowUserConsentForRiskyApps": "Boolean",
+ "allowedToSignUpEmailBasedSubscriptions": "Boolean",
+ "allowedToUseSSPR": "Boolean",
+ "blockMsolPowerShell": "Boolean",
+ "defaultUserRolePermissions": {"@odata.type": "microsoft.graph.defaultUserRolePermissions"},
"description": "String", "displayName": "String", "enabledPreviewFeatures": "[String]", "guestUserRoleId": "Guid",
- "allowUserConsentForRiskyApps": false,
- "blockMsolPowerShell": true,
- "defaultUserRolePermissions": {"@odata.type": "microsoft.graph.defaultUserRolePermissions"},
- "allowedToUseSSPR": true,
- "allowedToSignUpEmailBasedSubscriptions": true,
- "allowEmailVerifiedUsersToJoinOrganization": true,
- "allowInvitesFrom": "String",
+ "id": "String (identifier)",
"permissionGrantPolicyIdsAssignedToDefaultUserRole": "[String]" } ```
v1.0 Callrecords Mediastream https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/callrecords-mediastream.md
Represents information about a media stream between two endpoints in a call.
|averageAudioDegradation|Double|Average Network Mean Opinion Score degradation for stream. Represents how much the network loss and jitter has impacted the quality of received audio.| |averageAudioNetworkJitter|Duration|Average jitter for the stream computed as specified in [RFC 3550][], denoted in [ISO 8601][] format. For example, 1 second is denoted as `'PT1S'`, where 'P' is the duration designator, 'T' is the time designator, and 'S' is the second designator.| |averageBandwidthEstimate|Int64|Average estimated bandwidth available between two endpoints in bits per second.|
+|averageFreezeDuration|Duration|Average of the received freeze duration related to the video stream.|
|averageJitter|Duration|Average jitter for the stream computed as specified in [RFC 3550][], denoted in [ISO 8601][] format. For example, 1 second is denoted as `'PT1S'`, where 'P' is the duration designator, 'T' is the time designator, and 'S' is the second designator.| |averagePacketLossRate|Double|Average packet loss rate for stream.| |averageRatioOfConcealedSamples|Double|Ratio of the number of audio frames with samples generated by packet loss concealment to the total number of audio frames.|
Represents information about a media stream between two endpoints in a call.
|averageVideoFrameRate|Double|Average frames per second received for a video stream, computed over the duration of the session.| |averageVideoPacketLossRate|Double|Average fraction of packets lost, as specified in [RFC 3550][], computed over the duration of the session.| |endDateTime|DateTimeOffset|UTC time when the stream ended. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`|
+|isAudioForwardErrorCorrectionUsed|Boolean|Indicates whether the forward error correction (FEC) was used at some point during the session. The default value is null.|
|lowFrameRateRatio|Double|Fraction of the call where frame rate is less than 7.5 frames per second.| |lowVideoProcessingCapabilityRatio|Double|Fraction of the call that the client is running less than 70% expected video processing capability.| |maxAudioNetworkJitter|Duration|Maximum of audio network jitter computed over each of the 20 second windows during the session, denoted in [ISO 8601][] format. For example, 1 second is denoted as `'PT1S'`, where 'P' is the duration designator, 'T' is the time designator, and 'S' is the second designator.|
Represents information about a media stream between two endpoints in a call.
|maxRoundTripTime|Duration|Maximum network propagation round-trip time computed as specified in [RFC 3550][], denoted in [ISO 8601][] format. For example, 1 second is denoted as `'PT1S'`, where 'P' is the duration designator, 'T' is the time designator, and 'S' is the second designator.| |packetUtilization|Int64|Packet count for the stream.| |postForwardErrorCorrectionPacketLossRate|Double|Packet loss rate after FEC has been applied aggregated across all video streams and codecs.|
+|rmsFreezeDuration|Duration|Root mean square of the received freeze duration related to the video stream.|
|startDateTime|DateTimeOffset|UTC time when the stream started. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |streamDirection|microsoft.graph.callRecords.mediaStreamDirection|Indicates the direction of the media stream. Possible values are: `callerToCallee`, `calleeToCaller`.| |streamId|String|Unique identifier for the stream.| |videoCodec|microsoft.graph.callRecords.videoCodec|Codec name used to encode video for transmission on the network. Possible values are: `unknown`, `invalid`, `av1`, `h263`, `h264`, `h264s`, `h264uc`, `h265`, `rtvc1`, `rtVideo`, `xrtvc1`, `unknownFutureValue`.| |wasMediaBypassed|Boolean|True if the media stream bypassed the Mediation Server and went straight between client and PSTN Gateway/PBX, false otherwise.| - ## JSON representation The following is a JSON representation of the resource.
The following is a JSON representation of the resource.
"averageAudioDegradation": "Double", "averageAudioNetworkJitter": "String (duration)", "averageBandwidthEstimate": 1024,
+ "averageFreezeDuration": "String (duration)",
"averageJitter": "String (duration)", "averagePacketLossRate": "Double", "averageRatioOfConcealedSamples": "Double",
The following is a JSON representation of the resource.
"averageVideoFrameRate": "Double", "averageVideoPacketLossRate": "Double", "endDateTime": "String (timestamp)",
+ "isAudioForwardErrorCorrectionUsed": "Boolean",
"lowFrameRateRatio": "Double", "lowVideoProcessingCapabilityRatio": "Double", "maxAudioNetworkJitter": "String (duration)",
The following is a JSON representation of the resource.
"maxRoundTripTime": "String (duration)", "packetUtilization": 1024, "postForwardErrorCorrectionPacketLossRate": "Double",
+ "rmsFreezeDuration": "String (duration)",
"startDateTime": "String (timestamp)", "streamDirection": "String", "streamId": "String",
v1.0 Callrecords Participantendpoint https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/callrecords-participantendpoint.md
a user or user-like entity. Inherits from [endpoint](callrecords-endpoint.md) ty
| Property | Type | Description | |:-|:|:|
-|userAgent|[microsoft.graph.callRecords.userAgent](callrecords-useragent.md)|User-agent reported by this endpoint.|
+|cpuCoresCount|Int32|CPU number of cores used by the media endpoint.|
+|cpuName|String|CPU name used by the media endpoint.|
+|cpuProcessorSpeedInMhz|Int32|CPU processor speed used by the media endpoint.|
|feedback|[microsoft.graph.callRecords.userFeedback](callrecords-userfeedback.md)|The feedback provided by the user of this endpoint about the quality of the session.| |identity|[identitySet](identityset.md)|Identity associated with the endpoint.|
+|name|String|Name of the device used by the media endpoint.|
+|userAgent|[microsoft.graph.callRecords.userAgent](callrecords-useragent.md)|User-agent reported by this endpoint.|
## JSON representation
The following is a JSON representation of the resource.
```json {
- "userAgent": {"@odata.type": "microsoft.graph.callRecords.userAgent"},
- "feedback": {"@odata.type": "microsoft.graph.callRecords.userFeedback"},
- "identity": {"@odata.type": "microsoft.graph.identitySet"}
+ "userAgent": {"@odata.type": "microsoft.graph.callRecords.userAgent"},
+ "feedback": {"@odata.type": "microsoft.graph.callRecords.userFeedback"},
+ "name": "String",
+ "cpuName": "String",
+ "cpuCoresCount": "Int32",
+ "cpuProcessorSpeedInMhz": "Int32",
+ "identity": {"@odata.type": "microsoft.graph.identitySet"}
} ```
v1.0 Callrecords Session https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/callrecords-session.md
Represents a user-user communication or a user-meeting communication in the case
|endDateTime|DateTimeOffset|UTC time when the last user left the session. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |failureInfo|[microsoft.graph.callRecords.failureInfo](callrecords-failureinfo.md)|Failure information associated with the session if the session failed.| |id|string|Unique identifier for the session. Read-only.|
+|isTest|Boolean|Specifies whether the session is a test.|
|modalities|microsoft.graph.callRecords.modality collection|List of modalities present in the session. Possible values are: `unknown`, `audio`, `video`, `videoBasedScreenSharing`, `data`, `screenSharing`, `unknownFutureValue`.| |startDateTime|DateTimeOffset|UTC fime when the first user joined the session. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`|
The following is a JSON representation of the resource.
"endDateTime": "String (timestamp)", "failureInfo": {"@odata.type": "microsoft.graph.callRecords.failureInfo"}, "id": "String (identifier)",
+ "isTest": "Boolean",
"modalities": ["string"], "startDateTime": "String (timestamp)" }
v1.0 Cloudpconpremisesconnectionhealthcheck https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpconpremisesconnectionhealthcheck.md
The result of a Cloud PC Azure network connection health check.
|internalServerErrorAllocateResourceFailed|The allocation of resources failed. Please try again later. If the problem persists, please contact support.| |internalServerErrorVMDeploymentTimeout|The virtual machine deployment timed out. Please try again later. If the problem persists, please contact support.| |internalServerErrorUnableToRunDscScript|During provisioning, some PowerShell DSC scripts are executed on the Cloud PC. Unable to either download these DSC scripts or execute them during the health check. Please ensure vNet has unrestricted access to the required endpoints, and PowerShell isn't blocked in the environment or Group Policy.|
+|ssoCheckKerberosConfigurationError|The Azure Active Directory (Azure AD) Kerberos is not configured properly, so the user failed to sign in to the Cloud PC through single sign-on (SSO) or receive SSO access to Kerberos-based resources on the network.|
|internalServerUnknownError|The provisioning has failed due to an internal error. Please contact customer support.| |unknownFutureValue|Evolvable enumeration sentinel value. Do not use.|
v1.0 Cloudpcprovisioningpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcprovisioningpolicy.md
Represents a Cloud PC provisioning policy.
|:|:|:| |alternateResourceUrl|String|The URL of the alternate resource that links to this provisioning policy. Read-only.| |cloudPcGroupDisplayName|String|The display name of the Cloud PC group that the Cloud PCs reside in. Read-only.|
+|cloudPcNamingTemplate|`Edm.String`|The template used to name Cloud PCs provisioned using this policy. This can contain custom text and replacement tokens, including %USERNAME:x% and %RAND:x%, which represent the user's name and a randomly generated number, respectively. For example, "CPC-%USERNAME:4%-%RAND:5%" means that the Cloud PC's name will start with "CPC-", have a four-character username in the middle followed by a "-" character, and end with five random characters. The total length of the text generated by the template can be no more than 15 characters. Supports `$filter`, `$select`, `$orderBy`.
|description|String|The provisioning policy description.| |displayName|String|The display name for the provisioning policy.| |domainJoinConfiguration|[cloudPcDomainJoinConfiguration](../resources/cloudpcdomainjoinconfiguration.md)|Specifies how Cloud PCs will join Azure Active Directory.|
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.cloudPcProvisioningPolicy", "alternateResourceUrl": "String", "cloudPcGroupDisplayName": "String",
+ "cloudPcNamingTemplate": "String",
"description": "String", "displayName": "String", "domainJoinConfiguration": { "@odata.type": "microsoft.graph.cloudPcDomainJoinConfiguration" },
+ "domainJoinConfigurations": "Collection(microsoft.graph.cloudPcDomainJoinConfiguration)",
+ "gracePeriodInHours": "Integer",
"enableSingleSignOn": "Boolean", "gracePeriodInHours": "Int32", "id": "String (identifier)",
v1.0 Cloudpcprovisioningpolicyassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcprovisioningpolicyassignment.md
Represents a defined collection of provisioning policy assignments.
|target|[cloudPcManagementAssignmentTarget](../resources/cloudpcmanagementassignmenttarget.md)|The assignment target for the provisioning policy. Currently, the only target supported for this policy is a user group. For details, see [cloudPcManagementGroupAssignmentTarget](cloudpcmanagementgroupassignmenttarget.md). | ## Relationships-
-None.
+|Relationship|Type|Description|
+|:|:|:|
+|assignedUsers|[user](../resources/user.md) collection|The assignment targeted users for the provisioning policy. This list of users is computed based on assignments, licenses, group memberships, and policies. This property is read-only. Supports` $expand`.|
## JSON representation
v1.0 Communications Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/communications-api-overview.md
This API provides calling functionality as well as the ability to create and ret
One of the following [permissions](/graph/permissions-reference#calls-permissions) is required to access the cloud communications API. These permissions need to be granted by the administrator.
-| Scenario | Permissions |
-|:|:|
-| Calling | Calls.JoinGroupCallsasGuest.All, Calls.JoinGroupCalls.All, Calls.Initiate.All, Calls.InitiateGroupCalls.All, Calls.AccessMedia.All |
-| Meetings | OnlineMeetings.ReadWrite.All, OnlineMeetings.Read.All |
-| Presence | Presence.Read, Presence.Read.All |
-| Call records | CallRecords.Read.All |
+| Scenario | Permissions |
+|:-|:--|
+| Calling | Calls.JoinGroupCallAsGuest.All, Calls.JoinGroupCall.All, Calls.Initiate.All, Calls.InitiateGroupCall.All, Calls.AccessMedia.All |
+| Meetings | OnlineMeetings.ReadWrite.All, OnlineMeetings.Read.All |
+| Presence | Presence.Read, Presence.Read.All |
+| Call records | CallRecords.Read.All |
## Common use cases
v1.0 Conditionalaccessallexternaltenants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/conditionalaccessallexternaltenants.md
Title: "conditionalAccessAllExternalTenants resource type"
-description: "Represents all external tenants in the policy scope."
+description: "Represents all external tenants in a policy scope."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Inherits from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md) resource. Represents all external tenants in the policy scope.
+Represents all external tenants in a policy scope.
+
+Inherits from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md).
## Properties | Property | Type | Description | |:-|:|:|
-| membershipKind |conditionalAccessExternalTenantsMembershipKind | Represents the membership kind. Supported values are: `all`, [`enumerated`](conditionalaccessenumeratedexternaltenants.md), and `unknownFutureValue`. |
+| membershipKind |conditionalAccessExternalTenantsMembershipKind | The membership kind. Possible values are: `all`, `enumerated`, `unknownFutureValue`. The `enumerated` member references an [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md) object. Inherited from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md). |
## Relationships
v1.0 Conditionalaccessenumeratedexternaltenants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/conditionalaccessenumeratedexternaltenants.md
Title: "conditionalAccessEnumeratedExternalTenants resource type"
-description: "Represents a list of external tenants in the policy scope."
+description: "Represents a list of external tenants in a policy scope."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents a list of external tenants in the policy scope.
+Represents a list of external tenants in a policy scope.
+
+Inherits from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md).
## Properties | Property | Type | Description | |:-|:|:|
-| members | String collection | Represents a collection of tenant ids in the scope of Conditional Access for guests and external users policy targeting. |
+| members | String collection | A collection of tenant IDs that define the scope of a policy targeting conditional access for guests and external users. |
+| membershipKind |conditionalAccessExternalTenantsMembershipKind | The membership kind. Possible values are: `all`, `enumerated`, `unknownFutureValue`. The `enumerated` member references an [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md) object. Inherited from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md). |
## Relationships
The following is a JSON representation of the resource.
"members" ], "@odata.type": "microsoft.graph.conditionalAccessEnumeratedExternalTenants",
- "baseType": null
+ "baseType": "microsoft.graph.conditionalAccessExternalTenants"
}--> ```json {
- "members": ["String"]
+ "@odata.type": "#microsoft.graph.conditionalAccessEnumeratedExternalTenants",
+ "members": ["String"],
+ "membershipKind": "String"
} ```
v1.0 Conditionalaccessexternaltenants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/conditionalaccessexternaltenants.md
Title: "conditionalAccessExternalTenants resource type"
-description: "An abstract type that represents external tenants in the policy scope. This abstract type is inherited by conditionalAccessAllExternalTenants and conditionalAccessEnumeratedExternalTenants."
+description: "An abstract type that represents external tenants in a policy scope."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-An abstract type that represents external tenants in the policy scope. This abstract type is inherited by conditionalAccessAllExternalTenants and conditionalAccessEnumeratedExternalTenants.
+An abstract type that represents external tenants in a policy scope.
+
+Base type of [conditionalAccessAllExternalTenants](../resources/conditionalaccessallexternaltenants.md) and [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md).
## Properties | Property | Type | Description | |:-|:|:|
-| membershipKind |conditionalAccessExternalTenantsMembershipKind | Represents the membership kind. The possible values are: `all`, `enumerated`, `unknownFutureValue`. `enumerated` references an object of [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md) derived type. |
+| membershipKind |conditionalAccessExternalTenantsMembershipKind | The membership kind. Possible values are: `all`, `enumerated`, `unknownFutureValue`. The `enumerated` member references an [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md) object.|
## Relationships
v1.0 Conditionalaccessguestsorexternalusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/conditionalaccessguestsorexternalusers.md
Title: "conditionalAccessGuestsOrExternalUsers resource type"
-description: "Represents internal guests or external users in the policy scope."
+description: "Represents internal guests and external users in a policy scope."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents internal guests and/or external users in the policy scope.
+Represents internal guests and external users in a policy scope.
## Properties | Property | Type | Description | |:-|:|:|
-| guestOrExternalUserTypes | conditionalAccessGuestOrExternalUserTypes | Represents internal guests or external user types. This is a multi-valued property. Supported values are: `b2bCollaborationGuest`, `b2bCollaborationMember`, `b2bDirectConnectUser`, `internalGuest`, `OtherExternalUser`, `serviceProvider` and `unknownFutureValue`. |
-| externalTenants | [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md) | The tenant ids of the selected types of external users. It could be either all b2b tenant, or a collection of tenant ids. External tenants can be specified only when `guestOrExternalUserTypes` is not null or an empty string. |
+| externalTenants | [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md) | The tenant IDs of the selected types of external users. Either all B2B tenant or a collection of tenant IDs. External tenants can be specified only when the property **guestOrExternalUserTypes** is not `null` or an empty String. |
+| guestOrExternalUserTypes | conditionalAccessGuestOrExternalUserTypes | Indicates internal guests or external user types. This is a multi-valued property. Possible values are: `none`, `internalGuest`, `b2bCollaborationGuest`, `b2bCollaborationMember`, `b2bDirectConnectUser`, `otherExternalUser`, `serviceProvider`, `unknownFutureValue`. |
## Relationships
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.conditionalAccessGuestsOrExternalUsers",
- "guestOrExternalUserTypes": "String",
"externalTenants": { "@odata.type": "microsoft.graph.conditionalAccessExternalTenants"
- }
+ },
+ "guestOrExternalUserTypes": "String"
} ```
v1.0 Conditionalaccessusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/conditionalaccessusers.md
Represents users, groups, and roles included in and excluded from the policy sco
| Property | Type | Description | |:-|:|:| | excludeGroups | String collection | Group IDs excluded from scope of policy. |
-| excludeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users excluded in the policy scope. Optionally populated. |
+| excludeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users excluded from the policy scope. Optionally populated. |
| excludeRoles | String collection | Role IDs excluded from scope of policy. | | excludeUsers | String collection | User IDs excluded from scope of policy and/or `GuestsOrExternalUsers`. | | includeGroups | String collection | Group IDs in scope of policy unless explicitly excluded. |
The following is a JSON representation of the resource.
```json { "excludeGroups": ["String"],
+ "excludeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"},
"excludeRoles": ["String"], "excludeUsers": ["String"],
- "excludeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"},
"includeGroups": ["String"],
+ "includeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"},
"includeRoles": ["String"],
- "includeUsers": ["String"],
- "includeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"}
+ "includeUsers": ["String"]
} ```
v1.0 Credentialuserregistrationcount https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/credentialuserregistrationcount.md
Represents the current state of how many users in your organization are register
| Property | Type | Description | |:-|:|:| | id | String | The unique identifier for the activity. Read-only. |
-| totalUserCount | Int64 | Provides the total user count in the tenant. |
+| totalUserCount | Int64 | Provides the count of users with **accountEnabled** set to `true` in the tenant. |
| userRegistrationCounts | [userRegistrationCount](userregistrationcount.md) collection | A collection of registration count and status information for users in your tenant. | ## Relationships
v1.0 Crosstenantaccesspolicy Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/crosstenantaccesspolicy-overview.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-In the traditional Azure AD B2B collaboration, any invited user from an organization could use their identity to access resources in external organizations. Administrators didn't have control over the user identities in their tenant that are allowed to sign in to external organizations. These limited controls made it difficult to prevent identities from your organization from being used in unauthorized ways.
+In the traditional Azure AD (Azure Active Directory) B2B collaboration, any invited user from an organization could use their identity to access resources in external organizations. Administrators didn't have control over the user identities in their tenant that are allowed to sign in to external organizations. These limited controls made it difficult to prevent identities from your organization from being used in unauthorized ways.
**Cross-tenant access settings** let you control and manage collaboration between users in your organization and other organizations. The control can be on either **outbound access** (how your users collaborate with other organizations), **inbound access** (how other organizations collaborate with you), or both.
Inbound trust settings also enable you to trust devices that are compliant, or h
## Inbound cross-tenant sync in cross-tenant access settings
-You can enable cross-tenant synchronization to synchronize users from a partner tenant. Cross-tenant synchronization is a one-way synchronization service in Azure AD that automates creating, updating, and deleting B2B collaboration users across tenants in an organization. You create a user synchronization policy to streamline collaboration between users in multi-tenant organizations. Partner user synchronization settings are defined using the [crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md) resource type.
+You can enable cross-tenant synchronization to synchronize users from a partner tenant. Cross-tenant synchronization is a one-way synchronization service in Azure AD that automates the creation, update, and deletion of B2B collaboration users across tenants in an organization. You create a user synchronization policy to streamline collaboration between users in multi-tenant organizations. Partner user synchronization settings are defined using the [crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md) resource type.
## Collaborate with organizations using Azure Active Directory in different Microsoft clouds
v1.0 Crosstenantaccesspolicyconfigurationdefault https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/crosstenantaccesspolicyconfigurationdefault.md
The default configuration defined for inbound and outbound settings of Azure AD
|Property|Type|Description| |:|:|:|
+| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the default configuration for automatic user consent settings. The **inboundAllowed** and **outboundAllowed** properties are always `false` and cannot be updated in the default configuration. Read-only. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) |Defines your default configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) |Defines your default configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound |[crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users from other organizations accessing your resources via Azure AD B2B direct connect. | | b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) |Defines your default configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B direct connect. | | inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the default configuration for trusting other Conditional Access claims from external Azure AD organizations. |
-| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the default configuration for automatic user consent settings. `inboundAllowed` and `outboundAllowed` will always be false and cannot be updated in the default configuration. **Read only**. |
| isServiceDefault | Boolean | If `true`, the default configuration is set to the system default configuration. If `false`, the default settings have been customized. | ## Relationships
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.crossTenantAccessPolicyConfigurationDefault",
- "inboundTrust": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"
- },
- "b2bCollaborationOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bCollaborationInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "automaticUserConsentSettings": {
- "@odata.type": "microsoft.graph.inboundOutboundPolicyConfiguration"
- },
+ "automaticUserConsentSettings": {"@odata.type": "microsoft.graph.inboundOutboundPolicyConfiguration"},
+ "b2bCollaborationInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bCollaborationOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "inboundTrust": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"},
"isServiceDefault": "Boolean" } ```
v1.0 Crosstenantaccesspolicyconfigurationpartner https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/crosstenantaccesspolicyconfigurationpartner.md
For any partner-specific property that is `null`, these settings will inherit th
|Property|Type|Description| |:|:|:|
-| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the partner-specific configuration for automatic user consent settings. Unless specifically configured, the `inboundAllowed` and `outboundAllowed` properties will be **null** and inherit from the default settings, which is always `false`. |
+| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the partner-specific configuration for automatic user consent settings. Unless specifically configured, the **inboundAllowed** and **outboundAllowed** properties are `null` and inherit from the default settings, which is always `false`. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure B2B direct connect. |
For any partner-specific property that is `null`, these settings will inherit th
|Relationship|Type|Description| |:|:|:|
-|identitySynchronization|[crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md)|Defines the cross-tenant policy for synchronization of users from a partner tenant. Use this user synchronization policy to streamline collaboration between users in a multi-tenant organization by automating creating, updating, and deleting users from one tenant to another.|
+|identitySynchronization|[crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md)|Defines the cross-tenant policy for the synchronization of users from a partner tenant. Use this user synchronization policy to streamline collaboration between users in a multi-tenant organization by automating the creation, update, and deletion of users from one tenant to another.|
## JSON representation
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.crossTenantAccessPolicyConfigurationPartner",
- "tenantId": "String (identifier)",
- "inboundTrust": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"
- },
- "b2bCollaborationOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bCollaborationInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "automaticUserConsentSettings": {
- "@odata.type": "microsoft.graph.inboundOutboundPolicyConfiguration"
- },
- "isServiceProvider": "Boolean"
+ "automaticUserConsentSettings": {"@odata.type": "microsoft.graph.inboundOutboundPolicyConfiguration"},
+ "b2bCollaborationInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bCollaborationOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "inboundTrust": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"},
+ "isServiceProvider": "Boolean",
+ "tenantId": "String (identifier)"
} ```
v1.0 Crosstenantidentitysyncpolicypartner https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/crosstenantidentitysyncpolicypartner.md
Title: "crossTenantIdentitySyncPolicyPartner resource type"
-description: "Defines the cross-tenant policy for synchronization of users from a partner tenant. Use this user synchronization policy to streamline collaboration between users in a multi-tenant organization by automating creating, updating, and deleting users from one tenant to another."
+description: "Defines the cross-tenant policy for synchronization of users from a partner tenant."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Defines the cross-tenant policy for synchronization of users from a partner tenant. Use this user synchronization policy to streamline collaboration between users in a multi-tenant organization by automating creating, updating, and deleting users from one tenant to another.
+Defines the cross-tenant policy for synchronization of users from a partner tenant. Use this user synchronization policy to streamline collaboration between users in a multi-tenant organization by automating the creation, update, and deletion of users from one tenant to another.
## Methods+ |Method|Return type|Description| |:|:|:| |[Create crossTenantIdentitySyncPolicyPartner](../api/crosstenantaccesspolicyconfigurationpartner-put-identitysynchronization.md)|None|Create a cross-tenant user synchronization policy for a partner-specific configuration.|
-|[Get crossTenantIdentitySyncPolicyPartner](../api/crosstenantidentitysyncpolicypartner-get.md)|[crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md)|Read the user synchronization policy of a partner-specific configuration.|
+|[Get crossTenantIdentitySyncPolicyPartner](../api/crosstenantidentitysyncpolicypartner-get.md)|[crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md)|Get the user synchronization policy of a partner-specific configuration.|
|[Update crossTenantIdentitySyncPolicyPartner](../api/crosstenantidentitysyncpolicypartner-update.md)|None|Update the user synchronization policy of a partner-specific configuration.| |[Delete crossTenantIdentitySyncPolicyPartner](../api/crosstenantidentitysyncpolicypartner-delete.md)|None|Delete the user synchronization policy for a partner-specific configuration.| ## Properties+ |Property|Type|Description| |:|:|:|
-|displayName|String|Display name for the cross-tenant user synchronization policy. Use the name of the partner Azure AD tenant to easily identify the policy. Optional.|
+|displayName|String|Display name for the cross-tenant user synchronization policy. Use the name of the partner Azure AD (Azure Active Directory) tenant to easily identify the policy. Optional.|
|tenantId|String|Tenant identifier for the partner Azure AD organization. Read-only.| |userSyncInbound|[crossTenantUserSyncInbound](../resources/crosstenantusersyncinbound.md)|Defines whether users can be synchronized from the partner tenant. Key. | ## Relationships+ None. ## JSON representation+ The following is a JSON representation of the resource. <!-- { "blockType": "resource",
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.crossTenantIdentitySyncPolicyPartner",
- "tenantId": "String (identifier)",
"displayName": "String",
+ "tenantId": "String (identifier)",
"userSyncInbound": { "@odata.type": "microsoft.graph.crossTenantUserSyncInbound" } } ```-
v1.0 Crosstenantusersyncinbound https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/crosstenantusersyncinbound.md
Namespace: microsoft.graph
Defines whether users can be synchronized from the partner tenant. ## Properties+ |Property|Type|Description| |:|:|:|
-|isSyncAllowed|Boolean|Defines whether user objects should be synchronized from the partner tenant. If set to `false`, any current user synchronization from the source tenant to the target tenant will stop. There is no impact on existing users that have already been synchronized.|
+|isSyncAllowed|Boolean|Defines whether user objects should be synchronized from the partner tenant. `false` causes any current user synchronization from the source tenant to the target tenant to stop. This property has no impact on existing users who have already been synchronized.|
## Relationships+ None. ## JSON representation+ The following is a JSON representation of the resource. <!-- { "blockType": "resource",
The following is a JSON representation of the resource.
"isSyncAllowed": "Boolean" } ```-
v1.0 Customauthenticationextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customauthenticationextension.md
+
+ Title: "customAuthenticationExtension resource type"
+description: "Custom authentication extensions let you interact with external systems during a user authentication session."
+
+ms.localizationpriority: medium
++
+# customAuthenticationExtension resource type
+
+Namespace: microsoft.graph
++
+Custom authentication extensions define interactions with external systems during a user authentication session. This is an abstract type that's inherited by the [onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md) derived type.
++
+Inherits from [customCalloutExtension](../resources/customcalloutextension.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List customAuthenticationExtensions](../api/identitycontainer-list-customauthenticationextensions.md)|[customAuthenticationExtension](../resources/customauthenticationextension.md) collection|Get a list of the [customAuthenticationExtension](../resources/customauthenticationextension.md) objects and their properties.|
+|[Create customAuthenticationExtension](../api/identitycontainer-post-customauthenticationextensions.md)|[customAuthenticationExtension](../resources/customauthenticationextension.md)|Create a new [customAuthenticationExtension](../resources/customauthenticationextension.md) object.|
+|[Get customAuthenticationExtension](../api/customauthenticationextension-get.md)|[customAuthenticationExtension](../resources/customauthenticationextension.md)|Read the properties and relationships of a [customAuthenticationExtension](../resources/customauthenticationextension.md) object.|
+|[Update customAuthenticationExtension](../api/customauthenticationextension-update.md)|None|Update the properties of a [customAuthenticationExtension](../resources/customauthenticationextension.md) object.|
+|[Delete customAuthenticationExtension](../api/customauthenticationextension-delete.md)|None|Delete a [customAuthenticationExtension](../resources/customauthenticationextension.md) object.|
+|[validateAuthenticationConfiguration](../api/customauthenticationextension-validateauthenticationconfiguration.md)|[authenticationConfigurationValidation](../resources/authenticationconfigurationvalidation.md)|Check validity of the endpoint and and authentication configuration for a [customAuthenticationExtension](../resources/customauthenticationextension.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|The authentication configuration for the customAuthenticationExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|clientConfiguration|[customExtensionClientConfiguration](../resources/customextensionclientconfiguration.md)|The connection settings for the customAuthenticationExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|description|String|The description of the customAuthenticationExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|displayName|String|The display name for the customAuthenticationExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The HTTP endpoint that this custom extension calls. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|id|String|Identifier for the customAuthenticationExtension. Inherited from [entity](../resources/entity.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.customAuthenticationExtension",
+ "baseType": "microsoft.graph.customCalloutExtension",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customAuthenticationExtension",
+ "id": "String (identifier)",
+ "authenticationConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration"
+ },
+ "clientConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionClientConfiguration"
+ },
+ "description": "String",
+ "displayName": "String",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ }
+}
+```
+
v1.0 Customcalloutextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customcalloutextension.md
Title: "customCalloutExtension resource type"
-description: "An abstract type that defines the configuration for logic apps that can be integrated with the customer's entitlement management use cases to implement broader governance workflows. This abstract type is inherited by the customAccessPackageWorkflowExtension resource type"
+description: "An abstract type that defines the configuration for apps that can be integrated with the customer's identity flows."
ms.localizationpriority: medium ms.prod: "governance"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-An abstract type that defines the configuration for logic apps that can extend the customer's entitlement management and lifecycle workflows processes.
+An abstract type that defines the configuration for apps that can extend the customer's identity flows.
-This abstract type is inherited by:
+This abstract type is inherited by the following derived types.
- [customAccessPackageWorkflowExtension](customaccesspackageworkflowextension.md)
+- [customAuthenticationExtension](../resources/customauthenticationextension.md)
- [customTaskExtension](../resources/identitygovernance-customtaskextension.md) - [accessPackageAssignmentRequestWorkflowExtension](accesspackageassignmentrequestworkflowextension.md) - [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)
v1.0 Customextensioncalloutresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensioncalloutresult.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Indicates the result of an API request to the custom extension endpoint. This object is used by the **appliedEventListeners** object of [sign-ins](../resources/signin.md).
+Indicates the result of an API request to the [custom authentication extension](customauthenticationextension.md) endpoint. This object is used by the **appliedEventListeners** object of [sign-ins](../resources/signin.md).
Inherits from [authenticationEventHandlerResult](../resources/authenticationeventhandlerresult.md).
v1.0 Customextensionclientconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionclientconfiguration.md
Title: "customExtensionClientConfiguration resource type"
-description: "HTTP connection settings that define how long Azure AD can wait for a a response from a logic app before it shuts down the connection. Only timeoutInMilliseconds is supported."
+description: "Connection settings that define how long Azure AD can wait for a response from an external app before it shuts down the connection. Only timeoutInMilliseconds is supported."
ms.localizationpriority: medium ms.prod: "governance"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-HTTP connection settings that define how long Azure AD can wait for a a response from a logic app before it shuts down the connection when trying to trigger the logic app. Only **timeoutInMilliseconds** is supported.
+Connection settings that define how long Azure AD can wait for a a response from an external app before it shuts down the connection when trying to trigger the external app. Only **timeoutInMilliseconds** is supported.
## Properties |Property|Type|Description| |:|:|:|
-|timeoutInMilliseconds|Int32|The max duration in milliseconds that Azure AD will wait for a response from the logic app before it shuts down the connection. The valid range is between `200` and `2000` milliseconds. Default duration is `1000`.|
+|timeoutInMilliseconds|Int32|The max duration in milliseconds that Azure AD will wait for a response from the external app before it shuts down the connection. The valid range is between `200` and `2000` milliseconds. Default duration is `1000`.|
## Relationships None.
v1.0 Customextensionendpointconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionendpointconfiguration.md
Title: "customExtensionEndpointConfiguration resource type"
-description: "Abstract base type that exposes the derived types used to configure the endpointConfiguration property of a custom access package workflow extension object."
+description: "Abstract base type that exposes the derived types used to configure the endpointConfiguration property of a custom extension."
ms.localizationpriority: medium ms.prod: "governance"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Abstract base type that exposes the derived types used to configure the **endpointConfiguration** property of a [custom access package workflow extension](customaccesspackageworkflowextension.md) and [custom task extension](../resources/identitygovernance-customtaskextension.md) object. This abstract type is inherited by the [logicAppTriggerEndpointConfiguration](logicapptriggerendpointconfiguration.md) object.
+Abstract base type that exposes the derived types used to configure the **endpointConfiguration** property of a custom extension. This abstract type is inherited by the following types:
+
+- [logicAppTriggerEndpointConfiguration](logicapptriggerendpointconfiguration.md) - configure this object for the [customTaskExtension](../resources/identitygovernance-customtaskextension.md) in Lifecycle Workflows and [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) in Entitlement Management access package request and assignment cycles.
+- [httpRequestEndpoint](../resources/httprequestendpoint.md) - configure this object to [validate a custom authentication extension](../api/customauthenticationextension-validateauthenticationconfiguration.md).
## Properties
v1.0 Defaultuserrolepermissions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/defaultuserrolepermissions.md
Contains certains customizable permissions of default user role in Azure AD.
|:-- |:- |:-- | | allowedToCreateApps | Boolean | Indicates whether the default user role can create applications. | | allowedToCreateSecurityGroups | Boolean | Indicates whether the default user role can create security groups. |
+| allowedToCreateTenants | Boolean | Indicates whether the default user role can create tenants. |
| allowedToReadBitlockerKeysForOwnedDevice | Boolean | Indicates whether the registered owners of a device can read their own BitLocker recovery keys with default user role. | | allowedToReadOtherUsers | Boolean | Indicates whether the default user role can read other users. |
-| allowedToCreateTenants | Boolean | Indicates whether the default user role can create tenants. |
+ ## Relationships
v1.0 Delegatedadminrelationship https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/delegatedadminrelationship.md
Represents a delegated admin relationship between a partner and customer.
## Properties |Property|Type|Description| |:|:|:|
-|accessDetails|[delegatedAdminAccessDetails](../resources/delegatedadminaccessdetails.md)|The access details containing the identifiers of the administrative roles that the partner admin is requesting in the customer tenant.|
+|accessDetails|[delegatedAdminAccessDetails](../resources/delegatedadminaccessdetails.md)|The access details that contain the identifiers of the administrative roles that the partner admin is requesting in the customer tenant.|
|activatedDateTime|DateTimeOffset|The date and time in ISO 8601 format and in UTC time when the relationship became active. Read-only.| |createdDateTime|DateTimeOffset|The date and time in ISO 8601 format and in UTC time when the relationship was created. Read-only.| |customer|[delegatedAdminRelationshipCustomerParticipant](../resources/delegatedadminrelationshipcustomerparticipant.md)|The display name and unique identifier of the customer of the relationship. This is configured either by the partner at the time the relationship is created or by the system after the customer approves the relationship. Cannot be changed by the customer.|
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.delegatedAdminRelationship",
- "id": "String (identifier)",
+ "accessDetails": {"@odata.type": "microsoft.graph.delegatedAdminAccessDetails"},
+ "activatedDateTime": "String (timestamp)",
+ "createdDateTime": "String (timestamp)",
+ "customer": {"@odata.type": "microsoft.graph.delegatedAdminRelationshipCustomerParticipant"},
"displayName": "String", "duration": "String",
- "customer": {
- "@odata.type": "microsoft.graph.delegatedAdminRelationshipCustomerParticipant"
- },
- "accessDetails": {
- "@odata.type": "microsoft.graph.delegatedAdminAccessDetails"
- },
- "status": "String",
- "createdDateTime": "String (timestamp)",
+ "endDateTime": "String (timestamp)",
+ "id": "String (identifier)",
"lastModifiedDateTime": "String (timestamp)",
- "activatedDateTime": "String (timestamp)",
- "endDateTime": "String (timestamp)"
+ "status": "String"
} ```-
v1.0 Deltaparticipants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/deltaparticipants.md
+
+ Title: "deltaParticipants resource type"
+description: "Represents a notification for the creation, update, or deletion of a participant in a meeting."
+
+ms.localizationpriority: medium
++
+# deltaParticipants resource type
+
+Namespace: microsoft.graph
++
+Represents a notification for the creation, update, or deletion of a [participant](participant.md) in a meeting. This resource is published by communications servers as a notification of participant changes since the last update.
+
+## Properties
+
+| Property | Type | Description |
+|:|:--|:-|
+| participants | [participant](participant.md) collection | The collection of participants that were updated since the last roster update. |
+| sequenceNumber | Int64 | The sequence number for the roster update that is used to identify the notification order. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.deltaParticipants"
+} -->
+```json
+{
+ "@odata.type": "#microsoft.graph.deltaParticipants",
+ "participants": [{"@odata.type": "#microsoft.graph.participant"}],
+ "sequenceNumber": "Int64"
+}
+```
v1.0 Dynamics Itemcategories https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/dynamics-itemcategories.md
Title: itemCategories resource type
-description: An item category in Dynamics 365 Business Central.
--
+ Title: "itemCategories resource type"
+description: "Represents a category for a number of items in Dynamics 365 Business Central."
+
+documentationcenter: ""
+ ms.localizationpriority: medium ms.prod: "dynamics-365-business-central" doc_type: resourcePageType
Represents a category for a number of items in Dynamics 365 Business Central.
| Method | Return Type |Description | |:-|:-|:--|
-|[Get itemCategories](../api/dynamics-itemcategories-get.md) |itemCategories|Get an item category. |
-|[Post itemCategories](../api/dynamics-create-itemcategories.md) |itemCategories|Create an item category.|
-|[Patch itemCategories](../api/dynamics-itemcategories-update.md) |itemCategories|Update an item category.|
-|[Delete itemCategories](../api/dynamics-itemcategories-delete.md)|none |Delete an item category.|
+|[Get itemCategories](../api/dynamics-itemcategories-get.md) |[itemCategories](dynamics-itemcategories.md)|Get an item category. |
+|[Post itemCategories](../api/dynamics-create-itemcategories.md) |[itemCategories](dynamics-itemcategories.md)|Create an item category.|
+|[Patch itemCategories](../api/dynamics-itemcategories-update.md) |[itemCategories](dynamics-itemcategories.md)|Update an item category.|
+|[Delete itemCategories](../api/dynamics-itemcategories-delete.md)|None |Delete an item category.|
## Properties+ | Property | Type |Description | |:-|:-|:--|
-|id |GUID |The unique ID of the itemCategory. Non-editable.|
-|code |string |The itemCategory code. |
-|displayName |string |The itemCategories display name. |
-|lastModifiedDateTime|datetime|The last datetime the itemCategory was modified. Read-Only.|
+|code |String |The item category code. |
+|displayName |String |The display name of the item category. |
+|id |String |The unique ID of the item category. Non-editable.|
+|lastModifiedDateTime|Datetime|The date and time when the item category was last modified. Read-Only.|
## Relationships
-None
+
+None.
## JSON representation
-Here is a JSON representation of the itemCategories.
+The following is a JSON representation of the resource.
```json {
- "id": "GUID",
- "code": "string",
- "displayName": "string",
- "lastModifiedDateTime": "datetime"
+ "code": "String",
+ "displayName": "String",
+ "id": "String (identifier)",
+ "lastModifiedDateTime": "Datetime"
} ```---
v1.0 Educationassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/educationassignment.md
Namespace: microsoft.graph
Represents a task or unit of work assigned to a student or team member in a class as part of their study.
-Only teachers or team owners can create **assignments**. **Assignments** contain handouts and tasks that the teacher wants the student to work on. Each student **assignment** has an associated [submission](educationsubmissionresource.md) that contains any work their teacher asked to be turned in. A teacher can add scores and feedback to the **submission** turned in by the student.
+**Assignments** contain handouts and tasks that the teacher wants the student to work on. Each student **assignment** has an associated [submission](educationsubmissionresource.md) that contains any work their teacher asked to be turned in. Only teachers or team owners can create **assignments**. A teacher can add scores and feedback to the **submission** turned in by the student.
-When an **assignment** is created, it is in a Draft state. Students can't see the **assignment** and **submissions** won't be created. You can change the status of an **assignment** by using the [publish](../api/educationassignment-publish.md) action. You can't use a PATCH request to change the **assignment** status.
+When an **assignment** is created, it is in a Draft state. Students can't see the **assignment**, and **submissions** won't be created. You can change the status of an **assignment** by using the [publish](../api/educationassignment-publish.md) action. You can't use a PATCH request to change the **assignment** status.
The **assignment** APIs are exposed in the class namespace.
Inherits from [entity](../resources/entity.md).
|[Attach rubric](../api/educationassignment-put-rubric.md)|None|Attach an existing **educationRubric** to this **assignment**.| |[Remove rubric](../api/educationassignment-delete-rubric.md)|None|Detach the **educationRubric** from this **assignment**.| |[Get delta](../api/educationassignment-delta.md)|[educationAssignment](../resources/educationassignment.md) collection|Get a list of newly created or updated **assignments** without having to perform a full read of the collection.|
+|[List educationGradingCategory](../api/educationassignment-list-gradingcategory.md)|[educationGradingCategory](../resources/educationgradingcategory.md) collection|Get the educationGradingCategory resources from the gradingCategory navigation property.|
+|[Add educationGradingCategory](../api/educationassignment-post-gradingcategory.md)|[educationGradingCategory](../resources/educationgradingcategory.md)|Add gradingCategory by posting to the gradingCategory collection.|
+|[Remove educationGradingCategory](../api/educationassignment-delete-gradingcategory.md)|None|Remove an [educationGradingCategory](../resources/educationgradingcategory.md) object.|
+|[Activate assignment](../api/educationassignment-activate.md) |[educationAssignment](educationassignment.md) | Activate an inactive **educationAssignment** to signal that the assignment has action items for teachers and students.|
+|[Deactivate assignment](../api/educationassignment-deactivate.md) |[educationAssignment](educationassignment.md) | Mark an assigned **educationAssignment** as inactive to signal that the assignment has no further action items for both teachers and students.|
## Properties | Property | Type |Description|
Inherits from [entity](../resources/entity.md).
|lastModifiedBy|[identitySet](identityset.md)| Who last modified the **assignment**. | |lastModifiedDateTime|DateTimeOffset|Moment when the **assignment** was last modified. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |notificationChannelUrl|String|Optional field to specify the URL of the [channel](channel.md) to post the **assignment** publish notification. If not specified or null, defaults to the `General` channel. This field only applies to **assignments** where the **assignTo** value is [educationAssignmentClassRecipient](educationassignmentclassrecipient.md). Updating the **notificationChannelUrl** is not allowed after the **assignment** has been published.|
-|status|string| Status of the **Assignment**. You can not PATCH this value. Possible values are: `draft`, `scheduled`, `published`, `assigned`.|
-|webUrl|string| The deep link URL for the given **assignment**.|
|resourcesFolderUrl|string| Folder URL where all the file resources for this **assignment** are stored.|
+|status|string| Status of the **Assignment**. You can not PATCH this value. Possible values are: `draft`, `scheduled`, `published`, `assigned`, `unknownFutureValue` and `inactive`. Note that you must use the `Prefer: include-unknown-enum-members` request header to get the following value(s) in this [evolvable enum](/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): `inactive`.|
+|webUrl|string| The deep link URL for the given **assignment**.|
## Relationships | Relationship | Type |Description|
Inherits from [entity](../resources/entity.md).
|submissions|[educationSubmission](educationsubmission.md) collection| Once published, there is a **submission** object for each student representing their work and grade. Read-only. Nullable.| |categories|[educationCategory](educationcategory.md) collection| When set, enables users to easily find **assignments** of a given type. Read-only. Nullable.| |rubric|[educationRubric](educationrubric.md)|When set, the grading rubric attached to this **assignment**.|
+|grading category|[educationGradingCategory](educationgradingcategory.md) collection| When set, enables users to weight assignments differently when computing a class average grade.|
## JSON representation
The following is a JSON representation of the resource.
"lastModifiedBy": {"@odata.type": "microsoft.graph.identitySet"}, "lastModifiedDateTime": "String (timestamp)", "notificationChannelUrl": "String",
+ "resourcesFolderUrl": "String",
"status": "String",
- "webUrl": "String",
- "resourcesFolderUrl": "String"
+ "webUrl": "String"
+
} ```
v1.0 Educationassignmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/educationassignmentsettings.md
Specifies class-level assignments settings.
|:|:|:| |[Get educationAssignmentSettings](../api/educationassignmentsettings-get.md)|[educationAssignmentSettings](../resources/educationassignmentsettings.md)|Read the properties and relationships of an [educationAssignmentSettings](../resources/educationassignmentsettings.md) object.| |[Update educationAssignmentSettings](../api/educationassignmentsettings-update.md)|[educationAssignmentSettings](../resources/educationassignmentsettings.md)|Update the properties of an [educationAssignmentSettings](../resources/educationassignmentsettings.md) object.|
+|[List educationGradingCategory](../api/educationassignment-list-gradingcategory.md)|[educationGradingCategory](../resources/educationgradingcategory.md) collection|Get the educationGradingCategory resources from the gradingCategory navigation property.|
+|[Update educationGradingCategory](../api/educationgradingcategory-update.md)|[educationGradingCategory](../resources/educationgradingcategory.md)|Update the gradingCategory on the assignment settings.|
## Properties |Property|Type|Description| |:|:|:| |id|String|Unique identifier for the educationAssignmentSettings.|
-|submissionAnimationDisabled|Boolean|Indicates whether turn-in celebration animation will be shown. A value of `true` indicates that the animation will not be shown. Default value is `false`.|
+|submissionAnimationDisabled|Boolean|Indicates whether turn-in celebration animation will be shown. If `true`, the animation will not be shown. The default value is `false`.|
## Relationships
-None.
+| Relationship | Type |Description|
+|:|:--|:-|
+|grading categories|[educationGradingCategory](educationgradingcategory.md) collection| When set, enables users to weight assignments differently when computing a class average grade.|
## JSON representation The following is a JSON representation of the resource.
v1.0 Educationgradingcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/educationgradingcategory.md
+
+ Title: "educationGradingCategory resource type"
+description: "Add grading categories to the existing class-wide settings to weight assignments differently when computing a class average grade."
+
+ms.localizationpriority: medium
++
+# educationGradingCategory resource type
+
+Namespace: microsoft.graph
++
+Add grading categories to the existing class-wide settings to weight assignments differently when computing a class average grade.
+
+**Note:** Configure grading categories using [Assignment settings](../resources/educationassignmentsettings.md).
+
+## Methods
+
+| Method | Return Type |Description|
+|:|:--|:-|
+|[Add gradingCategory](../api/educationassignment-post-gradingcategory.md) | [gradingCategory](educationgradingcategory.md) | Add a new **gradingCategory**.|
+|[Remove gradingCategory](../api/educationassignment-delete-gradingcategory.md) | [educationCategory](educationgradingcategory.md) | Remove existing **gradingCategory**.|
+|[Update gradingCategory](../api/educationgradingcategory-update.md) | [educationCategory](educationgradingcategory.md) | Update a single **gradingCategory**.|
++
+## Properties
+| Property | Type |Description|
+|:|:--|:-|
+|id|String|The grading category's ID. This separate ID allows teachers to rename a grading category without losing the link to each assignment. Inherited from [entity](../resources/entity.md). Read-only.|
+|displayName|String|The name of the grading category.|
+|percentageWeight|Int32|The weight of the category; an integer between 0 and 100.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.educationGradingCategory"
+}-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.educationGradingCategory",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "percentageWeight": "Int32"
+}
+
+```
+
+<!-- uuid: 37d99af7-cfc5-4e3b-8566-f7d40e4a2070
+2015-10-25 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "gradingCategory resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": []
+}
+-->
v1.0 Enums Externalconnectors https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/enums-externalconnectors.md
Namespace: microsoft.graph.externalConnectors
### connectionState values
-|Member
+| Member
|:-- | draft | ready
Namespace: microsoft.graph.externalConnectors
| unknownFutureValue ### contentExperienceType values
-|Member
+| Member
|:-- | search | compliance
Namespace: microsoft.graph.externalConnectors
### externalActivityType values
-|Member
-|:--
-|viewed
-|modified
-|created
-|commented
-|unknownFutureValue
+| Member |
+|:-|
+| viewed |
+| modified |
+| created |
+| commented |
+| unknownFutureValue |
### externalGroupMemberType values
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/enums.md
Namespace: microsoft.graph +
+### authenticationAttributeCollectionInputType values
+
+|Member|
+|:|
+|text|
+|radioSingleSelect|
+|checkboxMultiSelect|
+|boolean|
+|unknownFutureValue|
+
+### userType values
+
+|Member|
+|:|
+|member|
+|guest|
+|unknownFutureValue|
+ ### assignmentType values | Member |
Namespace: microsoft.graph
### conditionalAccessExternalTenantsMembershipKind values
-|Member|
-|:|
-|all|
-|enumerated|
-|unknownFutureValue|
+| Member |
+|:-|
+| all |
+| enumerated |
+| unknownFutureValue |
### conditionalAccessGuestOrExternalUserTypes values
-|Member|
-|:|
-|none|
-|internalGuest|
-|b2bCollaborationGuest|
-|b2bCollaborationMember|
-|b2bDirectConnectUser|
-|otherExternalUser|
-|serviceProvider|
-|unknownFutureValue|
+| Member |
+|:--|
+| none |
+| internalGuest |
+| b2bCollaborationGuest |
+| b2bCollaborationMember |
+| b2bDirectConnectUser |
+| otherExternalUser |
+| serviceProvider |
+| unknownFutureValue |
-### teamTemplateAudience values
+### teamTemplateAudience values
|Member| |:|
Possible values for user account types (group membership), per Windows definitio
|unknownFutureValue| |roster| |project|
+|driveItem|
### plannerPlanContextType values
Possible values for user account types (group membership), per Windows definitio
|groupChat |1 |Indicates that the Teams app can be installed within a group chat and is authorized to access that group chat's data.| |personal |2 |Indicates that the Teams app can be installed in the personal scope of a user and is authorized to access that user's data.|
+### assignmentScheduleFilterByCurrentUserOptions values
+
+|Member|
+|:|
+|principal|
+|unknownFutureValue|
+
+### assignmentScheduleInstanceFilterByCurrentUserOptions values
+
+|Member|
+|:|
+|principal|
+|unknownFutureValue|
+
+### assignmentScheduleRequestFilterByCurrentUserOptions values
+
+|Member|
+|:|
+|principal|
+|createdBy|
+|approver|
+|unknownFutureValue|
++
+### eligibilityScheduleFilterByCurrentUserOptions values
+
+|Member|
+|:|
+|principal|
+|unknownFutureValue|
+
+### eligibilityScheduleInstanceFilterByCurrentUserOptions values
+
+|Member|
+|:|
+|principal|
+|unknownFutureValue|
+
+### eligibilityScheduleRequestFilterByCurrentUserOptions values
+
+|Member|
+|:|
+|principal|
+|createdBy|
+|approver|
+|unknownFutureValue|
++
+### privilegedAccessGroupAssignmentType values
+
+|Member|
+|:|
+|assigned|
+|activated|
+|unknownFutureValue|
+
+### privilegedAccessGroupMemberType values
+
+|Member|
+|:|
+|direct|
+|group|
+|unknownFutureValue|
+
+### privilegedAccessGroupRelationships values
+
+|Member|
+|:|
+|owner|
+|member|
+|unknownFutureValue|
+++
+### scheduleRequestActions values
+
+|Member|
+|:|
+|adminAssign|
+|adminUpdate|
+|adminRemove|
+|selfActivate|
+|selfDeactivate|
+|adminExtend|
+|adminRenew|
+|selfExtend|
+|selfRenew|
+|unknownFutureValue|
+ ### roleAssignmentScheduleRequestFilterByCurrentUserOptions values |Member|
v1.0 Externalconnectors Externalactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-externalactivity.md
Namespace: microsoft.graph.externalConnectors
Represents a record of a user interaction with an [externalItem](externalconnectors-externalitem.md) object.
+Base type of [externalActivityResult](../resources/externalconnectors-externalactivityresult.md).
+ ## Methods
-None.
+None.
## Properties+ |Property|Type|Description| |:|:|:|
-|startDateTime|DateTimeOffset|When the particular activity occurred.|
-|type|externalConnectors.externalActivityType|The type of activity performed. The possible values are: `viewed`, `modified`, `created`, `commented`, `unknownFutureValue`.|
+|startDateTime|DateTimeOffset|The date and time when the particular activity occurred. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|type|microsoft.graph.externalConnectors.externalActivityType|The type of activity performed. The possible values are: `viewed`, `modified`, `created`, `commented`, `unknownFutureValue`.|
## Relationships+ |Relationship|Type|Description| |:|:|:|
-|performedBy|[identity](../resources/externalconnectors-identity.md)|Represents an identity used to identify who is responsible for the activity.|
+|performedBy|[microsoft.graph.externalConnectors.identity](../resources/externalconnectors-identity.md)|Represents an identity used to identify who is responsible for the activity.|
## JSON representation+ The following is a JSON representation of the resource.+ <!-- { "blockType": "resource", "@odata.type": "microsoft.graph.externalConnectors.externalActivity"
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.externalConnectors.externalActivity",
- "type": "String",
- "startDateTime": "String (timestamp)"
+ "startDateTime": "String (timestamp)",
+ "type": "String"
} ```
v1.0 Externalconnectors Externalactivityresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-externalactivityresult.md
Title: "externalActivityResult resource type"
-description: "Represents the result of processing an externalActivity"
+description: "Represents the result of processing an externalActivity."
ms.localizationpriority: medium ms.prod: "search"
Namespace: microsoft.graph.externalConnectors
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents the result of processing an [externalActivity](../resources/externalconnectors-externalactivity.md). Null if successful.
-
+Represents the result of processing an [externalActivity](../resources/externalconnectors-externalactivity.md). A `null` **error** property in the response object indicates a successful request.
Inherits from [externalActivity](../resources/externalconnectors-externalactivity.md). - ## Properties+ |Property|Type|Description| |:|:|:|
-|error|[microsoft.graph.publicError](../resources/publicerror.md)|Error information explaining failure to process external activity.|
-|startDateTime|DateTimeOffset|When the particular activity occurred. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
-|type|externalConnectors.externalActivityType|The type of activity performed. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md). The possible values are: `viewed`, `modified`, `created`, `commented`, `unknownFutureValue`.|
+|error|[microsoft.graph.publicError](../resources/publicerror.md)|Error information that explains the failure to process an external activity.|
+|startDateTime|DateTimeOffset|The date and time when the particular activity occurred. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
+|type|microsoft.graph.externalConnectors.externalActivityType|The type of activity performed. The possible values are: `viewed`, `modified`, `created`, `commented`, `unknownFutureValue`. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
## Relationships+ |Relationship|Type|Description| |:|:|:|
-|performedBy|[identity](../resources/externalconnectors-identity.md)|Represents an identity used to identify who is responsible for the activity. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
+|performedBy|[microsoft.graph.externalConnectors.identity](../resources/externalconnectors-identity.md)|Represents an identity used to identify who is responsible for the activity. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
## JSON representation+ The following is a JSON representation of the resource.+ <!-- { "blockType": "resource", "@odata.type": "microsoft.graph.externalConnectors.externalActivityResult",
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.externalConnectors.externalActivityResult",
- "type": "String",
- "startDateTime": "String (timestamp)",
"error": { "@odata.type": "microsoft.graph.publicError"
- }
+ },
+ "startDateTime": "String (timestamp)",
+ "type": "String"
} ```
v1.0 Externalconnectors Externalconnection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-externalconnection.md
A logical container to add content from an external source into Microsoft Graph.
| Property | Type | Description | |:--|:-|:|
-| activitySettings|[microsoft.graph.externalConnectors.activitySettings](../resources/externalconnectors-activitysettings.md)| Collects configurable settings related to activities involving connector content.|
+| activitySettings |[microsoft.graph.externalConnectors.activitySettings](../resources/externalconnectors-activitysettings.md)| Collects configurable settings related to activities involving connector content.|
| complianceSettings |[microsoft.graph.externalConnectors.complianceSettings](../resources/externalconnectors-compliancesettings.md)| The settings required for the connection to participate in eDiscovery, such as the display templates for eDiscovery results.| | configuration | [microsoft.graph.externalConnectors.configuration](externalconnectors-configuration.md) | Specifies additional application IDs that are allowed to manage the connection and to index content in the connection. Optional. | | connectorId | String | The Teams App ID. Optional.|
A logical container to add content from an external source into Microsoft Graph.
| groups | [microsoft.graph.externalConnectors.externalGroup](externalconnectors-externalgroup.md) collection | Read-only. Nullable. | | items | [microsoft.graph.externalConnectors.externalItem](externalconnectors-externalitem.md) collection | Read-only. Nullable. | | operations | [microsoft.graph.externalConnectors.connectionOperation](externalconnectors-connectionoperation.md) collection | Read-only. Nullable. |
-| quota | [microsoft.graph.externalConnectors.connectionQuota](externalconnectors-connectionquota.md) | Read-only. Nullable. |
+| quota | [microsoft.graph.externalConnectors.connectionQuota](externalconnectors-connectionquota.md) | Read-only. Nullable. |
| schema | [microsoft.graph.externalConnectors.schema](externalconnectors-schema.md) | Read-only. Nullable. | ## JSON representation
The following is a JSON representation of the resource.
``` json {
- "@odata.type": "#microsoft.graph.externalConnectors.externalConnection",
"id": "String (identifier)", "ingestedItemsCount": "Int64", "name": "String",
v1.0 Externalconnectors Externalitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-externalitem.md
An item added to a Microsoft Graph [connection](externalconnectors-externalconne
| [Create externalItem](../api/externalconnectors-externalconnection-put-items.md) | [externalItem](externalconnectors-externalitem.md) | Create an **externalItem**. | | [Get externalItem](../api/externalconnectors-externalitem-get.md) | [externalItem](externalconnectors-externalitem.md) | Get an **externalItem**. | | [Update externalItem](../api/externalconnectors-externalitem-update.md) | [externalItem](externalconnectors-externalitem.md) | Update an **externalItem**. |
-| [Delete externalItem](../api/externalconnectors-externalitem-delete.md) | None | Delete an externalItem. |
-|[addActivities](../api/externalconnectors-externalitem-addactivities.md)|[microsoft.graph.externalConnectors.externalActivityResult](../resources/externalconnectors-externalactivity.md) collection|Append additional instances of [externalActivity](../resources/externalconnectors-externalactivity.md) objects on an **externalItem**.|
+| [Delete externalItem](../api/externalconnectors-externalitem-delete.md) | None | Delete an **externalItem**. |
+| [Add activities](../api/externalconnectors-externalitem-addactivities.md) |[microsoft.graph.externalConnectors.externalActivityResult](../resources/externalconnectors-externalactivity.md) collection | Append additional instances of [externalActivity](../resources/externalconnectors-externalactivity.md) objects on an **externalItem**.|
## Properties
An item added to a Microsoft Graph [connection](externalconnectors-externalconne
## Relationships | Relationship | Type | Description | |:-|:|:|
-| activities | [microsoft.graph.externalConnectors.externalActivity](externalconnectors-externalactivity.md) collection | Write-only property. Returns results. |
+| activities | [microsoft.graph.externalConnectors.externalActivity](externalconnectors-externalactivity.md) collection | Returns a list of activities performed on the item. Write-only. |
## JSON representation
v1.0 Externalconnectors Identity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-identity.md
The following is a JSON representation of the resource.
<!-- { "blockType": "resource", "keyProperty": "id",
- "@odata.type": "microsoft.graph.externalConnectors.externalGroupMember",
+ "@odata.type": "microsoft.graph.externalConnectors.identity",
"openType": false } -->
v1.0 Externalconnectors Itemidresolver https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-itemidresolver.md
Namespace: microsoft.graph.externalConnectors
Defines the rules for resolving a URL to the ID of an [externalItem](externalconnectors-externalitem.md). - Inherits from [urlToItemResolverBase](../resources/externalconnectors-urltoitemresolverbase.md). ## Properties
v1.0 Externalconnectors Propertyrule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-propertyrule.md
Defines the set of conditions to display a [displayTemplate](../resources/extern
## Properties |Property|Type|Description| |:|:|:|
-|operation|String|Specifies the operations to be performed during evaluation of a single **propertyRule**, where `property` and a string from the `values` collection are the respective operands. Possible values are: `null`, `equals`, `notEquals`, `contains`, `notContains`, `lessThan`, `greaterThan`, `startsWith`, `unknownFutureValue`. Required.|
+|operation|microsoft.graph.externalConnectors.ruleOperation|Specifies the operations to be performed during evaluation of a single **propertyRule**, where `property` and a string from the `values` collection are the respective operands. Possible values are: `null`, `equals`, `notEquals`, `contains`, `notContains`, `lessThan`, `greaterThan`, `startsWith`. Required.|
|property|String|The property from the [externalItem](../resources/externalconnectors-externalitem.md) schema. Required.| |values|String collection|A collection with one or many strings. The specified string(s) will be matched with the specified property using the specified operation. Required.| |valuesJoinedBy|binaryOperator|The join operator for evaluating multiple **propertyRules**. For example, if `and` is specified, then all **propertyRules** must be true for the **propertyRule** to be true. Possible values are: `or`, `and`. Required.|
v1.0 Externalconnectors Urltoitemresolverbase https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-urltoitemresolverbase.md
Namespace: microsoft.graph.externalConnectors
Defines the rules for resolving a URL to the ID of an [externalItem](externalconnectors-externalitem.md).
-This is an abstract base type of [itemIdResolver](externalconnectors-itemidresolver.md)..
+This is the base type for the [itemIdResolver](externalconnectors-itemidresolver.md) resource type.
## Properties |Property|Type|Description|
v1.0 Externalusersselfservicesignupeventsflow https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalusersselfservicesignupeventsflow.md
+
+ Title: "externalUsersSelfServiceSignUpEventsFlow resource type"
+description: "Represents a self-service user flow for external identities within an Azure AD workforce tenant or customer tenant."
+
+ms.localizationpriority: medium
++
+# externalUsersSelfServiceSignUpEventsFlow resource type
+
+Namespace: microsoft.graph
++
+Represents a self-service user flow for external identities within an Azure AD workforce tenant or customer tenant. A user flow is implemented as a multi-event policy executing the specific events at specific points of user interaction.
+
+Inherits from [authenticationEventsFlow](../resources/authenticationeventsflow.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List](../api/identitycontainer-list-authenticationeventsflows.md)|[authenticationEventsFlow](../resources/authenticationeventsflow.md) collection|Retrieve a list of the [authenticationEventsFlow](../resources/authenticationeventsflow.md) objects and their properties. |
+|[Create](../api/identitycontainer-post-authenticationeventsflows.md)|[externalUsersSelfServiceSignUpEventsFlow](../resources/externalusersselfservicesignupeventsflow.md)|Create an external identities self-service sign-up user flow.|
+|[Get](../api/authenticationeventsflow-get.md)|[externalUsersSelfServiceSignUpEventsFlow](../resources/externalusersselfservicesignupeventsflow.md)|Retrieve the properties and relationships of an external identities self-service sign-up user flow.|
+|[Update](../api/authenticationeventsflow-update.md)|None|Update the properties of an external identities self-service sign-up user flow|
+|[Delete](../api/authenticationeventsflow-delete.md)|None|Delete an external identities self-service sign-up user flow.|
+|[List linked applications](../api/authenticationconditionsapplications-list-includeapplications.md)|[authenticationConditionApplication](../resources/authenticationconditionapplication.md) collection|List listeners associated with an external identities self-service sign-up user flow.|
+|[Add linked application](../api/authenticationconditionsapplications-post-includeapplications.md)|None|List listeners associated with an external identities self-service sign-up user flow.|
+|[Remove linked application](../api/authenticationconditionapplication-delete.md)|None|List listeners associated with an external identities self-service sign-up user flow.|
+|[List identity providers](../api/onauthenticationmethodloadstartexternalusersselfservicesignup-list-identityproviders.md)|[identityProvider](../resources/identityproviderbase.md) collection|List identity provider selections associated with an external identities self-service sign-up user flow.|
+|[Add identity providers](../api/onauthenticationmethodloadstartexternalusersselfservicesignup-post-identityproviders.md)|None|Add an identity provider to an external identities self-service sign-up user flow.|
+|[Remove identity providers](../api/onauthenticationmethodloadstartexternalusersselfservicesignup-delete-identityproviders.md)|None|Remove an identity provider from an external identities self-service sign-up user flow.|
+|[List attributes](../api/onattributecollectionexternalusersselfservicesignup-list-attributes.md)|[identityUserFlowAttribute](../resources/identityuserflowattribute.md) collection|Retrieve all user attributes associated with an external identities self-service sign-up user flow.|
+|[Add an attribute](../api/onattributecollectionexternalusersselfservicesignup-post-attributes.md)|None|Retrieve all user attributes associated with an external identities self-service sign-up user flow.|
+|[Delete an attribute](../api/onattributecollectionexternalusersselfservicesignup-delete-attributes.md)|None|Remove a user flow attribute from an external identities self-service sign-up user flow.|
+<!--|[List listeners]()|None|List listeners associated with an External Identities Self-Service-Sign-up User Flow **is this required?**|
+|[Get listener]()|None|List listeners associated with an External Identities Self-Service-Sign-up User Flow **is this required?**|
+|[Create listener]()|None|List listeners associated with an External Identities Self-Service-Sign-up User Flow **is this required?**|
+|[Update listeners]()|None|List listeners associated with an External Identities Self-Service-Sign-up User Flow **is this required?**|
+|[Delete listeners]()|None|List listeners associated with an External Identities Self-Service-Sign-up User Flow **is this required?**|-->
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|The unique identifier for the entity. Read-only. Inherited from [entity](../resources/entity.md).|
+|displayName|String|Required. The display name for the events policy. Must be unique. Inherited from [authenticationEventsFlow](../resources/authenticationeventsflow.md).|
+|description|String|Optional. The description of the events policy. Inherited from [authenticationEventsFlow](../resources/authenticationeventsflow.md).|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|Optional. The conditions representing the context of the authentication request which is used to decide whether the events policy is invoked. Inherited from [authenticationEventsFlow](../resources/authenticationeventsflow.md).|
+|priority|Int32|Optional. The priority to use for each individual event of the events policy. If multiple competing listeners for an event have the same priority, one is chosen and an error is silently logged. Default is 500. Inherited from [authenticationEventsFlow](../resources/authenticationeventsflow.md).|
+|onInteractiveAuthFlowStart|[onInteractiveAuthFlowStartHandler](../resources/oninteractiveauthflowstarthandler.md)|Required. The configuration for what to invoke when an authentication flow is ready to be initiated. |
+|onAuthenticationMethodLoadStart|[onAuthenticationMethodLoadStartHandler](../resources/onauthenticationmethodloadstarthandler.md)|Required. The configuration for what to invoke when authentication methods are ready to be presented to the user. Must have at least one identity provider linked.|
+|onAttributeCollection|[onAttributeCollectionHandler](../resources/onattributecollectionhandler.md)|The configuration for what to invoke when attributes are ready to be collected from the user.|
+|onUserCreateStart|[onUserCreateStartHandler](../resources/onusercreatestarthandler.md)|The configuration for what to invoke during user creation.|
++
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "baseType": "microsoft.graph.authenticationEventsFlow",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.externalUsersSelfServiceSignUpEventsFlow",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "priority": "Integer",
+ "onInteractiveAuthFlowStart": {
+ "@odata.type": "microsoft.graph.onInteractiveAuthFlowStartHandler"
+ },
+ "onAuthenticationMethodLoadStart": {
+ "@odata.type": "microsoft.graph.onAuthenticationMethodLoadStartHandler"
+ },
+ "onAttributeCollection": {
+ "@odata.type": "microsoft.graph.onAttributeCollectionHandler"
+ },
+ "onUserCreateStart": {
+ "@odata.type": "microsoft.graph.onUserCreateStartHandler"
+ }
+}
+```
+
v1.0 Governanceschedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governanceschedule.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the schedule for a [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md). For a role assignment request, the schedule controls when to perform the role assignment operation, when to stop the role assignment, and how frequently to do the role assignment operation.
v1.0 Group https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/group.md
This resource supports:
| resourceProvisioningOptions | String collection | Specifies the group resources that are provisioned as part of Microsoft 365 group creation, that are not normally part of default group creation. Possible value is `Team`. For more information, see [Set Microsoft 365 group behaviors and provisioning options](/graph/group-set-options). <br><br>Returned by default. Supports `$filter` (`eq`, `not`, `startsWith`. | | securityEnabled | Boolean | Specifies whether the group is a security group. Required.<br><br>Returned by default. Supports `$filter` (`eq`, `ne`, `not`, `in`). | | securityIdentifier | String | Security identifier of the group, used in Windows scenarios. <br><br>Returned by default. |
+| serviceProvisioningErrors | [serviceProvisioningError](serviceprovisioningerror.md) collection | Errors published by a federated service describing a non-transient, service-specific error regarding the properties or link from a group object . <br><br> Supports `$filter` (`eq`, `not`, for isResolved and serviceInstance). |
| theme | String | Specifies a Microsoft 365 group's color theme. Possible values are `Teal`, `Purple`, `Green`, `Blue`, `Pink`, `Orange` or `Red`. <br><br>Returned by default. | | unseenConversationsCount | Int32 | Count of conversations that have been delivered one or more new posts since the signed-in user's last visit to the group. This property is the same as **unseenCount**. <br><br>Returned only on `$select`. | | unseenCount | Int32 | Count of conversations that have received new posts since the signed-in user last visited the group. This property is the same as **unseenConversationsCount**.<br><br>Returned only on `$select`. Supported only on the Get group API (`GET /groups/{ID}`). |
The following is a JSON representation of the resource.
"resourceProvisioningOptions": ["String"], "securityEnabled": true, "securityIdentifier": "String",
+ "serviceProvisioningErrors": [
+ { "@odata.type": "microsoft.graph.serviceProvisioningXmlError" }
+ ],
"unseenConversationsCount": 1024, "unseenCount": 1024, "unseenMessagesCount": 1024,
v1.0 Httprequestendpoint https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/httprequestendpoint.md
+
+ Title: "httpRequestEndpoint resource type"
+description: "The HTTP endpoint that a custom extension calls."
+
+ms.localizationpriority: medium
++
+# httpRequestEndpoint resource type
+
+Namespace: microsoft.graph
++
+The HTTP endpoint that a custom extension calls.
+
+Inherits from [customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|targetUrl|String|The HTTP endpoint that a custom extension calls.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.httpRequestEndpoint"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.httpRequestEndpoint",
+ "targetUrl": "String"
+}
+```
+
v1.0 Identitycontainer https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitycontainer.md
None.
| Relationship | Type | Description | |:-|:|:| |apiConnectors|[identityApiConnector](identityApiConnector.md) collection|Represents entry point for API connectors.|
+|authenticationEventsFlows|[authenticationEventsFlow](../resources/authenticationeventsflow.md) collection|Represents the entry point for self-service sign up and sign in user flows in both Azure AD workforce and customer tenants.|
+|authenticationEventListener|[authenticationEventListener](authenticationeventlistener.md) collection| Represents listeners for custom authentication extension events in Azure AD for workforce and customers.|
|b2cUserFlows|[b2cIdentityUserFlow](b2cIdentityUserFlow.md) collection|Represents entry point for B2C identity userflows.| |b2xUserFlows|[b2xIdentityUserFlow](b2xIdentityUserFlow.md) collection| Represents entry point for B2X and self-service sign-up identity userflows.|
+|customAuthenticationExtension|[customAuthenticationExtension](customauthenticationextension.md) collection| Represents custom extensions to authentication flows in Azure AD for workforce and customers.|
|identityProviders|[identityProviderBase](identityProviderBase.md) collection| Represents entry point for identity provider base.| |userFlowAttributes|[identityUserFlowAttribute](identityUserFlowAttribute.md) collection| Represents entry point for identity userflow attributes.| |conditionalAccess|[conditionalAccessRoot](conditionalAccessRoot.md) collection| the entry point for the Conditional Access (CA) object model.|
v1.0 Identitygovernance Timebasedattributetrigger https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-timebasedattributetrigger.md
Inherits from [workflowExecutionTrigger](../resources/identitygovernance-workflo
|Property|Type|Description| |:|:|:|
-|offsetInDays|Int32|How many days before or after the time-based attribute specified the workflow should trigger. For example, if the attribute is `employeeHireDate` and offsetInDays is -1, then the workflow should trigger one day before the employee hire date. The value can range between -60 and 60 days.|
+|offsetInDays|Int32|How many days before or after the time-based attribute specified the workflow should trigger. For example, if the attribute is `employeeHireDate` and offsetInDays is -1, then the workflow should trigger one day before the employee hire date. The value can range between -180 and 180 days.|
|timeBasedAttribute|[microsoft.graph.identityGovernance.workflowTriggerTimeBasedAttribute](../resources/identitygovernance-timebasedattributetrigger.md)|Determines which time-based identity property to reference. The possible values are: `employeeHireDate`, `employeeLeaveDateTime`, `unknownFutureValue`.| ## Relationships
v1.0 Identitygovernance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance.md
None.
|entitlementManagement|[entitlementManagement](entitlementmanagement.md)| Container for entitlement management resources, including [accessPackageCatalog](accesspackagecatalog.md), [connectedOrganization](connectedorganization.md), and [entitlementManagementSettings](entitlementmanagementsettings.md).| |termsOfUse|[termsOfUseContainer](termsofusecontainer.md)| Container for the resources that expose the terms of use API and its features, including [agreements](agreement.md) and [agreementAcceptances](agreementacceptance.md). | |lifecycleWorkflows|[microsoft.graph.identityGovernance.lifecycleWorkflowsContainer](identitygovernance-lifecycleworkflowscontainer.md)| Container for Lifecycle Workflow resources, including [workflow](identitygovernance-workflow.md), [customTaskExtension](identitygovernance-customtaskextension.md), and [lifecycleManagementSettings](identitygovernance-lifecyclemanagementsettings.md).|
+|privilegedAccess|[privilegedAccess](privilegedaccess.md)| Container for the base resources that expose the API and features related to Privileged Identity Management (PIM) for Groups.|
v1.0 Idlesessionsignout https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/idlesessionsignout.md
+
+ Title: "idleSessionSignOut resource type"
+description: "Represents the idle session sign-out policy settings for SharePoint."
+
+ms.localizationpriority: medium
++
+# idleSessionSignOut resource type
+
+Namespace: microsoft.graph
++
+Represents the idle session sign-out policy settings for SharePoint.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+| isEnabled | Boolean | Indicates whether the idle session sign-out policy is enabled. |
+| signOutAfterInSeconds | Int64 | Number of seconds of inactivity after which a user is signed out. |
+| warnAfterInSeconds | Int64 | Number of seconds of inactivity after which a user is notified that they'll be signed out.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- { "blockType": "resource", "@odata.type": "microsoft.graph.idleSessionSignOut" } -->
+
+```json
+{
+ "isEnabled": "Boolean",
+ "signOutAfterInSeconds": "Int64",
+ "warnAfterInSeconds": "Int64"
+}
+```
+
+<!-- {
+ "type": "#page.annotation",
+ "description": "Idle session sign out parameters",
+ "section": "documentation",
+ "tocPath": "Resources/idleSessionSignOut"
+} -->
v1.0 Inboundoutboundpolicyconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/inboundoutboundpolicyconfiguration.md
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.inboundOutboundPolicyConfiguration",
- "inboundAllowed": {
- "@odata.type": "Boolean"
- },
- "outboundAllowed": {
- "@odata.type": "Boolean"
- }
+ "inboundAllowed": {"@odata.type": "Boolean"},
+ "outboundAllowed": {"@odata.type": "Boolean"}
} ```
v1.0 Industrydata Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/industrydata-overview.md
Title: "Use the industry data API as an extract, transform, and load (ETL) engine (preview)"
-description: "The industry data API is a multi-vertical, cross-industry, ETL (Extract-Transform-Load) platform that combines data from multiple sources into a single Azure Data Lake data store, normalizes the data, and exports it in outbound flows."
+description: "The industry data API is an Education industry focused ETL (Extract-Transform-Load) platform that combines data from multiple sources into a single Azure Data Lake data store, normalizes the data, and exports it in outbound flows."
ms.localizationpriority: medium ms.prod: "industry-data-etl"
doc_type: conceptual
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-The industry data API is a multi-vertical, cross-industry, ETL (Extract-Transform-Load) platform that combines data from multiple sources into a single Azure Data Lake data store, normalizes the data, and exports it in outbound flows. The API provides resources that you can use to get statistics after the data is processed, and assist with monitoring and troubleshooting.
-
-Currently, the API is highly tailored to the education industry.
+The industry data API is an Education industry focused ETL (Extract-Transform-Load) platform that combines data from multiple sources into a single Azure Data Lake data store, normalizes the data, and exports it in outbound flows. The API provides resources that you can use to get statistics after the data is processed, and assist with monitoring and troubleshooting.
The industry data API is defined in the OData subnamespace `microsoft.graph.industryData`.
v1.0 Intune Androidforwork Androiddeviceownerenrollmentprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidforwork-androiddeviceownerenrollmentprofile.md
Enrollment Profile used to enroll Android Enterprise devices using Google's Clou
|[Update androidDeviceOwnerEnrollmentProfile](../api/intune-androidforwork-androiddeviceownerenrollmentprofile-update.md)|[androidDeviceOwnerEnrollmentProfile](../resources/intune-androidforwork-androiddeviceownerenrollmentprofile.md)|Update the properties of a [androidDeviceOwnerEnrollmentProfile](../resources/intune-androidforwork-androiddeviceownerenrollmentprofile.md) object.| |[revokeToken action](../api/intune-androidforwork-androiddeviceownerenrollmentprofile-revoketoken.md)|None|Not yet documented| |[createToken action](../api/intune-androidforwork-androiddeviceownerenrollmentprofile-createtoken.md)|None|Not yet documented|
+|[getDefaultTeamsDeviceNonGmsEnrollmentProfile action](../api/intune-androidforwork-androiddeviceownerenrollmentprofile-getdefaultteamsdevicenongmsenrollmentprofile.md)|[enrollmentProfileForNonGmsTeamsDevice](../resources/intune-androidforwork-enrollmentprofilefornongmsteamsdevice.md)|Not yet documented|
## Properties |Property|Type|Description|
v1.0 Intune Androidforwork Androidforworkappconfigurationschemaitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidforwork-androidforworkappconfigurationschemaitem.md
Single configuration item inside an Android for Work application's custom config
|defaultStringValue|String|Default value for string type items, if specified by the app developer| |defaultStringArrayValue|String collection|Default value for string array type items, if specified by the app developer| |dataType|[androidForWorkAppConfigurationSchemaItemDataType](../resources/intune-androidforwork-androidforworkappconfigurationschemaitemdatatype.md)|The type of value this item describes. Possible values are: `bool`, `integer`, `string`, `choice`, `multiselect`, `bundle`, `bundleArray`, `hidden`.|
-|selections|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
+|selections|[keyValuePair](../resources/intune-androidforwork-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
## Relationships None
v1.0 Intune Androidforwork Androidmanagedstoreappconfigurationschemaitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidforwork-androidmanagedstoreappconfigurationschemaitem.md
Single configuration item inside an Android application's custom configuration s
|defaultStringValue|String|Default value for string type items, if specified by the app developer| |defaultStringArrayValue|String collection|Default value for string array type items, if specified by the app developer| |dataType|[androidManagedStoreAppConfigurationSchemaItemDataType](../resources/intune-androidforwork-androidmanagedstoreappconfigurationschemaitemdatatype.md)|The type of value this item describes. Possible values are: `bool`, `integer`, `string`, `choice`, `multiselect`, `bundle`, `bundleArray`, `hidden`.|
-|selections|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
+|selections|[keyValuePair](../resources/intune-androidforwork-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
## Relationships None
v1.0 Intune Androidfotaservice Zebrafotaconnector https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidfotaservice-zebrafotaconnector.md
The Zebra FOTA connector entity that represents the tenant's authorization statu
|Property|Type|Description| |:|:|:| |id|String|Id of ZebraFotaConnector.|
-|state|[zebraFotaConnectorState](../resources/intune-androidfotaservice-zebrafotaconnectorstate.md)|The Zebra connector state. Possible values are: `none`, `connected`, `disconnected`, `unknownFutureValue`.|
+|state|** Unknown Type `microsoft.intune.core.msGraph.zebraFotaConnectorState` **|The Zebra connector state.|
|enrollmentToken|String|Tenant enrollment token from Zebra. The token is used to enroll Zebra devices in the FOTA Service via app config.| |enrollmentAuthorizationUrl|String|Complete account enrollment authorization URL. This corresponds to verification_uri_complete in the Zebra API documentations.| |lastSyncDateTime|DateTimeOffset|Date and time when the account was last synched with Zebra|
Here is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.zebraFotaConnector", "id": "String (identifier)",
- "state": "String",
+ "state": "<Unknown None>",
"enrollmentToken": "String", "enrollmentAuthorizationUrl": "String", "lastSyncDateTime": "String (timestamp)",
v1.0 Intune Androidfotaservice Zebrafotadeployment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidfotaservice-zebrafotadeployment.md
The Zebra FOTA deployment entity that describes settings, deployment device grou
|id|String|System generated deployment id provided during creation of the deployment. Returned only if operation was a success.| |displayName|String|A human readable name of the deployment.| |description|String|A human readable description of the deployment.|
-|deploymentSettings|[zebraFotaDeploymentSettings](../resources/intune-androidfotaservice-zebrafotadeploymentsettings.md)|Represents settings required to create a deployment such as deployment type, artifact info, download and installation|
-|deploymentAssignments|[androidFotaDeploymentAssignment](../resources/intune-androidfotaservice-androidfotadeploymentassignment.md) collection|Collection of Android FOTA Assignment|
-|deploymentStatus|[zebraFotaDeploymentStatus](../resources/intune-androidfotaservice-zebrafotadeploymentstatus.md)|Represents the deployment status from Zebra. The status is a high level status of the deployment as opposed being a detailed status per device.|
+|deploymentSettings|** Unknown Type `microsoft.intune.core.msGraph.zebraFotaDeploymentSettings` **|Represents settings required to create a deployment such as deployment type, artifact info, download and installation|
+|deploymentAssignments|** Unknown Type `microsoft.intune.core.msGraph.androidFotaDeploymentAssignment` ** collection|Collection of Android FOTA Assignment|
+|deploymentStatus|** Unknown Type `microsoft.intune.core.msGraph.zebraFotaDeploymentStatus` **|Represents the deployment status from Zebra. The status is a high level status of the deployment as opposed being a detailed status per device.|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance|
## Relationships None
Here is a JSON representation of the resource.
"id": "String (identifier)", "displayName": "String", "description": "String",
- "deploymentSettings": {
- "@odata.type": "microsoft.graph.zebraFotaDeploymentSettings",
- "deviceModel": "String",
- "updateType": "String",
- "timeZoneOffsetInMinutes": 1024,
- "firmwareTargetArtifactDescription": "String",
- "firmwareTargetBoardSupportPackageVersion": "String",
- "firmwareTargetPatch": "String",
- "firmwareTargetOsVersion": "String",
- "scheduleMode": "String",
- "scheduleDurationInDays": 1024,
- "downloadRuleNetworkType": "String",
- "downloadRuleStartDateTime": "String (timestamp)",
- "installRuleStartDateTime": "String (timestamp)",
- "installRuleWindowStartTime": "String (time of day)",
- "installRuleWindowEndTime": "String (time of day)",
- "batteryRuleMinimumBatteryLevelPercentage": 1024,
- "batteryRuleRequireCharger": true
- },
+ "deploymentSettings": "<Unknown None>",
"deploymentAssignments": [
- {
- "@odata.type": "microsoft.graph.androidFotaDeploymentAssignment",
- "id": "String",
- "displayName": "String",
- "target": {
- "@odata.type": "microsoft.graph.androidFotaDeploymentAssignmentTarget",
- "groupId": "String"
- }
- }
+ "<Unknown None>"
],
- "deploymentStatus": {
- "@odata.type": "microsoft.graph.zebraFotaDeploymentStatus",
- "state": "String",
- "errorCode": "String",
- "totalDevices": 1024,
- "totalCreated": 1024,
- "totalScheduled": 1024,
- "totalDownloading": 1024,
- "totalAwaitingInstall": 1024,
- "totalSucceededInstall": 1024,
- "totalCanceled": 1024,
- "totalUnknown": 1024,
- "totalFailedDownload": 1024,
- "totalFailedInstall": 1024,
- "completeOrCanceledDateTime": "String (timestamp)",
- "cancelRequested": true,
- "lastUpdatedDateTime": "String (timestamp)"
- }
+ "deploymentStatus": "<Unknown None>",
+ "roleScopeTagIds": [
+ "String"
+ ]
} ```
v1.0 Intune Apps Enterprisecodesigningcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-enterprisecodesigningcertificate.md
Not yet documented
|:|:|:| |id|String|The unique identifier of the certificate, assigned upon creation. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Read-only.| |content|Binary|The Windows Enterprise Code-Signing Certificate in the raw data format. Set to null once certificate has been uploaded and other properties have been populated.|
-|status|certificateStatus|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
+|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|Whether the Certificate Status Provisioned or not Provisioned. Possible values are: notProvisioned, provisioned. Default is notProvisioned. Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported. Possible values are: `notProvisioned`, `provisioned`.|
|subjectName|String|The subject name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |subject|String|The subject value for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.| |issuerName|String|The issuer name for the cert. This might contain information such as country (C), state or province (S), locality (L), common name of the cert (CN), organization (O), and organizational unit (OU). Uploading a valid cert file through the Intune admin console will automatically populate this value in the HTTP response. Supports: $filter, $select, $top, $OrderBy, $skip. $Search is not supported.|
v1.0 Intune Apps Mobileappinstallstatus https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-mobileappinstallstatus.md
Title: "mobileAppInstallStatus resource type"
-description: "Contains properties for the installation state of a mobile app for a device."
+description: "Contains properties for the installation state of a mobile app for a device. This will be deprecated in May, 2023"
localization_priority: Normal ms.prod: "intune"
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Contains properties for the installation state of a mobile app for a device.
+Contains properties for the installation state of a mobile app for a device. This will be deprecated in May, 2023
## Methods |Method|Return Type|Description|
v1.0 Intune Apps Mobileappinstallsummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-mobileappinstallsummary.md
Title: "mobileAppInstallSummary resource type"
-description: "Contains properties for the installation summary of a mobile app."
+description: "Contains properties for the installation summary of a mobile app. This will be deprecated in May, 2023"
localization_priority: Normal ms.prod: "intune"
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Contains properties for the installation summary of a mobile app.
+Contains properties for the installation summary of a mobile app. This will be deprecated in May, 2023
## Methods |Method|Return Type|Description|
v1.0 Intune Apps Mobileapprelationshipstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-mobileapprelationshipstate.md
Title: "mobileAppRelationshipState resource type"
-description: "Describes the installation status details of the child app in the context of UPN and device id."
+description: "Describes the installation status details of the child app in the context of UPN and device id. This will be deprecated in May, 2023 "
localization_priority: Normal ms.prod: "intune"
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Describes the installation status details of the child app in the context of UPN and device id.
+Describes the installation status details of the child app in the context of UPN and device id. This will be deprecated in May, 2023
## Properties |Property|Type|Description|
v1.0 Intune Apps Symanteccodesigningcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-symanteccodesigningcertificate.md
Not yet documented
|:|:|:| |id|String|The key of the entity.| |content|Binary|The Windows Symantec Code-Signing Certificate in the raw data format.|
-|status|certificateStatus|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
+|status|[certificateStatus](../resources/intune-apps-certificatestatus.md)|The Cert Status Provisioned or not Provisioned. Possible values are: `notProvisioned`, `provisioned`.|
|password|String|The Password required for .pfx file.| |subjectName|String|The Subject Name for the cert.| |subject|String|The Subject value for the cert.|
v1.0 Intune Apps Userappinstallstatus https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-apps-userappinstallstatus.md
Title: "userAppInstallStatus resource type"
-description: "Contains properties for the installation status for a user."
+description: "Contains properties for the installation status for a user. This will be deprecated in May, 2023"
localization_priority: Normal ms.prod: "intune"
Namespace: microsoft.graph
> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-Contains properties for the installation status for a user.
+Contains properties for the installation status for a user. This will be deprecated in May, 2023
## Methods |Method|Return Type|Description|
v1.0 Intune Cirrus Officeclientcheckinstatus https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-officeclientcheckinstatus.md
- Title: "officeClientCheckinStatus resource type"
-description: "Entity that describes tenant check-in stats."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# officeClientCheckinStatus resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Entity that describes tenant check-in stats.
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|userPrincipalName|String|User principal name using the device.|
-|deviceName|String|Device name trying to check-in.|
-|devicePlatform|String|Device platform trying to check-in.|
-|devicePlatformVersion|String|Device platform version trying to check-in.|
-|wasSuccessful|Boolean|If the last checkin was successful.|
-|userId|String|User identifier using the device.|
-|checkinDateTime|DateTimeOffset|Last device check-in time in UTC.|
-|errorMessage|String|Error message if any associated for the last checkin.|
-|appliedPolicies|String collection|List of policies delivered to the device as last checkin.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.officeClientCheckinStatus"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "String",
- "deviceName": "String",
- "devicePlatform": "String",
- "devicePlatformVersion": "String",
- "wasSuccessful": true,
- "userId": "String",
- "checkinDateTime": "String (timestamp)",
- "errorMessage": "String",
- "appliedPolicies": [
- "String"
- ]
-}
-```
v1.0 Intune Cirrus Officeclientconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-officeclientconfiguration.md
- Title: "officeClientConfiguration resource type"
-description: "Office Client Configuration."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# officeClientConfiguration resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Office Client Configuration.
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List officeClientConfigurations](../api/intune-cirrus-officeclientconfiguration-list.md)|[officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md) collection|List properties and relationships of the [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md) objects.|
-|[Get officeClientConfiguration](../api/intune-cirrus-officeclientconfiguration-get.md)|[officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|Read properties and relationships of the [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md) object.|
-|[assign action](../api/intune-cirrus-officeclientconfiguration-assign.md)|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|Replace all targeted groups for a policy.|
-|[updatePriorities action](../api/intune-cirrus-officeclientconfiguration-updatepriorities.md)|None|Update policy priorities.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the office client configuration policy.|
-|userPreferencePayload|Stream|Preference settings JSON string in binary format, these values can be overridden by the user.|
-|policyPayload|Stream|Policy settings JSON string in binary format, these values cannot be changed by the user.|
-|description|String|Not yet documented|
-|displayName|String|Admin provided description of the office client configuration policy.|
-|lastModifiedDateTime|DateTime|Last modified datetime stamp of the policy.|
-|priority|Int32|Priority value should be unique value for each policy under a tenant and will be used for conflict resolution, lower values mean priority is high.|
-|userCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|User check-in summary for the policy.|
-|checkinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|List of office Client check-in status.|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|assignments|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|The list of group assignments for the policy.|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.officeClientConfiguration"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.officeClientConfiguration",
- "id": "String (identifier)",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "String",
- "displayName": "String",
- "priority": 1024,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 1024,
- "failedUserCount": 1024
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "String",
- "deviceName": "String",
- "devicePlatform": "String",
- "devicePlatformVersion": "String",
- "wasSuccessful": true,
- "userId": "String",
- "checkinDateTime": "String (timestamp)",
- "errorMessage": "String",
- "appliedPolicies": [
- "String"
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Officeclientconfigurationassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-officeclientconfigurationassignment.md
- Title: "officeClientConfigurationAssignment resource type"
-description: "Office Client Configuration Assignment."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# officeClientConfigurationAssignment resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Office Client Configuration Assignment.
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List officeClientConfigurationAssignments](../api/intune-cirrus-officeclientconfigurationassignment-list.md)|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|List properties and relationships of the [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) objects.|
-|[Get officeClientConfigurationAssignment](../api/intune-cirrus-officeclientconfigurationassignment-get.md)|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md)|Read properties and relationships of the [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object.|
-|[Create officeClientConfigurationAssignment](../api/intune-cirrus-officeclientconfigurationassignment-create.md)|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md)|Create a new [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object.|
-|[Delete officeClientConfigurationAssignment](../api/intune-cirrus-officeclientconfigurationassignment-delete.md)|None|Deletes a [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md).|
-|[Update officeClientConfigurationAssignment](../api/intune-cirrus-officeclientconfigurationassignment-update.md)|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md)|Update the properties of a [officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the OfficeConfigurationAssignment.|
-|target|[officeConfigurationAssignmentTarget](../resources/intune-cirrus-officeconfigurationassignmenttarget.md)|The target assignment defined by the admin.|
-
-## Relationships
-None
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.officeClientConfigurationAssignment"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.officeClientConfigurationAssignment",
- "id": "String (identifier)",
- "target": {
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
- }
-}
-```
v1.0 Intune Cirrus Officeconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-officeconfiguration.md
- Title: "officeConfiguration resource type"
-description: "Singleton entity that acts as a container for all device management functionality."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# officeConfiguration resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Singleton entity that acts as a container for all device management functionality.
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|Get officeConfiguration|[officeConfiguration](../resources/intune-cirrus-officeconfiguration.md)|Read properties and relationships of the [officeConfiguration](../resources/intune-cirrus-officeconfiguration.md) object.|
-|Update officeConfiguration|[officeConfiguration](../resources/intune-cirrus-officeconfiguration.md)|Update the properties of a [officeConfiguration](../resources/intune-cirrus-officeconfiguration.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the office configuration.|
-|tenantCheckinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|List of office Client check-in status.|
-|tenantUserCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|Entity that describes tenant check-in statues|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|clientConfigurations|[officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md) collection|List of office Client configuration.|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.officeConfiguration"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.officeConfiguration",
- "id": "String (identifier)",
- "tenantCheckinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "String",
- "deviceName": "String",
- "devicePlatform": "String",
- "devicePlatformVersion": "String",
- "wasSuccessful": true,
- "userId": "String",
- "checkinDateTime": "String (timestamp)",
- "errorMessage": "String",
- "appliedPolicies": [
- "String"
- ]
- }
- ],
- "tenantUserCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 1024,
- "failedUserCount": 1024
- }
-}
-```
v1.0 Intune Cirrus Officeconfigurationassignmenttarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-officeconfigurationassignmenttarget.md
- Title: "officeConfigurationAssignmentTarget resource type"
-description: "Office Client Configuration Assignment Target."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# officeConfigurationAssignmentTarget resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Office Client Configuration Assignment Target.
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.officeConfigurationAssignmentTarget"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.officeConfigurationAssignmentTarget"
-}
-```
v1.0 Intune Cirrus Officeconfigurationgroupassignmenttarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-officeconfigurationgroupassignmenttarget.md
- Title: "officeConfigurationGroupAssignmentTarget resource type"
-description: "Office client configuration AAD group assignment target."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# officeConfigurationGroupAssignmentTarget resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Office client configuration AAD group assignment target.
-
-Inherits from [officeConfigurationAssignmentTarget](../resources/intune-cirrus-officeconfigurationassignmenttarget.md)
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|groupId|String|The Id of the AAD group we are targeting the device configuration to.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.officeConfigurationGroupAssignmentTarget"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.officeConfigurationGroupAssignmentTarget",
- "groupId": "String"
-}
-```
v1.0 Intune Cirrus Officeusercheckinsummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-officeusercheckinsummary.md
- Title: "officeUserCheckinSummary resource type"
-description: "Entity that describes tenant check-in stats."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# officeUserCheckinSummary resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Entity that describes tenant check-in stats.
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|succeededUserCount|Int32|Total successful user check ins for the last 3 months.|
-|failedUserCount|Int32|Total failed user check ins for the last 3 months.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.officeUserCheckinSummary"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 1024,
- "failedUserCount": 1024
-}
-```
v1.0 Intune Cirrus Windowsofficeclientconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-windowsofficeclientconfiguration.md
- Title: "windowsOfficeClientConfiguration resource type"
-description: "Entity that describes office policy settings for Windows."
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# windowsOfficeClientConfiguration resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Entity that describes office policy settings for Windows.
-
-Inherits from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List windowsOfficeClientConfigurations](../api/intune-cirrus-windowsofficeclientconfiguration-list.md)|[windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) collection|List properties and relationships of the [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) objects.|
-|[Get windowsOfficeClientConfiguration](../api/intune-cirrus-windowsofficeclientconfiguration-get.md)|[windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md)|Read properties and relationships of the [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object.|
-|[Create windowsOfficeClientConfiguration](../api/intune-cirrus-windowsofficeclientconfiguration-create.md)|[windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md)|Create a new [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object.|
-|[Delete windowsOfficeClientConfiguration](../api/intune-cirrus-windowsofficeclientconfiguration-delete.md)|None|Deletes a [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md).|
-|[Update windowsOfficeClientConfiguration](../api/intune-cirrus-windowsofficeclientconfiguration-update.md)|[windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md)|Update the properties of a [windowsOfficeClientConfiguration](../resources/intune-cirrus-windowsofficeclientconfiguration.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userPreferencePayload|Stream|Preference settings JSON string in binary format, these values can be overridden by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|policyPayload|Stream|Policy settings JSON string in binary format, these values cannot be changed by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|description|String|Admin provided description of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|displayName|String|Admin provided name of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|priority|Int32|Priority value should be unique value for each policy under a tenant and will be used for conflict resolution, lower values mean priority is high. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|lastModifiedDateTime|DateTime|Last modified datetime stamp of the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|User check-in summary for the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|checkinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|List of office Client check-in status. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|assignments|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|The list of group assignments for the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.windowsOfficeClientConfiguration"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientConfiguration",
- "id": "String (identifier)",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "String",
- "displayName": "String",
- "priority": 1024,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 1024,
- "failedUserCount": 1024
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "String",
- "deviceName": "String",
- "devicePlatform": "String",
- "devicePlatformVersion": "String",
- "wasSuccessful": true,
- "userId": "String",
- "checkinDateTime": "String (timestamp)",
- "errorMessage": "String",
- "appliedPolicies": [
- "String"
- ]
- }
- ]
-}
-```
v1.0 Intune Cirrus Windowsofficeclientsecurityconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md
- Title: "windowsOfficeClientSecurityConfiguration resource type"
-description: "Not yet documented"
-localization_priority: Normal
-
-doc_type: resourcePageType
--
-# windowsOfficeClientSecurityConfiguration resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Not yet documented
-
-Inherits from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List windowsOfficeClientSecurityConfigurations](../api/intune-cirrus-windowsofficeclientsecurityconfiguration-list.md)|[windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) collection|List properties and relationships of the [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) objects.|
-|[Get windowsOfficeClientSecurityConfiguration](../api/intune-cirrus-windowsofficeclientsecurityconfiguration-get.md)|[windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md)|Read properties and relationships of the [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.|
-|[Create windowsOfficeClientSecurityConfiguration](../api/intune-cirrus-windowsofficeclientsecurityconfiguration-create.md)|[windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md)|Create a new [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.|
-|[Delete windowsOfficeClientSecurityConfiguration](../api/intune-cirrus-windowsofficeclientsecurityconfiguration-delete.md)|None|Deletes a [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md).|
-|[Update windowsOfficeClientSecurityConfiguration](../api/intune-cirrus-windowsofficeclientsecurityconfiguration-update.md)|[windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md)|Update the properties of a [windowsOfficeClientSecurityConfiguration](../resources/intune-cirrus-windowsofficeclientsecurityconfiguration.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Id of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userPreferencePayload|Stream|Preference settings JSON string in binary format, these values can be overridden by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|policyPayload|Stream|Policy settings JSON string in binary format, these values cannot be changed by the user. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|description|String|Admin provided description of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|displayName|String|Admin provided name of the office client configuration policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|priority|Int32|Priority value should be unique value for each policy under a tenant and will be used for conflict resolution, lower values mean priority is high. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|lastModifiedDateTime|DateTime|Last modified datetime stamp of the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|userCheckinSummary|[officeUserCheckinSummary](../resources/intune-cirrus-officeusercheckinsummary.md)|User check-in summary for the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-|checkinStatuses|[officeClientCheckinStatus](../resources/intune-cirrus-officeclientcheckinstatus.md) collection|List of office Client check-in status. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|assignments|[officeClientConfigurationAssignment](../resources/intune-cirrus-officeclientconfigurationassignment.md) collection|The list of group assignments for the policy. Inherited from [officeClientConfiguration](../resources/intune-cirrus-officeclientconfiguration.md)|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.windowsOfficeClientSecurityConfiguration"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.windowsOfficeClientSecurityConfiguration",
- "id": "String (identifier)",
- "userPreferencePayload": "<Unknown Primitive Type Edm.Stream>",
- "policyPayload": "<Unknown Primitive Type Edm.Stream>",
- "description": "String",
- "displayName": "String",
- "priority": 1024,
- "userCheckinSummary": {
- "@odata.type": "microsoft.graph.officeUserCheckinSummary",
- "succeededUserCount": 1024,
- "failedUserCount": 1024
- },
- "checkinStatuses": [
- {
- "@odata.type": "microsoft.graph.officeClientCheckinStatus",
- "userPrincipalName": "String",
- "deviceName": "String",
- "devicePlatform": "String",
- "devicePlatformVersion": "String",
- "wasSuccessful": true,
- "userId": "String",
- "checkinDateTime": "String (timestamp)",
- "errorMessage": "String",
- "appliedPolicies": [
- "String"
- ]
- }
- ]
-}
-```
v1.0 Intune Deviceconfig Advancedthreatprotectiononboardingdevicesettingstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-advancedthreatprotectiononboardingdevicesettingstate.md
ATP onboarding State for a given device.
|Property|Type|Description| |:|:|:| |id|String|Key of the entity|
-|platformType|[deviceType](../resources/intune-shared-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|platformType|[deviceType](../resources/intune-deviceconfig-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|setting|String|The setting class name and property name.| |settingName|String|The Setting Name that is being reported| |deviceId|String|The Device Id that is being reported|
v1.0 Intune Deviceconfig Androiddeviceowneruserfacingmessage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androiddeviceowneruserfacingmessage.md
Represents a user-facing message with locale information as well as a default me
## Properties |Property|Type|Description| |:|:|:|
-|localizedMessages|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|The list of <locale, message> pairs. This collection can contain a maximum of 500 elements.|
+|localizedMessages|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|The list of <locale, message> pairs. This collection can contain a maximum of 500 elements.|
|defaultMessage|String|The default message displayed if the user's locale doesn't match with any of the localized messages| ## Relationships
v1.0 Intune Deviceconfig Androiddeviceownervpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androiddeviceownervpnconfiguration.md
Inherits from [vpnConfiguration](../resources/intune-deviceconfig-vpnconfigurati
|alwaysOnLockdown|Boolean|If always-on VPN connection is enabled, whether or not to lock network traffic when that VPN is disconnected.| |microsoftTunnelSiteId|String|Microsoft Tunnel site ID.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
## Relationships |Relationship|Type|Description|
v1.0 Intune Deviceconfig Androidforworkvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidforworkvpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| ## Relationships
v1.0 Intune Deviceconfig Androidvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidvpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| ## Relationships
v1.0 Intune Deviceconfig Androidworkprofilevpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidworkprofilevpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |proxyServer|[vpnProxyServer](../resources/intune-deviceconfig-vpnproxyserver.md)|Proxy server.| |targetedPackageIds|String collection|Targeted App package IDs.|
v1.0 Intune Deviceconfig Applevpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-applevpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location.| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements.|
|enableSplitTunneling|Boolean|Send all network traffic through VPN.| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device.|
v1.0 Intune Deviceconfig Devicecompliancesettingstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-devicecompliancesettingstate.md
Device compliance setting State for a given device.
|Property|Type|Description| |:|:|:| |id|String|Key of the entity|
-|platformType|[deviceType](../resources/intune-shared-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|platformType|[deviceType](../resources/intune-deviceconfig-devicetype.md)|Device platform type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|setting|String|The setting class name and property name.| |settingName|String|The Setting Name that is being reported| |deviceId|String|The Device Id that is being reported|
v1.0 Intune Deviceconfig Deviceplatformtype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-deviceplatformtype.md
Supported platform types.
## Members |Member|Value|Description| |:|:|:|
-|android|0|Android.|
-|androidForWork|1|AndroidForWork.|
-|iOS|2|iOS.|
-|macOS|3|MacOS.|
-|windowsPhone81|4|WindowsPhone 8.1.|
-|windows81AndLater|5|Windows 8.1 and later|
-|windows10AndLater|6|Windows 10 and later.|
-|androidWorkProfile|7|Android Work Profile.|
-|unknown|8|Unknown.|
-|androidAOSP|9|Android AOSP.|
+|android|0|Indicates device platform type is android.|
+|androidForWork|1|Indicates device platform type is android for work.|
+|iOS|2|Indicates device platform type is iOS.|
+|macOS|3|Indicates device platform type is macOS.|
+|windowsPhone81|4|Indicates device platform type is WindowsPhone 8.1.|
+|windows81AndLater|5|Indicates device platform type is Windows 8.1 and later.|
+|windows10AndLater|6|Indicates device platform type is Windows 10 and later.|
+|androidWorkProfile|7|Indicates device platform type is Android Work Profile.|
+|unknown|8|This is the default value when device platform type resolution fails|
+|androidAOSP|9|Indicates device platform type is Android AOSP.|
+|androidMobileApplicationManagement|10|Indicates Mobile Application Management (MAM) for android devices.|
+|iOSMobileApplicationManagement|11|Indicates Mobile Application Management (MAM) for iOS devices.|
+|unknownFutureValue|12|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Deviceconfig Hardwareconfigurationdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-hardwareconfigurationdevicestate.md
Contains properties for device run state of the hardware configuration
|upn|String|User Principal Name (UPN).| |internalVersion|Int32|The Policy internal version| |lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the hardware configuration executed|
-|configurationState|[runState](../resources/intune-shared-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|configurationState|[runState](../resources/intune-deviceconfig-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|configurationOutput|String|Output of the hardware configuration execution| |configurationError|String|Error from the hardware configuration execution|
v1.0 Intune Deviceconfig Iosikev2vpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-iosikev2vpnconfiguration.md
Inherits from [iosVpnConfiguration](../resources/intune-deviceconfig-iosvpnconfi
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Iosvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-iosvpnconfiguration.md
Inherits from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnc
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Macosdevicefeaturesconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macosdevicefeaturesconfiguration.md
Inherits from [appleDeviceFeaturesConfigurationBase](../resources/intune-devicec
|powerOffDisabledWhileLoggedIn|Boolean|Whether the Power Off menu item on the login window will be disabled while the user is logged in.| |logOutDisabledWhileLoggedIn|Boolean|Whether the Log Out menu item on the login window will be disabled while the user is logged in.| |screenLockDisableImmediate|Boolean|Whether to disable the immediate screen lock functions.|
-|associatedDomains|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
+|associatedDomains|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
|appAssociatedDomains|[macOSAssociatedDomainsItem](../resources/intune-deviceconfig-macosassociateddomainsitem.md) collection|Gets or sets a list that maps apps to their associated domains. Application identifiers must be unique. This collection can contain a maximum of 500 elements.| |singleSignOnExtension|[singleSignOnExtension](../resources/intune-deviceconfig-singlesignonextension.md)|Gets or sets a single sign-on extension profile. Deprecated: use MacOSSingleSignOnExtension instead.| |macOSSingleSignOnExtension|[macOSSingleSignOnExtension](../resources/intune-deviceconfig-macossinglesignonextension.md)|Gets or sets a single sign-on extension profile.|
v1.0 Intune Deviceconfig Macosvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macosvpnconfiguration.md
Inherits from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnc
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Macoswirednetworkconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macoswirednetworkconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|userStatusOverview|[deviceConfigurationUserOverview](../resources/intune-deviceconfig-deviceconfigurationuseroverview.md)|Device Configuration users status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)| |deviceSettingStateSummaries|[settingStateDeviceSummary](../resources/intune-deviceconfig-settingstatedevicesummary.md) collection|Device Configuration Setting State Device Summary Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)| |rootCertificateForServerValidation|[macOSTrustedRootCertificate](../resources/intune-deviceconfig-macostrustedrootcertificate.md)|Trusted Root Certificate for Server Validation when EAP Type is configured to EAP-TLS/TTLS/FAST or PEAP.|
+|rootCertificatesForServerValidation|[macOSTrustedRootCertificate](../resources/intune-deviceconfig-macostrustedrootcertificate.md) collection|Trusted Root Certificates for Server Validation when EAP Type is configured to EAP-TLS/TTLS/FAST or PEAP. If you provide this value you do not need to provide trustedServerCertificateNames, and vice versa. This collection can contain a maximum of 500 elements.|
|identityCertificateForClientAuthentication|[macOSCertificateProfileBase](../resources/intune-deviceconfig-macoscertificateprofilebase.md)|Identity Certificate for client authentication when EAP Type is configured to EAP-TLS, EAP-TTLS (with Certificate Authentication), or PEAP (with Certificate Authentication).| ## JSON Representation
v1.0 Intune Deviceconfig Manageddevicecertificatestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-manageddevicecertificatestate.md
Not yet documented
|Property|Type|Description| |:|:|:| |id|String|Key of the entity.|
-|devicePlatform|[devicePlatformType](../resources/intune-deviceconfig-deviceplatformtype.md)|Device platform. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
+|devicePlatform|[devicePlatformType](../resources/intune-deviceconfig-deviceplatformtype.md)|Device platform. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
|certificateKeyUsage|[keyUsages](../resources/intune-shared-keyusages.md)|Key usage. Possible values are: `keyEncipherment`, `digitalSignature`.| |certificateValidityPeriodUnits|[certificateValidityPeriodScale](../resources/intune-shared-certificatevalidityperiodscale.md)|Validity period units. Possible values are: `days`, `months`, `years`.| |certificateIssuanceState|[certificateIssuanceStates](../resources/intune-deviceconfig-certificateissuancestates.md)|Issuance State. Possible values are: `unknown`, `challengeIssued`, `challengeIssueFailed`, `requestCreationFailed`, `requestSubmitFailed`, `challengeValidationSucceeded`, `challengeValidationFailed`, `issueFailed`, `issuePending`, `issued`, `responseProcessingFailed`, `responsePending`, `enrollmentSucceeded`, `enrollmentNotNeeded`, `revoked`, `removedFromCollection`, `renewVerified`, `installFailed`, `installed`, `deleteFailed`, `deleted`, `renewalRequested`, `requested`.|
v1.0 Intune Deviceconfig Retirescheduledmanageddevice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-retirescheduledmanageddevice.md
ManagedDevices that are scheduled for retire
|id|String|Key of the entity.| |managedDeviceId|String|Managed DeviceId| |managedDeviceName|String|Managed Device Name|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|Managed Device Device Type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|deviceType|[deviceType](../resources/intune-deviceconfig-devicetype.md)|Managed Device Device Type. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|complianceState|[complianceStatus](../resources/intune-shared-compliancestatus.md)|Managed Device ComplianceStatus. Possible values are: `unknown`, `notApplicable`, `compliant`, `remediated`, `nonCompliant`, `error`, `conflict`, `notAssigned`.| |retireAfterDateTime|DateTimeOffset|Managed Device Retire After DateTime| |managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Managed Device ManagementAgentType. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
v1.0 Intune Deviceconfigv2 Devicemanagementcompliancepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementcompliancepolicy.md
Device Management Compliance Policy
|name|String|Policy name| |description|String|Policy description| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time. This property is read-only.| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time. This property is read-only.| |settingCount|Int32|Number of settings. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationcategory.md
Device Management Configuration Policy
## Properties |Property|Type|Description| |:|:|:|
-|id|String|Identifier for item|
-|description|String|Description of the item|
-|categoryDescription|String|Description of the category header|
-|helpText|String|Help text of the item|
+|id|String|The unique identifier for the category.|
+|description|String|Description of the category. For example: Display|
+|categoryDescription|String|Description of the category header in policy summary.|
+|helpText|String|Help text of the category. Give more details of the category.|
|name|String|Name of the item|
-|displayName|String|Display name of the item|
-|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for Compliance or Configuration. Possible values are: `none`, `configuration`, `compliance`.|
-|parentCategoryId|String|Parent id of the category.|
+|displayName|String|Name of the category. For example: Device Lock|
+|platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms types, which settings in the category have. Possible values are: none. android, androidEnterprise, iOs, macOs, windows10X, windows10, aosp, and linux. If this property is not set, or set to none, returns categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies types, which settings in the category have. Possible values are: none, mdm, configManager, intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. If this property is not set, or set to none, returns categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicates that the category contains settings that are used for compliance, configuration, or reusable settings. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Read-only. Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|parentCategoryId|String|Direct parent id of the category. If the category is the root, the parent id is same as its id.|
|rootCategoryId|String|Root id of the category.| |childCategoryIds|String collection|List of child ids of the category.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingcollectiondefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingcollectiondefinition.md
Inherits from [deviceManagementConfigurationChoiceSettingDefinition](../resource
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
-|defaultOptionId|String|Default option for choice setting Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected. Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
+|defaultOptionId|String|Default option for the choice setting. Inherited from [deviceManagementConfigurationChoiceSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md)|
|maximumCount|Int32|Maximum number of choices in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of choices in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationchoicesettingdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationchoicesettingdefinition.md
Inherits from [deviceManagementConfigurationSettingDefinition](../resources/intu
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected|
-|defaultOptionId|String|Default option for choice setting|
+|options|[deviceManagementConfigurationOptionDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationoptiondefinition.md) collection|Options for the setting that can be selected.|
+|defaultOptionId|String|Default option for the choice setting.|
## Relationships None
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationcontroltype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md
Setting control type representation in the UX
## Members |Member|Value|Description| |:|:|:|
-|default|0|DonΓÇÖt override default|
-|dropdown|1|Display Choice in dropdown|
-|smallTextBox|2|Display text input in small text input|
-|largeTextBox|3|Display text input in large text input|
-|toggle|4|Allow for toggle control type|
-|multiheaderGrid|5|Allow for multiheader grid control type|
-|contextPane|6|Allow for context pane control type|
+|default|0|Default. UX uses default UX element base on setting type for the setting.|
+|dropdown|1|Display the setting in dropdown box.|
+|smallTextBox|2|Display text input in small text input.|
+|largeTextBox|3|Display text input in large text input.|
+|toggle|4|Allow for toggle control type.|
+|multiheaderGrid|5|Allow for multiheader grid control type.|
+|contextPane|6|Allow for context pane control type.|
+|unknownFutureValue|7|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationexchangeonlinesettingapplicability https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationexchangeonlinesettingapplicability.md
Inherits from [deviceManagementConfigurationSettingApplicability](../resources/i
|Property|Type|Description| |:|:|:| |description|String|description of the setting Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|
-|platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on. Posible values are: none, android, androidEnterprise, iOs, macOs, windows10X, windows10, aosp, and linux. Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
|deviceMode|[deviceManagementConfigurationDeviceMode](../resources/intune-deviceconfigv2-devicemanagementconfigurationdevicemode.md)|Device Mode that setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `kiosk`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through. Posible values are: none, mdm, configManager, intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
## Relationships None
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationplatforms https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md
Supported platform types.
## Members |Member|Value|Description| |:|:|:|
-|none|0|None.|
-|android|1|Android.|
-|iOS|4|iOS.|
-|macOS|8|MacOS.|
+|none|0|Default. No platform type specified.|
+|android|1|Settings for Android platform.|
+|iOS|4|Settings for iOS platform.|
+|macOS|8|Settings for MacOS platform.|
|windows10X|16|Windows 10 X.|
-|windows10|32|Windows 10.|
-|linux|128|Linux.|
-|unknownFutureValue|1073741824|Sentinel member for cases where the client cannot handle the new enum values.|
+|windows10|32|Settings for Windows 10 platform.|
+|linux|128|Settings for Linux platform.|
+|unknownFutureValue|256|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationpolicy.md
Device Management Configuration Policy
|name|String|Policy name| |description|String|Policy description| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|createdDateTime|DateTimeOffset|Policy creation date and time| |lastModifiedDateTime|DateTimeOffset|Policy last modification date and time| |settingCount|Int32|Number of settings|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicytemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationpolicytemplate.md
Device Management Configuration Policy Template
|displayVersion|String|Description of template version| |lifecycleState|[deviceManagementTemplateLifecycleState](../resources/intune-deviceconfigv2-devicemanagementtemplatelifecyclestate.md)|Indicate current lifecycle state of template. Possible values are: `invalid`, `draft`, `active`, `superseded`, `deprecated`, `retired`.| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this template. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this template. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|templateFamily|[deviceManagementConfigurationTemplateFamily](../resources/intune-deviceconfigv2-devicemanagementconfigurationtemplatefamily.md)|TemplateFamily for this template. Possible values are: `none`, `endpointSecurityAntivirus`, `endpointSecurityDiskEncryption`, `endpointSecurityFirewall`, `endpointSecurityEndpointDetectionAndResponse`, `endpointSecurityAttackSurfaceReduction`, `endpointSecurityAccountProtection`, `endpointSecurityApplicationControl`, `endpointSecurityEndpointPrivilegeManagement`, `enrollmentConfiguration`, `appQuietTime`, `baseline`, `unknownFutureValue`, `deviceConfigurationScripts`.| |allowUnmanagedSettings|Boolean|Allow unmanaged setting templates| |settingTemplateCount|Int32|Number of setting templates. Valid values 0 to 2147483647. This property is read-only.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationredirectsettingdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationredirectsettingdefinition.md
Inherits from [deviceManagementConfigurationSettingDefinition](../resources/intu
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |deepLink|String|A deep link that points to the specific location in the Intune console where feature support must be managed from.| |redirectMessage|String|A message that explains that clicking the link will redirect the user to a supported page to manage the settings.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationreferredsettinginformation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md
Referred setting information about reusable setting
## Properties |Property|Type|Description| |:|:|:|
-|settingDefinitionId|String|Setting definition id that is being referred to a setting. Applicable for reusable setting|
+|settingDefinitionId|String|Setting definition id that is being referred to a setting. Applicable for reusable setting.|
## Relationships None
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingapplicability https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md
Not yet documented
|Property|Type|Description| |:|:|:| |description|String|description of the setting|
-|platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on. Posible values are: none, android, androidEnterprise, iOs, macOs, windows10X, windows10, aosp, and linux. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
|deviceMode|[deviceManagementConfigurationDeviceMode](../resources/intune-deviceconfigv2-devicemanagementconfigurationdevicemode.md)|Device Mode that setting can be applied on. Possible values are: `none`, `kiosk`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through. Posible values are: none, mdm, configManager, intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
## Relationships None
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md
Not yet documented
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters.|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting. Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on|
-|infoUrls|String collection|List of links more info for the setting can be found at|
+|infoUrls|String collection|List of links more info for the setting can be found at.|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not| |baseUri|String|Base CSP Path| |offsetUri|String|Offset CSP Path from Base|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting.|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance. Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting.|
+|categoryId|String|Specify category in which the setting is under. Support $filters.|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information.| |id|String|Identifier for item|
-|description|String|Description of the item|
-|helpText|String|Help text of the item|
+|description|String|Description of the setting.|
+|helpText|String|Help text of the setting. Give more details of the setting.|
|name|String|Name of the item|
-|displayName|String|Display name of the item|
+|displayName|String|Name of the setting. For example: Allow Toast.|
|version|String|Item Version| ## Relationships
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupcollectiondefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupcollectiondefinition.md
Inherits from [deviceManagementConfigurationSettingGroupDefinition](../resources
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
+|childIds|String collection|Dependent child settings to this group of settings. Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)|
|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)| |dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting Inherited from [deviceManagementConfigurationSettingGroupDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md)| |maximumCount|Int32|Maximum number of setting group count in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettinggroupdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettinggroupdefinition.md
Inherits from [deviceManagementConfigurationSettingDefinition](../resources/intu
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|childIds|String collection|Dependent child settings to this group of settings|
+|childIds|String collection|Dependent child settings to this group of settings.|
|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|List of Dependencies for the setting group| |dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|List of child settings that depend on this setting|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingusage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md
Supported setting types
## Members |Member|Value|Description| |:|:|:|
-|none|0|No setting type specified|
-|configuration|1|Configuration setting|
-|compliance|2|Compliance setting|
+|none|0|Default. No setting type specified.|
+|configuration|1|Configuration setting type.|
+|compliance|2|Compliance setting type.|
+|unknownFutureValue|8|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsettingvisibility https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md
Supported setting types
## Members |Member|Value|Description| |:|:|:|
-|none|0|Not visible|
-|settingsCatalog|1|Visible to setting catalog UX|
-|template|2|Visible to template|
+|none|0|Default. Not visible.|
+|settingsCatalog|1|Visible to setting catalog policy type.|
+|template|2|Visible to template policy type.|
+|unknownFutureValue|4|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingcollectiondefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingcollectiondefinition.md
Inherits from [deviceManagementConfigurationSimpleSettingDefinition](../resource
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting. Inherited from [deviceManagementConfigurationSimpleSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md)|
|maximumCount|Int32|Maximum number of simple settings in the collection. Valid values 1 to 100| |minimumCount|Int32|Minimum number of simple settings in the collection. Valid values 1 to 100|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationsimplesettingdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationsimplesettingdefinition.md
Inherits from [deviceManagementConfigurationSettingDefinition](../resources/intu
## Properties |Property|Type|Description| |:|:|:|
-|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|applicability|[deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|Details which device setting is applicable on. Supports: $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|accessTypes|[deviceManagementConfigurationSettingAccessTypes](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingaccesstypes.md)|Read/write access mode of the setting Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `add`, `copy`, `delete`, `get`, `replace`, `execute`.| |keywords|String collection|Tokens which to search settings on Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|infoUrls|String collection|List of links more info for the setting can be found at Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|infoUrls|String collection|List of links more info for the setting can be found at. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|occurrence|[deviceManagementConfigurationSettingOccurrence](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingoccurrence.md)|Indicates whether the setting is required or not Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |baseUri|String|Base CSP Path Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |offsetUri|String|Offset CSP Path from Base Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|rootDefinitionId|String|Root setting definition if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|categoryId|String|Specifies the area group under which the setting is configured in a specified configuration service provider (CSP) Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Setting type, for example, configuration and compliance Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`.|
-|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`.|
-|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`.|
+|rootDefinitionId|String|Root setting definition id if the setting is a child setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|categoryId|String|Specify category in which the setting is under. Support $filters. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|settingUsage|[deviceManagementConfigurationSettingUsage](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingusage.md)|Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `configuration`, `compliance`, `unknownFutureValue`.|
+|uxBehavior|[deviceManagementConfigurationControlType](../resources/intune-deviceconfigv2-devicemanagementconfigurationcontroltype.md)|Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, multiheaderGrid, contextPane. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `default`, `dropdown`, `smallTextBox`, `largeTextBox`, `toggle`, `multiheaderGrid`, `contextPane`, `unknownFutureValue`.|
+|visibility|[deviceManagementConfigurationSettingVisibility](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvisibility.md)|Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md). Possible values are: `none`, `settingsCatalog`, `template`, `unknownFutureValue`.|
|referredSettingInformationList|[deviceManagementConfigurationReferredSettingInformation](../resources/intune-deviceconfigv2-devicemanagementconfigurationreferredsettinginformation.md) collection|List of referred setting information. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)| |id|String|Identifier for item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|description|String|Description of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|helpText|String|Help text of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|description|String|Description of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|helpText|String|Help text of the setting. Give more details of the setting. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|name|String|Name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|displayName|String|Display name of the item Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
+|displayName|String|Name of the setting. For example: Allow Toast. Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
|version|String|Item Version Inherited from [deviceManagementConfigurationSettingDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdefinition.md)|
-|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting|
-|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting|
-|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on|
-|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting|
+|valueDefinition|[deviceManagementConfigurationSettingValueDefinition](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvaluedefinition.md)|Definition of the value for this setting.|
+|defaultValue|[deviceManagementConfigurationSettingValue](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingvalue.md)|Default setting value for this setting.|
+|dependentOn|[deviceManagementConfigurationDependentOn](../resources/intune-deviceconfigv2-devicemanagementconfigurationdependenton.md) collection|list of parent settings this setting is dependent on.|
+|dependedOnBy|[deviceManagementConfigurationSettingDependedOnBy](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingdependedonby.md) collection|list of child settings that depend on this setting.|
## Relationships None
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationtechnologies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md
Describes which technology this setting can be deployed with
## Members |Member|Value|Description| |:|:|:|
-|none|0|Setting cannot be deployed through any channel|
-|mdm|1|Setting can be deployed through the MDM channel|
+|none|0|Default. Setting cannot be deployed through any channel.|
+|mdm|1|Setting can be deployed through the MDM channel.|
|windows10XManagement|2|Setting can be deployed through the Windows10XManagement channel|
-|configManager|4|Setting can be deployed through the ConfigManager channel|
-|appleRemoteManagement|64|Setting can be deployed through the AppleRemoteManagement channel|
-|microsoftSense|128|Setting can be deployed through the SENSE agent channel|
-|exchangeOnline|256|Setting can be deployed through the Exchange Online agent channel|
-|edgeMAM|512|Setting can be deployed through the Edge MAM agent channel|
-|linuxMdm|1024|Setting can be deployed through the Linux Mdm channel|
+|configManager|4|Setting can be deployed through the ConfigManager channel.|
+|appleRemoteManagement|64|Setting can be deployed through the AppleRemoteManagement channel.|
+|microsoftSense|128|Setting can be deployed through the SENSE agent channel.|
+|exchangeOnline|256|Setting can be deployed through the Exchange Online agent channel.|
+|mobileApplicationManagement|512|Setting can be deployed through the Mobile Application Management (MAM) channel|
+|linuxMdm|1024|Setting can be deployed through the Linux Mdm channel.|
|enrollment|4096|Setting can be deployed through device enrollment.| |endpointPrivilegeManagement|8192|Setting can be deployed using the Endpoint privilege management channel| |unknownFutureValue|16384|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationwindowssettingapplicability https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationwindowssettingapplicability.md
Inherits from [deviceManagementConfigurationSettingApplicability](../resources/i
|Property|Type|Description| |:|:|:| |description|String|description of the setting Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md)|
-|platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
+|platform|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platform setting can be applied on. Posible values are: none, android, androidEnterprise, iOs, macOs, windows10X, windows10, aosp, and linux. Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.|
|deviceMode|[deviceManagementConfigurationDeviceMode](../resources/intune-deviceconfigv2-devicemanagementconfigurationdevicemode.md)|Device Mode that setting can be applied on Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `kiosk`.|
-|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `edgeMAM`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
+|technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Which technology channels this setting can be deployed through. Posible values are: none, mdm, configManager, intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. Inherited from [deviceManagementConfigurationSettingApplicability](../resources/intune-deviceconfigv2-devicemanagementconfigurationsettingapplicability.md). Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `appleRemoteManagement`, `microsoftSense`, `exchangeOnline`, `mobileApplicationManagement`, `linuxMdm`, `enrollment`, `endpointPrivilegeManagement`, `unknownFutureValue`.|
|configurationServiceProviderVersion|String|Version of CSP setting is a part of| |maximumSupportedVersion|String|Maximum supported version of Windows| |minimumSupportedVersion|String|Minimum supported version of Windows|
v1.0 Intune Devices Comanagementeligibledevice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-comanagementeligibledevice.md
Device Co-Management eligibility state
|:|:|:| |id|String|Unique Id for the device| |deviceName|String|DeviceName|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|DeviceType. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|DeviceType. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
|clientRegistrationStatus|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|ClientRegistrationStatus. Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.| |ownerType|[ownerType](../resources/intune-shared-ownertype.md)|OwnerType. Possible values are: `unknown`, `company`, `personal`.| |managementAgents|[managementAgentType](../resources/intune-shared-managementagenttype.md)|ManagementAgents. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
v1.0 Intune Devices Devicecompliancescriptdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-devicecompliancescriptdevicestate.md
Contains properties for device run state of the device compliance script.
|Property|Type|Description| |:|:|:| |id|String|Key of the device compliance script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device compliance script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device compliance script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicehealthscriptdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-devicehealthscriptdevicestate.md
Contains properties for device run state of the device health script.
|Property|Type|Description| |:|:|:| |id|String|Key of the device health script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device health script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device health script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicehealthscriptpolicystate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-devicehealthscriptpolicystate.md
Contains properties for policy run state of the device health script.
|policyName|String|Display name of the device health script| |userName|String|Name of the user whom ran the device health script| |osVersion|String|Value of the OS Version in string|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device health script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device health script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicemanagementscriptdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-devicemanagementscriptdevicestate.md
Contains properties for device run state of the device management script.
|Property|Type|Description| |:|:|:| |id|String|Key of the device management script device state entity. This property is read-only.|
-|runState|[runState](../resources/intune-shared-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|runState|[runState](../resources/intune-devices-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|resultMessage|String|Details of execution output.| |lastStateUpdateDateTime|DateTimeOffset|Latest time the device management script executes.| |errorCode|Int32|Error code corresponding to erroneous execution of the device management script.|
v1.0 Intune Devices Manageddevice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-manageddevice.md
Devices that are managed or pre-enrolled through Intune
|[initiateMobileDeviceManagementKeyRecovery action](../api/intune-devices-manageddevice-initiatemobiledevicemanagementkeyrecovery.md)|None|Perform MDM key recovery and TPM attestation| |[initiateOnDemandProactiveRemediation action](../api/intune-devices-manageddevice-initiateondemandproactiveremediation.md)|None|Perform On Demand Proactive Remediation| |[rotateLocalAdminPassword action](../api/intune-devices-manageddevice-rotatelocaladminpassword.md)|None|Initiates a manual rotation for the local admin password on the device|
-|[getOemWarranty function](../api/intune-devices-manageddevice-getoemwarranty.md)|[oemWarranty](../resources/intune-devices-oemwarranty.md)|Not yet documented|
|[appDiagnostics function](../api/intune-devices-manageddevice-appdiagnostics.md)|[powerliftIncidentMetadata](../resources/intune-devices-powerliftincidentmetadata.md) collection|Not yet documented| |[downloadAppDiagnostics action](../api/intune-devices-manageddevice-downloadappdiagnostics.md)|Stream|Not yet documented|
Devices that are managed or pre-enrolled through Intune
|id|String|Unique Identifier for the device. This property is read-only.| |userId|String|Unique Identifier for the user associated with the device. This property is read-only.| |deviceName|String|Name of the device. This property is read-only.|
-|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. Return default value in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
-|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Can be 'company' or 'personal'. Possible values are: `unknown`, `company`, `personal`.|
+|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. By default most property of this type are set to null/0/false and enum defaults for associated types. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Possible values are, 'company' or 'personal'. Default is unknown. Supports $filter operator 'eq' and 'or'. Possible values are: `unknown`, `company`, `personal`.|
|managedDeviceOwnerType|[managedDeviceOwnerType](../resources/intune-shared-manageddeviceownertype.md)|Ownership of the device. Can be 'company' or 'personal'. Possible values are: `unknown`, `company`, `personal`.| |deviceActionResults|[deviceActionResult](../resources/intune-devices-deviceactionresult.md) collection|List of ComplexType deviceActionResult objects. This property is read-only.|
-|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. This property is read-only. Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
-|enrolledDateTime|DateTimeOffset|Enrollment time of the device. This property is read-only.|
-|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. This property is read-only.|
+|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. Examples: Managed, RetirePending, etc. Default is managed. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
+|enrolledDateTime|DateTimeOffset|Enrollment time of the device. Supports $filter operator 'lt' and 'gt'. This property is read-only.|
+|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. Supports $filter operator 'lt' and 'gt'. This property is read-only.|
|chassisType|[chassisType](../resources/intune-devices-chassistype.md)|Chassis type of the device. This property is read-only. Possible values are: `unknown`, `desktop`, `laptop`, `worksWorkstation`, `enterpriseServer`, `phone`, `tablet`, `mobileOther`, `mobileUnknown`.| |operatingSystem|String|Operating system of the device. Windows, iOS, etc. This property is read-only.|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|Platform of the device. This property is read-only. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
-|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. This property is read-only. Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
-|jailBroken|String|whether the device is jail broken or rooted. This property is read-only.|
-|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Intune, EAS, etc. This property is read-only. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|Platform of the device. Examples: Desktop, WindowsRT, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. Examples: Compliant, Conflict, Error, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
+|jailBroken|String|Whether the device is jail broken or rooted. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only.|
+|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Examples: Intune, EAS, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
|osVersion|String|Operating system version of the device. This property is read-only.| |easActivated|Boolean|Whether the device is Exchange ActiveSync activated. This property is read-only.| |easDeviceId|String|Exchange ActiveSync Id of the device. This property is read-only.|
Devices that are managed or pre-enrolled through Intune
|azureADRegistered|Boolean|Whether the device is Azure Active Directory registered. This property is read-only.| |deviceEnrollmentType|[deviceEnrollmentType](../resources/intune-devices-deviceenrollmenttype.md)|Enrollment type of the device. This property is read-only. Possible values are: `unknown`, `userEnrollment`, `deviceEnrollmentManager`, `appleBulkWithUser`, `appleBulkWithoutUser`, `windowsAzureADJoin`, `windowsBulkUserless`, `windowsAutoEnrollment`, `windowsBulkAzureDomainJoin`, `windowsCoManagement`, `windowsAzureADJoinUsingDeviceAuth`, `appleUserEnrollment`, `appleUserEnrollmentWithServiceAccount`, `azureAdJoinUsingAzureVmExtension`, `androidEnterpriseDedicatedDevice`, `androidEnterpriseFullyManaged`, `androidEnterpriseCorporateWorkProfile`.| |lostModeState|[lostModeState](../resources/intune-devices-lostmodestate.md)|Indicates if Lost mode is enabled or disabled. This property is read-only. Possible values are: `disabled`, `enabled`.|
-|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. Individual GET call with select query options is needed to retrieve actual values. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
|emailAddress|String|Email(s) for the user associated with the device. This property is read-only.| |azureActiveDirectoryDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only.| |azureADDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only.| |deviceRegistrationState|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|Device registration state. This property is read-only. Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.|
-|deviceCategoryDisplayName|String|Device category display name. This property is read-only.|
+|deviceCategoryDisplayName|String|Device category display name. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only.|
|isSupervised|Boolean|Device supervised status. This property is read-only.| |exchangeLastSuccessfulSyncDateTime|DateTimeOffset|Last time the device contacted Exchange. This property is read-only.| |exchangeAccessState|[deviceManagementExchangeAccessState](../resources/intune-devices-devicemanagementexchangeaccessstate.md)|The Access State of the device in Exchange. This property is read-only. Possible values are: `none`, `unknown`, `allowed`, `blocked`, `quarantined`.| |exchangeAccessStateReason|[deviceManagementExchangeAccessStateReason](../resources/intune-devices-devicemanagementexchangeaccessstatereason.md)|The reason for the device's access state in Exchange. This property is read-only. Possible values are: `none`, `unknown`, `exchangeGlobalRule`, `exchangeIndividualRule`, `exchangeDeviceRule`, `exchangeUpgrade`, `exchangeMailboxPolicy`, `other`, `compliant`, `notCompliant`, `notEnrolled`, `unknownLocation`, `mfaRequired`, `azureADBlockDueToAccessPolicy`, `compromisedPassword`, `deviceNotKnownWithManagedApp`.|
-|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. This property is read-only.|
+|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only.|
|remoteAssistanceSessionErrorDetails|String|An error string that identifies issues when creating Remote Assistance session objects. This property is read-only.| |isEncrypted|Boolean|Device encryption status. This property is read-only.| |userPrincipalName|String|Device user principal name. This property is read-only.|
Devices that are managed or pre-enrolled through Intune
|autopilotEnrolled|Boolean|Reports if the managed device is enrolled via auto-pilot. This property is read-only.| |requireUserEnrollmentApproval|Boolean|Reports if the managed iOS device is user approval enrollment. This property is read-only.| |managementCertificateExpirationDate|DateTimeOffset|Reports device management certificate expiration date. This property is read-only.|
-|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
-|udid|String|Unique Device Identifier for iOS and macOS devices. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
+|udid|String|Unique Device Identifier for iOS and macOS devices. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only.|
|roleScopeTagIds|String collection|List of Scope Tag IDs for this Device instance.|
-|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. This property is read-only.|
-|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. This property is read-only.|
-|notes|String|Notes on the device created by IT Admin. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported.|
+|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only.|
+|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only.|
+|notes|String|Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported.|
|configurationManagerClientHealthState|[configurationManagerClientHealthState](../resources/intune-devices-configurationmanagerclienthealthstate.md)|Configuration manager client health state, valid only for devices managed by MDM/ConfigMgr Agent| |configurationManagerClientInformation|[configurationManagerClientInformation](../resources/intune-devices-configurationmanagerclientinformation.md)|Configuration manager client information, valid only for devices managed, duel-managed or tri-managed by ConfigMgr Agent| |ethernetMacAddress|String|Indicates Ethernet MAC Address of the device. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity. Individual get call with select query options is needed to retrieve actual values. Example: deviceManagement/managedDevices({managedDeviceId})?$select=ethernetMacAddress Supports: $select. $Search is not supported. Read-only. This property is read-only.|
-|physicalMemoryInBytes|Int64|Total Memory in Bytes. Return default value 0 in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. Default value is 0. Read-only. This property is read-only.|
+|physicalMemoryInBytes|Int64|Total Memory in Bytes. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. Read-only. This property is read-only.|
|processorArchitecture|[managedDeviceArchitecture](../resources/intune-devices-manageddevicearchitecture.md)|Processor architecture. This property is read-only. Possible values are: `unknown`, `x86`, `x64`, `arm`, `arM64`.| |specificationVersion|String|Specification version. This property is read-only.| |joinType|[joinType](../resources/intune-devices-jointype.md)|Device join type. Possible values are: `unknown`, `azureADJoined`, `azureADRegistered`, `hybridAzureADJoined`.| |skuFamily|String|Device sku family| |skuNumber|Int32|Device sku number, see also: https://learn.microsoft.com/windows/win32/api/sysinfoapi/nf-sysinfoapi-getproductinfo. Valid values 0 to 2147483647. This property is read-only.| |managementFeatures|[managedDeviceManagementFeatures](../resources/intune-devices-manageddevicemanagementfeatures.md)|Device management features. Possible values are: `none`, `microsoftManagedDesktop`.|
-|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device.|
+|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Default is an empty list. To retrieve actual values GET call needs to be made, with device id and included in select parameter.|
|enrollmentProfileName|String|Name of the enrollment profile assigned to the device. Default value is empty string, indicating no enrollment profile was assgined. This property is read-only.| |bootstrapTokenEscrowed|Boolean|Reports if the managed device has an escrowed Bootstrap Token. This is only for macOS devices. To get, include BootstrapTokenEscrowed in the select clause and query with a device id. If FALSE, no bootstrap token is escrowed. If TRUE, the device has escrowed a bootstrap token with Intune. This property is read-only.| |deviceFirmwareConfigurationInterfaceManaged|Boolean|Indicates whether the device is DFCI managed. When TRUE the device is DFCI managed. When FALSE, the device is not DFCI managed. The default value is FALSE.|
v1.0 Intune Devices Oemwarranty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-oemwarranty.md
- Title: "oemWarranty resource type"
-description: "OEM Warranty information for a given device"
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# oemWarranty resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-OEM Warranty information for a given device
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|baseWarranties|[warrantyOffer](../resources/intune-devices-warrantyoffer.md) collection|List of base warranty offers. This collection can contain a maximum of 100 elements.|
-|additionalWarranties|[warrantyOffer](../resources/intune-devices-warrantyoffer.md) collection|List of additional warranty offers. This collection can contain a maximum of 100 elements.|
-|deviceWarrantyUrl|String|Device warranty page URL|
-|deviceConfigurationUrl|String|Device configuration page URL|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.oemWarranty"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.oemWarranty",
- "baseWarranties": [
- {
- "@odata.type": "microsoft.graph.warrantyOffer",
- "type": "String",
- "description": "String",
- "startDateTime": "String (timestamp)",
- "endDateTime": "String (timestamp)"
- }
- ],
- "additionalWarranties": [
- {
- "@odata.type": "microsoft.graph.warrantyOffer",
- "type": "String",
- "description": "String",
- "startDateTime": "String (timestamp)",
- "endDateTime": "String (timestamp)"
- }
- ],
- "deviceWarrantyUrl": "String",
- "deviceConfigurationUrl": "String"
-}
-```
v1.0 Intune Devices Oemwarrantyinformationonboarding https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-oemwarrantyinformationonboarding.md
- Title: "oemWarrantyInformationOnboarding resource type"
-description: "Warranty status entity for a given OEM"
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# oemWarrantyInformationOnboarding resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Warranty status entity for a given OEM
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List oemWarrantyInformationOnboardings](../api/intune-devices-oemwarrantyinformationonboarding-list.md)|[oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) collection|List properties and relationships of the [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) objects.|
-|[Get oemWarrantyInformationOnboarding](../api/intune-devices-oemwarrantyinformationonboarding-get.md)|[oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md)|Read properties and relationships of the [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object.|
-|[Create oemWarrantyInformationOnboarding](../api/intune-devices-oemwarrantyinformationonboarding-create.md)|[oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md)|Create a new [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object.|
-|[Delete oemWarrantyInformationOnboarding](../api/intune-devices-oemwarrantyinformationonboarding-delete.md)|None|Deletes a [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md).|
-|[Update oemWarrantyInformationOnboarding](../api/intune-devices-oemwarrantyinformationonboarding-update.md)|[oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md)|Update the properties of a [oemWarrantyInformationOnboarding](../resources/intune-devices-oemwarrantyinformationonboarding.md) object.|
-|[enable action](../api/intune-devices-oemwarrantyinformationonboarding-enable.md)|None|Not yet documented|
-|[disable action](../api/intune-devices-oemwarrantyinformationonboarding-disable.md)|None|Not yet documented|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique Identifier for OEM Warranty status. This property is read-only.|
-|oemName|String|OEM name. This property is read-only.|
-|enabled|Boolean|Specifies whether warranty query is enabled for given OEM. This property is read-only.|
-|available|Boolean|Specifies whether warranty API is available. This property is read-only.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.oemWarrantyInformationOnboarding"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.oemWarrantyInformationOnboarding",
- "id": "String (identifier)",
- "oemName": "String",
- "enabled": true,
- "available": true
-}
-```
v1.0 Intune Devices Warrantyoffer https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-warrantyoffer.md
- Title: "warrantyOffer resource type"
-description: "Models and Manufactures meatadata for managed devices in the account"
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# warrantyOffer resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Models and Manufactures meatadata for managed devices in the account
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|type|[warrantyType](../resources/intune-devices-warrantytype.md)|Warranty offer type. Possible values are: `unknown`, `manufacturer`, `contractual`, `unknownFutureValue`.|
-|description|String|Warranty offer description|
-|startDateTime|DateTimeOffset|Warranty offer start date|
-|endDateTime|DateTimeOffset|Warranty offer end date|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.warrantyOffer"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.warrantyOffer",
- "type": "String",
- "description": "String",
- "startDateTime": "String (timestamp)",
- "endDateTime": "String (timestamp)"
-}
-```
v1.0 Intune Devices Warrantytype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-warrantytype.md
- Title: "warrantyType enum type"
-description: "Models and Manufactures meatadata for managed devices in the account"
-
-localization_priority: Normal
-doc_type: enumPageType
--
-# warrantyType enum type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Models and Manufactures meatadata for managed devices in the account
-
-## Members
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown warranty type|
-|manufacturer|1|Manufacturer warranty|
-|contractual|2|Contractual warranty|
-|unknownFutureValue|255|Unknown future value|
v1.0 Intune Devices Windowsmanageddevice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-windowsmanageddevice.md
Inherits from [managedDevice](../resources/intune-devices-manageddevice.md)
|id|String|Unique Identifier for the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |userId|String|Unique Identifier for the user associated with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceName|String|Name of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. Return default value in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Can be 'company' or 'personal' Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.|
+|hardwareInformation|[hardwareInformation](../resources/intune-devices-hardwareinformation.md)|The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. By default most property of this type are set to null/0/false and enum defaults for associated types. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|ownerType|[ownerType](../resources/intune-shared-ownertype.md)|Ownership of the device. Possible values are, 'company' or 'personal'. Default is unknown. Supports $filter operator 'eq' and 'or'. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.|
|managedDeviceOwnerType|[managedDeviceOwnerType](../resources/intune-shared-manageddeviceownertype.md)|Ownership of the device. Can be 'company' or 'personal' Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `company`, `personal`.| |deviceActionResults|[deviceActionResult](../resources/intune-devices-deviceactionresult.md) collection|List of ComplexType deviceActionResult objects. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
-|enrolledDateTime|DateTimeOffset|Enrollment time of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|managementState|[managementState](../resources/intune-devices-managementstate.md)|Management state of the device. Examples: Managed, RetirePending, etc. Default is managed. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `managed`, `retirePending`, `retireFailed`, `wipePending`, `wipeFailed`, `unhealthy`, `deletePending`, `retireIssued`, `wipeIssued`, `wipeCanceled`, `retireCanceled`, `discovered`.|
+|enrolledDateTime|DateTimeOffset|Enrollment time of the device. Supports $filter operator 'lt' and 'gt'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|lastSyncDateTime|DateTimeOffset|The date and time that the device last completed a successful sync with Intune. Supports $filter operator 'lt' and 'gt'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|chassisType|[chassisType](../resources/intune-devices-chassistype.md)|Chassis type of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `desktop`, `laptop`, `worksWorkstation`, `enterpriseServer`, `phone`, `tablet`, `mobileOther`, `mobileUnknown`.| |operatingSystem|String|Operating system of the device. Windows, iOS, etc. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|deviceType|[deviceType](../resources/intune-shared-devicetype.md)|Platform of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
-|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
-|jailBroken|String|whether the device is jail broken or rooted. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Intune, EAS, etc. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
+|deviceType|[deviceType](../resources/intune-devices-devicetype.md)|Platform of the device. Examples: Desktop, WindowsRT, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `desktop`, `windowsRT`, `winMO6`, `nokia`, `windowsPhone`, `mac`, `winCE`, `winEmbedded`, `iPhone`, `iPad`, `iPod`, `android`, `iSocConsumer`, `unix`, `macMDM`, `holoLens`, `surfaceHub`, `androidForWork`, `androidEnterprise`, `windows10x`, `androidnGMS`, `chromeOS`, `linux`, `blackberry`, `palm`, `unknown`, `cloudPC`.|
+|complianceState|[complianceState](../resources/intune-devices-compliancestate.md)|Compliance state of the device. Examples: Compliant, Conflict, Error, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `compliant`, `noncompliant`, `conflict`, `error`, `inGracePeriod`, `configManager`.|
+|jailBroken|String|Whether the device is jail broken or rooted. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|managementAgent|[managementAgentType](../resources/intune-shared-managementagenttype.md)|Management channel of the device. Examples: Intune, EAS, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `eas`, `mdm`, `easMdm`, `intuneClient`, `easIntuneClient`, `configurationManagerClient`, `configurationManagerClientMdm`, `configurationManagerClientMdmEas`, `unknown`, `jamf`, `googleCloudDevicePolicyController`, `microsoft365ManagedMdm`, `msSense`, `intuneAosp`.|
|osVersion|String|Operating system version of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |easActivated|Boolean|Whether the device is Exchange ActiveSync activated. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |easDeviceId|String|Exchange ActiveSync Id of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
Inherits from [managedDevice](../resources/intune-devices-manageddevice.md)
|azureADRegistered|Boolean|Whether the device is Azure Active Directory registered. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceEnrollmentType|[deviceEnrollmentType](../resources/intune-devices-deviceenrollmenttype.md)|Enrollment type of the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `userEnrollment`, `deviceEnrollmentManager`, `appleBulkWithUser`, `appleBulkWithoutUser`, `windowsAzureADJoin`, `windowsBulkUserless`, `windowsAutoEnrollment`, `windowsBulkAzureDomainJoin`, `windowsCoManagement`, `windowsAzureADJoinUsingDeviceAuth`, `appleUserEnrollment`, `appleUserEnrollmentWithServiceAccount`, `azureAdJoinUsingAzureVmExtension`, `androidEnterpriseDedicatedDevice`, `androidEnterpriseFullyManaged`, `androidEnterpriseCorporateWorkProfile`.| |lostModeState|[lostModeState](../resources/intune-devices-lostmodestate.md)|Indicates if Lost mode is enabled or disabled. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `disabled`, `enabled`.|
-|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. Individual GET call with select query options is needed to retrieve actual values. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|activationLockBypassCode|String|The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity in LIST call. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|emailAddress|String|Email(s) for the user associated with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |azureActiveDirectoryDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |azureADDeviceId|String|The unique identifier for the Azure Active Directory device. Read only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceRegistrationState|[deviceRegistrationState](../resources/intune-devices-deviceregistrationstate.md)|Device registration state. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `notRegistered`, `registered`, `revoked`, `keyConflict`, `approvalPending`, `certificateReset`, `notRegisteredPendingEnrollment`, `unknown`.|
-|deviceCategoryDisplayName|String|Device category display name. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|deviceCategoryDisplayName|String|Device category display name. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|isSupervised|Boolean|Device supervised status. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |exchangeLastSuccessfulSyncDateTime|DateTimeOffset|Last time the device contacted Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |exchangeAccessState|[deviceManagementExchangeAccessState](../resources/intune-devices-devicemanagementexchangeaccessstate.md)|The Access State of the device in Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `unknown`, `allowed`, `blocked`, `quarantined`.| |exchangeAccessStateReason|[deviceManagementExchangeAccessStateReason](../resources/intune-devices-devicemanagementexchangeaccessstatereason.md)|The reason for the device's access state in Exchange. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `unknown`, `exchangeGlobalRule`, `exchangeIndividualRule`, `exchangeDeviceRule`, `exchangeUpgrade`, `exchangeMailboxPolicy`, `other`, `compliant`, `notCompliant`, `notEnrolled`, `unknownLocation`, `mfaRequired`, `azureADBlockDueToAccessPolicy`, `compromisedPassword`, `deviceNotKnownWithManagedApp`.|
-|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|remoteAssistanceSessionUrl|String|Url that allows a Remote Assistance session to be established with the device. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|remoteAssistanceSessionErrorDetails|String|An error string that identifies issues when creating Remote Assistance session objects. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |isEncrypted|Boolean|Device encryption status. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |userPrincipalName|String|Device user principal name. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
Inherits from [managedDevice](../resources/intune-devices-manageddevice.md)
|autopilotEnrolled|Boolean|Reports if the managed device is enrolled via auto-pilot. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |requireUserEnrollmentApproval|Boolean|Reports if the managed iOS device is user approval enrollment. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |managementCertificateExpirationDate|DateTimeOffset|Reports device management certificate expiration date. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|udid|String|Unique Device Identifier for iOS and macOS devices. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|iccid|String|Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|udid|String|Unique Device Identifier for iOS and macOS devices. Default is an empty string. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|roleScopeTagIds|String collection|List of Scope Tag IDs for this Device instance. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|notes|String|Notes on the device created by IT Admin. Return default value null in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. $Search is not supported. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|windowsActiveMalwareCount|Int32|Count of active malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|windowsRemediatedMalwareCount|Int32|Count of remediated malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|notes|String|Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|configurationManagerClientHealthState|[configurationManagerClientHealthState](../resources/intune-devices-configurationmanagerclienthealthstate.md)|Configuration manager client health state, valid only for devices managed by MDM/ConfigMgr Agent Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |configurationManagerClientInformation|[configurationManagerClientInformation](../resources/intune-devices-configurationmanagerclientinformation.md)|Configuration manager client information, valid only for devices managed, duel-managed or tri-managed by ConfigMgr Agent Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |ethernetMacAddress|String|Indicates Ethernet MAC Address of the device. Default, is Null (Non-Default property) for this property when returned as part of managedDevice entity. Individual get call with select query options is needed to retrieve actual values. Example: deviceManagement/managedDevices({managedDeviceId})?$select=ethernetMacAddress Supports: $select. $Search is not supported. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
-|physicalMemoryInBytes|Int64|Total Memory in Bytes. Return default value 0 in LIST managedDevices. Real value only returned in singel device GET call with device id and included in select parameter. Supports: $select. Default value is 0. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|physicalMemoryInBytes|Int64|Total Memory in Bytes. Default is 0. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. Read-only. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|processorArchitecture|[managedDeviceArchitecture](../resources/intune-devices-manageddevicearchitecture.md)|Processor architecture. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `x86`, `x64`, `arm`, `arM64`.| |specificationVersion|String|Specification version. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |joinType|[joinType](../resources/intune-devices-jointype.md)|Device join type Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `unknown`, `azureADJoined`, `azureADRegistered`, `hybridAzureADJoined`.| |skuFamily|String|Device sku family Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |skuNumber|Int32|Device sku number, see also: https://learn.microsoft.com/windows/win32/api/sysinfoapi/nf-sysinfoapi-getproductinfo. Valid values 0 to 2147483647. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |managementFeatures|[managedDeviceManagementFeatures](../resources/intune-devices-manageddevicemanagementfeatures.md)|Device management features Inherited from [managedDevice](../resources/intune-devices-manageddevice.md). Possible values are: `none`, `microsoftManagedDesktop`.|
-|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
+|chromeOSDeviceInfo|[chromeOSDeviceProperty](../resources/intune-devices-chromeosdeviceproperty.md) collection|List of properties of the ChromeOS Device. Default is an empty list. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
|enrollmentProfileName|String|Name of the enrollment profile assigned to the device. Default value is empty string, indicating no enrollment profile was assgined. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |bootstrapTokenEscrowed|Boolean|Reports if the managed device has an escrowed Bootstrap Token. This is only for macOS devices. To get, include BootstrapTokenEscrowed in the select clause and query with a device id. If FALSE, no bootstrap token is escrowed. If TRUE, the device has escrowed a bootstrap token with Intune. This property is read-only. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)| |deviceFirmwareConfigurationInterfaceManaged|Boolean|Indicates whether the device is DFCI managed. When TRUE the device is DFCI managed. When FALSE, the device is not DFCI managed. The default value is FALSE. Inherited from [managedDevice](../resources/intune-devices-manageddevice.md)|
v1.0 Intune Enrollment Depmacosenrollmentprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-enrollment-depmacosenrollmentprofile.md
Inherits from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrol
|adminAccountFullName|String|Indicates what the full name for the admin account is| |adminAccountPassword|String|Indicates what the password for the admin account is| |hideAdminAccount|Boolean|Indicates whether the admin account should be hidded or not|
-|requestRequiresNetworkTether|Boolean|Indicates if the device is network-tethered to run the command|
## Relationships None
Here is a JSON representation of the resource.
"adminAccountUserName": "String", "adminAccountFullName": "String", "adminAccountPassword": "String",
- "hideAdminAccount": true,
- "requestRequiresNetworkTether": true
+ "hideAdminAccount": true
} ```
v1.0 Intune Fencing Binarymanagementconditionexpression https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-binarymanagementconditionexpression.md
- Title: "binaryManagementConditionExpression resource type"
-description: "A management condition expression that is evaluated using a binary operation."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# binaryManagementConditionExpression resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-A management condition expression that is evaluated using a binary operation.
--
-Inherits from [managementConditionExpressionModel](../resources/intune-fencing-managementconditionexpressionmodel.md)
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|operator|[binaryManagementConditionExpressionOperatorType](../resources/intune-fencing-binarymanagementconditionexpressionoperatortype.md)|The operator used in the evaluation of the binary operation. Possible values are: `or`, `and`.|
-|firstOperand|[managementConditionExpressionModel](../resources/intune-fencing-managementconditionexpressionmodel.md)|The first operand of the binary operation.|
-|secondOperand|[managementConditionExpressionModel](../resources/intune-fencing-managementconditionexpressionmodel.md)|The second operand of the binary operation.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": null
- }
- }
- }
- }
- }
- }
- }
- }
- }
- }
- }
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": null
- }
- }
- }
- }
- }
- }
- }
- }
- }
- }
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- }
-}
-```
v1.0 Intune Fencing Binarymanagementconditionexpressionoperatortype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-binarymanagementconditionexpressionoperatortype.md
- Title: "binaryManagementConditionExpressionOperatorType enum type"
-description: "Supported binary operators for management condition expressions."
-
-localization_priority: Normal
-doc_type: enumPageType
--
-# binaryManagementConditionExpressionOperatorType enum type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Supported binary operators for management condition expressions.
-
-## Members
-|Member|Value|Description|
-|:|:|:|
-|or|0|Evaluates a set of operands as true if and only if one or more of its operands is true.|
-|and|1|Evaluates a set of operands as true if and only if all of its operands are true.|
v1.0 Intune Fencing Circulargeofencemanagementcondition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-circulargeofencemanagementcondition.md
- Title: "circularGeofenceManagementCondition resource type"
-description: "Contains the information to define a circular geo-fence management condition, an area of interest, to monitor."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# circularGeofenceManagementCondition resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Contains the information to define a circular geo-fence management condition, an area of interest, to monitor.
--
-Inherits from [locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md)
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List circularGeofenceManagementConditions](../api/intune-fencing-circulargeofencemanagementcondition-list.md)|[circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) collection|List properties and relationships of the [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) objects.|
-|[Get circularGeofenceManagementCondition](../api/intune-fencing-circulargeofencemanagementcondition-get.md)|[circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md)|Read properties and relationships of the [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object.|
-|[Create circularGeofenceManagementCondition](../api/intune-fencing-circulargeofencemanagementcondition-create.md)|[circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md)|Create a new [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object.|
-|[Delete circularGeofenceManagementCondition](../api/intune-fencing-circulargeofencemanagementcondition-delete.md)|None|Deletes a [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md).|
-|[Update circularGeofenceManagementCondition](../api/intune-fencing-circulargeofencemanagementcondition-update.md)|[circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md)|Update the properties of a [circularGeofenceManagementCondition](../resources/intune-fencing-circulargeofencemanagementcondition.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|latitude|Double|Latitude in degrees, between -90 and +90 inclusive.|
-|longitude|Double|Longitude in degrees, between -180 and +180 inclusive.|
-|radiusInMeters|Single|Radius in meters.|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|managementConditionStatements|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|The management condition statements associated to the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.circularGeofenceManagementCondition"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.circularGeofenceManagementCondition",
- "id": "String (identifier)",
- "uniqueName": "String",
- "displayName": "String",
- "description": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedDateTime": "String (timestamp)",
- "eTag": "String",
- "applicablePlatforms": [
- "String"
- ],
- "latitude": "4.2",
- "longitude": "4.2",
- "radiusInMeters": 4.2
-}
-```
v1.0 Intune Fencing Deviceplatformtype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-deviceplatformtype.md
- Title: "devicePlatformType enum type"
-description: "Supported platform types."
-
-localization_priority: Normal
-doc_type: enumPageType
--
-# devicePlatformType enum type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Supported platform types.
-
-## Members
-|Member|Value|Description|
-|:|:|:|
-|android|0|Android.|
-|androidForWork|1|AndroidForWork.|
-|iOS|2|iOS.|
-|macOS|3|MacOS.|
-|windowsPhone81|4|WindowsPhone 8.1.|
-|windows81AndLater|5|Windows 8.1 and later|
-|windows10AndLater|6|Windows 10 and later.|
-|androidWorkProfile|7|Android Work Profile.|
-|unknown|8|Unknown.|
v1.0 Intune Fencing Locationmanagementcondition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-locationmanagementcondition.md
- Title: "locationManagementCondition resource type"
-description: "Contains the information to define a location management condition, an area of interest, to monitor."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# locationManagementCondition resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Contains the information to define a location management condition, an area of interest, to monitor.
--
-Inherits from [managementCondition](../resources/intune-fencing-managementcondition.md)
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List locationManagementConditions](../api/intune-fencing-locationmanagementcondition-list.md)|[locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md) collection|List properties and relationships of the [locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md) objects.|
-|[Get locationManagementCondition](../api/intune-fencing-locationmanagementcondition-get.md)|[locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md)|Read properties and relationships of the [locationManagementCondition](../resources/intune-fencing-locationmanagementcondition.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|managementConditionStatements|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|The management condition statements associated to the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.locationManagementCondition"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.locationManagementCondition",
- "id": "String (identifier)",
- "uniqueName": "String",
- "displayName": "String",
- "description": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedDateTime": "String (timestamp)",
- "eTag": "String",
- "applicablePlatforms": [
- "String"
- ]
-}
-```
v1.0 Intune Fencing Managementcondition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-managementcondition.md
- Title: "managementCondition resource type"
-description: "Management conditions are events that can be triggered dynamically such as geo-fences, time-fences, and network-fences."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# managementCondition resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Management conditions are events that can be triggered dynamically such as geo-fences, time-fences, and network-fences.
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List managementConditions](../api/intune-fencing-managementcondition-list.md)|[managementCondition](../resources/intune-fencing-managementcondition.md) collection|List properties and relationships of the [managementCondition](../resources/intune-fencing-managementcondition.md) objects.|
-|[Get managementCondition](../api/intune-fencing-managementcondition-get.md)|[managementCondition](../resources/intune-fencing-managementcondition.md)|Read properties and relationships of the [managementCondition](../resources/intune-fencing-managementcondition.md) object.|
-|[getManagementConditionsForPlatform function](../api/intune-fencing-managementcondition-getmanagementconditionsforplatform.md)|[managementCondition](../resources/intune-fencing-managementcondition.md) collection|Not yet documented|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created.|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions.|
-|displayName|String|The admin defined name of the management condition.|
-|description|String|The admin defined description of the management condition.|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side.|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side.|
-|eTag|String|ETag of the management condition. Updated service side.|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition.|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|managementConditionStatements|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|The management condition statements associated to the management condition.|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.managementCondition"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.managementCondition",
- "id": "String (identifier)",
- "uniqueName": "String",
- "displayName": "String",
- "description": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedDateTime": "String (timestamp)",
- "eTag": "String",
- "applicablePlatforms": [
- "String"
- ]
-}
-```
v1.0 Intune Fencing Managementconditionexpression https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-managementconditionexpression.md
- Title: "managementConditionExpression resource type"
-description: "A management condition expression is an expression that produces a boolean value when evaluated, i.e. one of true or false, indicating that a management condition statement is activated/deactivated. A management condition expression may be composed of a combination of the expression variables and boolean-valued expression operators."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# managementConditionExpression resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-A management condition expression is an expression that produces a boolean value when evaluated, i.e. one of true or false, indicating that a management condition statement is activated/deactivated. A management condition expression may be composed of a combination of the expression variables and boolean-valued expression operators.
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.managementConditionExpression"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.managementConditionExpression"
-}
-```
v1.0 Intune Fencing Managementconditionexpressionmodel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-managementconditionexpressionmodel.md
- Title: "managementConditionExpressionModel resource type"
-description: "A management condition expression model is an model representation of a management condition expression."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# managementConditionExpressionModel resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-A management condition expression model is an model representation of a management condition expression.
--
-Inherits from [managementConditionExpression](../resources/intune-fencing-managementconditionexpression.md)
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.managementConditionExpressionModel"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.managementConditionExpressionModel"
-}
-```
v1.0 Intune Fencing Managementconditionexpressionstring https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-managementconditionexpressionstring.md
- Title: "managementConditionExpressionString resource type"
-description: "A management condition expression string is a string representation of a management condition expression."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# managementConditionExpressionString resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-A management condition expression string is a string representation of a management condition expression.
--
-Inherits from [managementConditionExpression](../resources/intune-fencing-managementconditionexpression.md)
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|value|String|The management condition statement expression string value.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.managementConditionExpressionString"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.managementConditionExpressionString",
- "value": "String"
-}
-```
v1.0 Intune Fencing Managementconditionstatement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-managementconditionstatement.md
- Title: "managementConditionStatement resource type"
-description: "A management condition statement is a group of management conditions that enable/disable device/application configurations when all contained management conditions are met."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# managementConditionStatement resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-A management condition statement is a group of management conditions that enable/disable device/application configurations when all contained management conditions are met.
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List managementConditionStatements](../api/intune-fencing-managementconditionstatement-list.md)|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|List properties and relationships of the [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) objects.|
-|[Get managementConditionStatement](../api/intune-fencing-managementconditionstatement-get.md)|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md)|Read properties and relationships of the [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object.|
-|[Create managementConditionStatement](../api/intune-fencing-managementconditionstatement-create.md)|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md)|Create a new [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object.|
-|[Delete managementConditionStatement](../api/intune-fencing-managementconditionstatement-delete.md)|None|Deletes a [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md).|
-|[Update managementConditionStatement](../api/intune-fencing-managementconditionstatement-update.md)|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md)|Update the properties of a [managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) object.|
-|[getManagementConditionStatementExpressionString function](../api/intune-fencing-managementconditionstatement-getmanagementconditionstatementexpressionstring.md)|[managementConditionExpressionString](../resources/intune-fencing-managementconditionexpressionstring.md)|Not yet documented|
-|[getManagementConditionStatementsForPlatform function](../api/intune-fencing-managementconditionstatement-getmanagementconditionstatementsforplatform.md)|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|Not yet documented|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition statement. System generated value assigned when created.|
-|displayName|String|The admin defined name of the management condition statement.|
-|description|String|The admin defined description of the management condition statement.|
-|createdDateTime|DateTimeOffset|The time the management condition statement was created. Generated service side.|
-|modifiedDateTime|DateTimeOffset|The time the management condition statement was last modified. Updated service side.|
-|expression|[managementConditionExpression](../resources/intune-fencing-managementconditionexpression.md)|The management condition statement expression used to evaluate if a management condition statement was activated/deactivated.|
-|eTag|String|ETag of the management condition statement. Updated service side.|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition statement.
-This is calculated from looking the management conditions associated to the management condition statement and finding the intersection of applicable platforms.|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|managementConditions|[managementCondition](../resources/intune-fencing-managementcondition.md) collection|The management conditions associated to the management condition statement.|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.managementConditionStatement"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.managementConditionStatement",
- "id": "String (identifier)",
- "displayName": "String",
- "description": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedDateTime": "String (timestamp)",
- "expression": {
- "@odata.type": "microsoft.graph.managementConditionExpressionString",
- "value": "String"
- },
- "eTag": "String",
- "applicablePlatforms": [
- "String"
- ]
-}
-```
v1.0 Intune Fencing Networkipv4configurationmanagementcondition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-networkipv4configurationmanagementcondition.md
- Title: "networkIPv4ConfigurationManagementCondition resource type"
-description: "IPv4 configuration-based management conditions may be defined that will trigger when a device detects certain IP network settings. An IP config management conditions will only be considered TRUE when the network connection is active."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# networkIPv4ConfigurationManagementCondition resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-IPv4 configuration-based management conditions may be defined that will trigger when a device detects certain IP network settings. An IP config management conditions will only be considered TRUE when the network connection is active.
--
-Inherits from [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md)
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List networkIPv4ConfigurationManagementConditions](../api/intune-fencing-networkipv4configurationmanagementcondition-list.md)|[networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) collection|List properties and relationships of the [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) objects.|
-|[Get networkIPv4ConfigurationManagementCondition](../api/intune-fencing-networkipv4configurationmanagementcondition-get.md)|[networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md)|Read properties and relationships of the [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object.|
-|[Create networkIPv4ConfigurationManagementCondition](../api/intune-fencing-networkipv4configurationmanagementcondition-create.md)|[networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md)|Create a new [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object.|
-|[Delete networkIPv4ConfigurationManagementCondition](../api/intune-fencing-networkipv4configurationmanagementcondition-delete.md)|None|Deletes a [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md).|
-|[Update networkIPv4ConfigurationManagementCondition](../api/intune-fencing-networkipv4configurationmanagementcondition-update.md)|[networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md)|Update the properties of a [networkIPv4ConfigurationManagementCondition](../resources/intune-fencing-networkipv4configurationmanagementcondition.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|ipV4Prefix|String|The IPv4 subnet to be connected to. e.g. 10.0.0.0/8|
-|ipV4Gateway|String|The IPv4 gateway address. e.g. 10.0.0.0|
-|ipV4DHCPServer|String|The IPv4 address of the DHCP server for the adapter.|
-|ipV4DNSServerList|String collection|The IPv4 DNS servers configured for the adapter.|
-|dnsSuffixList|String collection|Valid DNS suffixes for the current network. e.g. seattle.contoso.com|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|managementConditionStatements|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|The management condition statements associated to the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.networkIPv4ConfigurationManagementCondition"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.networkIPv4ConfigurationManagementCondition",
- "id": "String (identifier)",
- "uniqueName": "String",
- "displayName": "String",
- "description": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedDateTime": "String (timestamp)",
- "eTag": "String",
- "applicablePlatforms": [
- "String"
- ],
- "ipV4Prefix": "String",
- "ipV4Gateway": "String",
- "ipV4DHCPServer": "String",
- "ipV4DNSServerList": [
- "String"
- ],
- "dnsSuffixList": [
- "String"
- ]
-}
-```
v1.0 Intune Fencing Networkipv6configurationmanagementcondition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-networkipv6configurationmanagementcondition.md
- Title: "networkIPv6ConfigurationManagementCondition resource type"
-description: "IPv6 configuration-based management conditions may be defined that will trigger when a device detects certain IP network settings. An IP config management condition will only be considered TRUE when the network connection is active. IPv6 DHCP server addresses may not be matched. This is because Windows(circa Redstone) does not expose this information to the Natural Authentication service."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# networkIPv6ConfigurationManagementCondition resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-IPv6 configuration-based management conditions may be defined that will trigger when a device detects certain IP network settings. An IP config management condition will only be considered TRUE when the network connection is active.
-IPv6 DHCP server addresses may not be matched. This is because Windows(circa Redstone) does not expose this information to the Natural Authentication service.
--
-Inherits from [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md)
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List networkIPv6ConfigurationManagementConditions](../api/intune-fencing-networkipv6configurationmanagementcondition-list.md)|[networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) collection|List properties and relationships of the [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) objects.|
-|[Get networkIPv6ConfigurationManagementCondition](../api/intune-fencing-networkipv6configurationmanagementcondition-get.md)|[networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md)|Read properties and relationships of the [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object.|
-|[Create networkIPv6ConfigurationManagementCondition](../api/intune-fencing-networkipv6configurationmanagementcondition-create.md)|[networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md)|Create a new [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object.|
-|[Delete networkIPv6ConfigurationManagementCondition](../api/intune-fencing-networkipv6configurationmanagementcondition-delete.md)|None|Deletes a [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md).|
-|[Update networkIPv6ConfigurationManagementCondition](../api/intune-fencing-networkipv6configurationmanagementcondition-update.md)|[networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md)|Update the properties of a [networkIPv6ConfigurationManagementCondition](../resources/intune-fencing-networkipv6configurationmanagementcondition.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|ipV6Prefix|String|The IPv6 subnet to be connected to. e.g. 2001:db8::/32|
-|ipV6Gateway|String|The IPv6 gateway address to. e.g 2001:db8::1|
-|ipV6DNSServerList|String collection|An IPv6 DNS servers configured for the adapter.|
-|dnsSuffixList|String collection|Valid DNS suffixes for the current network. e.g. seattle.contoso.com|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|managementConditionStatements|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|The management condition statements associated to the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.networkIPv6ConfigurationManagementCondition"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.networkIPv6ConfigurationManagementCondition",
- "id": "String (identifier)",
- "uniqueName": "String",
- "displayName": "String",
- "description": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedDateTime": "String (timestamp)",
- "eTag": "String",
- "applicablePlatforms": [
- "String"
- ],
- "ipV6Prefix": "String",
- "ipV6Gateway": "String",
- "ipV6DNSServerList": [
- "String"
- ],
- "dnsSuffixList": [
- "String"
- ]
-}
-```
v1.0 Intune Fencing Networkmanagementcondition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-networkmanagementcondition.md
- Title: "networkManagementCondition resource type"
-description: "Contains the information to define a network management condition."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# networkManagementCondition resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Contains the information to define a network management condition.
--
-Inherits from [managementCondition](../resources/intune-fencing-managementcondition.md)
-
-## Methods
-|Method|Return Type|Description|
-|:|:|:|
-|[List networkManagementConditions](../api/intune-fencing-networkmanagementcondition-list.md)|[networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md) collection|List properties and relationships of the [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md) objects.|
-|[Get networkManagementCondition](../api/intune-fencing-networkmanagementcondition-get.md)|[networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md)|Read properties and relationships of the [networkManagementCondition](../resources/intune-fencing-networkmanagementcondition.md) object.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|id|String|Unique identifier for the management condition. System generated value assigned when created. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|uniqueName|String|Unique name for the management condition. Used in management condition expressions. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|displayName|String|The admin defined name of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|description|String|The admin defined description of the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|createdDateTime|DateTimeOffset|The time the management condition was created. Generated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|modifiedDateTime|DateTimeOffset|The time the management condition was last modified. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|eTag|String|ETag of the management condition. Updated service side. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-|applicablePlatforms|[devicePlatformType](../resources/intune-fencing-deviceplatformtype.md) collection|The applicable platforms for this management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|managementConditionStatements|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|The management condition statements associated to the management condition. Inherited from [managementCondition](../resources/intune-fencing-managementcondition.md)|
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.networkManagementCondition"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.networkManagementCondition",
- "id": "String (identifier)",
- "uniqueName": "String",
- "displayName": "String",
- "description": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedDateTime": "String (timestamp)",
- "eTag": "String",
- "applicablePlatforms": [
- "String"
- ]
-}
-```
v1.0 Intune Fencing Unarymanagementconditionexpression https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-unarymanagementconditionexpression.md
- Title: "unaryManagementConditionExpression resource type"
-description: "A management condition expression that is evaluated using a unary operation."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# unaryManagementConditionExpression resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-A management condition expression that is evaluated using a unary operation.
--
-Inherits from [managementConditionExpressionModel](../resources/intune-fencing-managementconditionexpressionmodel.md)
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|operator|[unaryManagementConditionExpressionOperatorType](../resources/intune-fencing-unarymanagementconditionexpressionoperatortype.md)|The operator used in the evaluation of the unary operation. Possible values are: `not`.|
-|operand|[managementConditionExpressionModel](../resources/intune-fencing-managementconditionexpressionmodel.md)|The operand of the unary operation.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.unaryManagementConditionExpression"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.unaryManagementConditionExpression",
- "operator": "String",
- "operand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": "String",
- "firstOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": {
- "@odata.type": "microsoft.graph.binaryManagementConditionExpression",
- "operator": null,
- "firstOperand": null,
- "secondOperand": null
- }
- }
- }
- }
- }
- }
- }
- }
- }
- }
- }
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- },
- "secondOperand": null
- }
-}
-```
v1.0 Intune Fencing Unarymanagementconditionexpressionoperatortype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-unarymanagementconditionexpressionoperatortype.md
- Title: "unaryManagementConditionExpressionOperatorType enum type"
-description: "Supported operators for unary management condition expressions"
-
-localization_priority: Normal
-doc_type: enumPageType
--
-# unaryManagementConditionExpressionOperatorType enum type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Supported operators for unary management condition expressions
-
-## Members
-|Member|Value|Description|
-|:|:|:|
-|not|0|Negates the evaluation of the operand.|
v1.0 Intune Fencing Variablemanagementconditionexpression https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-fencing-variablemanagementconditionexpression.md
- Title: "variableManagementConditionExpression resource type"
-description: "Evaluates the management condition state as a Boolean expression."
-
-localization_priority: Normal
-doc_type: resourcePageType
--
-# variableManagementConditionExpression resource type
-
-Namespace: microsoft.graph
-
-> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
-
-> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
-
-Evaluates the management condition state as a Boolean expression.
--
-Inherits from [managementConditionExpressionModel](../resources/intune-fencing-managementconditionexpressionmodel.md)
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|managementConditionId|String|The management condition id that is used to evaluate the expression.|
-
-## Relationships
-None
-
-## JSON Representation
-Here is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.variableManagementConditionExpression"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.variableManagementConditionExpression",
- "managementConditionId": "String"
-}
-```
v1.0 Intune Grouppolicy Grouppolicypresentationvaluelist https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-grouppolicy-grouppolicypresentationvaluelist.md
Inherits from [groupPolicyPresentationValue](../resources/intune-grouppolicy-gro
|lastModifiedDateTime|DateTimeOffset|The date and time the object was last modified. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |createdDateTime|DateTimeOffset|The date and time the object was created. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |id|String|Key of the entity. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)|
-|values|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
+|values|[keyValuePair](../resources/intune-grouppolicy-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
## Relationships |Relationship|Type|Description|
v1.0 Intune Mam Defaultmanagedappprotection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mam-defaultmanagedappprotection.md
Inherits from [managedAppProtection](../resources/intune-mam-managedappprotectio
|encryptAppData|Boolean|Indicates whether managed-app data should be encrypted. (Android only)| |disableAppEncryptionIfDeviceEncryptionIsEnabled|Boolean|When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android only)| |minimumRequiredSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data. (iOS Only)|
-|customSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
+|customSettings|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
|deployedAppCount|Int32|Count of apps to which the current policy is deployed.| |minimumRequiredPatchVersion|String|Define the oldest required Android security patch level a user can have to gain secure access to the app. (Android only)| |minimumWarningPatchVersion|String|Define the oldest recommended Android security patch level a user can have for secure access to the app. (Android only)|
-|exemptedAppProtocols|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
-|exemptedAppPackages|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
+|exemptedAppProtocols|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
+|exemptedAppPackages|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
|faceIdBlocked|Boolean|Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only)| |minimumWipeSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data.| |minimumWipePatchVersion|String|Android security patch level less than or equal to the specified value will wipe the managed app and the associated company data. (Android only)|
v1.0 Intune Mam Managedappconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mam-managedappconfiguration.md
Inherits from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)
|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)| |id|String|Key of the entity. Inherited from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)| |version|String|Version of the entity. Inherited from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)|
-|customSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to apps for users to whom the configuration is scoped, unalterned by this service|
+|customSettings|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to apps for users to whom the configuration is scoped, unalterned by this service|
## Relationships |Relationship|Type|Description|
v1.0 Intune Mstunnel Microsofttunnelconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mstunnel-microsofttunnelconfiguration.md
Entity that represents a collection of Microsoft Tunnel settings
|routeExcludes|String collection|Subsets of the routes that will not be routed by the server| |splitDNS|String collection|The domains that will be resolved using the provided dns servers| |listenPort|Int32|The port that both TCP and UPD will listen over on the server|
-|advancedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Additional settings that may be applied to the server|
+|advancedSettings|[keyValuePair](../resources/intune-mstunnel-keyvaluepair.md) collection|Additional settings that may be applied to the server|
|lastUpdateDateTime|DateTimeOffset|When the configuration was last updated| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance| |disableUdpConnections|Boolean|When DisableUdpConnections is set, the clients and VPN server will not use DTLS connections to transfer data.|
v1.0 Intune Partnerintegration Securityconfigurationtask https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-partnerintegration-securityconfigurationtask.md
Inherits from [deviceAppManagementTask](../resources/intune-partnerintegration-d
|endpointSecurityPolicyProfile|[endpointSecurityConfigurationProfileType](../resources/intune-partnerintegration-endpointsecurityconfigurationprofiletype.md)|The endpoint security policy profile. Possible values are: `unknown`, `antivirus`, `windowsSecurity`, `bitLocker`, `fileVault`, `firewall`, `firewallRules`, `endpointDetectionAndResponse`, `deviceControl`, `appAndBrowserIsolation`, `exploitProtection`, `webProtection`, `applicationControl`, `attackSurfaceReductionRules`, `accountProtection`.| |insights|String|Information about the mitigation.| |managedDeviceCount|Int32|The number of vulnerable devices. Valid values 0 to 65536|
-|intendedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|The intended settings and their values.|
+|intendedSettings|[keyValuePair](../resources/intune-partnerintegration-keyvaluepair.md) collection|The intended settings and their values.|
## Relationships |Relationship|Type|Description|
v1.0 Intune Policyset Assignmentfilterevaluaterequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfilterevaluaterequest.md
Request for assignment filter evaluation for devices.
## Properties |Property|Type|Description| |:|:|:|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
|rule|String|Rule definition of the Assignment Filter.| |top|Int32|Limit of records per request. Default value is 100, if provided less than 0 or greater than 100| |skip|Int32|Number of records to skip. Default value is 0|
v1.0 Intune Policyset Assignmentfilterevaluationsummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfilterevaluationsummary.md
Represent result summary for assignment filter evaluation
|assignmentFilterId|String|Unique identifier for the assignment filter object| |assignmentFilterLastModifiedDateTime|DateTimeOffset|The time the assignment filter was last modified.| |assignmentFilterDisplayName|String|The admin defined name for assignment filter.|
-|assignmentFilterPlatform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|The platform for which this assignment filter is created. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
+|assignmentFilterPlatform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|The platform for which this assignment filter is created. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
|evaluationResult|[assignmentFilterEvaluationResult](../resources/intune-policyset-assignmentfilterevaluationresult.md)|Assignment filter evaluation result. Possible values are: `unknown`, `match`, `notMatch`, `inconclusive`, `failure`, `notEvaluated`.| |evaluationDateTime|DateTimeOffset|The time assignment filter was evaluated.| |assignmentFilterType|[deviceAndAppManagementAssignmentFilterType](../resources/intune-shared-deviceandappmanagementassignmentfiltertype.md)|Indicate filter type either include or exclude. Possible values are: `none`, `include`, `exclude`.|
v1.0 Intune Policyset Assignmentfiltermanagementtype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfiltermanagementtype.md
+
+ Title: "assignmentFilterManagementType enum type"
+description: "Supported filter management types whether its devices or apps."
+
+localization_priority: Normal
++
+# assignmentFilterManagementType enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Supported filter management types whether its devices or apps.
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|devices|0|Indicates when filter is supported based on device properties. This is the default value when management type resolution fails.|
+|apps|1|Indicates when filter is supported based on app properties.|
+|unknownFutureValue|2|Evolvable enumeration sentinel value. Do not use.|
++++
v1.0 Intune Policyset Assignmentfilterstatusdetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfilterstatusdetails.md
Represent status details for device and payload and all associated applied filte
|managedDeviceId|String|Unique identifier for the device object.| |payloadId|String|Unique identifier for payload object.| |userId|String|Unique identifier for UserId object. Can be null|
-|deviceProperties|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Device properties used for filter evaluation during device check-in time.|
+|deviceProperties|[keyValuePair](../resources/intune-policyset-keyvaluepair.md) collection|Device properties used for filter evaluation during device check-in time.|
|evalutionSummaries|[assignmentFilterEvaluationSummary](../resources/intune-policyset-assignmentfilterevaluationsummary.md) collection|Evaluation result summaries for each filter associated to device and payload| ## Relationships
v1.0 Intune Policyset Deviceandappmanagementassignmentfilter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-deviceandappmanagementassignmentfilter.md
A class containing the properties used for Assignment Filter.
|Property|Type|Description| |:|:|:| |id|String|Key of the Assignment Filter.|
-|createdDateTime|DateTimeOffset|Creation time of the Assignment Filter.|
-|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter.|
-|displayName|String|DisplayName of the Assignment Filter.|
-|description|String|Description of the Assignment Filter.|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
-|rule|String|Rule definition of the Assignment Filter.|
-|roleScopeTags|String collection|RoleScopeTags of the Assignment Filter.|
-|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter|
+|createdDateTime|DateTimeOffset|The creation time of the assignment filter. The value cannot be modified and is automatically populated during new assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'.|
+|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'|
+|displayName|String|The name of the Assignment Filter.|
+|description|String|Optional description of the Assignment Filter.|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Indicates filter is applied to which flatform. Possible values are android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, androidAOSP,androidMobileApplicationManagement, iOSMobileApplicationManagement. Default filter will be applied to 'unknown'. Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
+|rule|String|Rule definition of the assignment filter.|
+|roleScopeTags|String collection|Indicates role scope tags assigned for the assignment filter.|
+|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Indicates associated assignments for a specific filter.|
+|assignmentFilterManagementType|[assignmentFilterManagementType](../resources/intune-policyset-assignmentfiltermanagementtype.md)|Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default filter will be applied to 'devices'. Possible values are: `devices`, `apps`, `unknownFutureValue`.|
## Relationships None
Here is a JSON representation of the resource.
"groupId": "String", "assignmentFilterType": "String" }
- ]
+ ],
+ "assignmentFilterManagementType": "String"
} ```
v1.0 Intune Policyset Deviceplatformtype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-deviceplatformtype.md
Supported platform types.
## Members |Member|Value|Description| |:|:|:|
-|android|0|Android.|
-|androidForWork|1|AndroidForWork.|
-|iOS|2|iOS.|
-|macOS|3|MacOS.|
-|windowsPhone81|4|WindowsPhone 8.1.|
-|windows81AndLater|5|Windows 8.1 and later|
-|windows10AndLater|6|Windows 10 and later.|
-|androidWorkProfile|7|Android Work Profile.|
-|unknown|8|Unknown.|
-|androidAOSP|9|Android AOSP.|
+|android|0|Indicates device platform type is android.|
+|androidForWork|1|Indicates device platform type is android for work.|
+|iOS|2|Indicates device platform type is iOS.|
+|macOS|3|Indicates device platform type is macOS.|
+|windowsPhone81|4|Indicates device platform type is WindowsPhone 8.1.|
+|windows81AndLater|5|Indicates device platform type is Windows 8.1 and later.|
+|windows10AndLater|6|Indicates device platform type is Windows 10 and later.|
+|androidWorkProfile|7|Indicates device platform type is Android Work Profile.|
+|unknown|8|This is the default value when device platform type resolution fails|
+|androidAOSP|9|Indicates device platform type is Android AOSP.|
+|androidMobileApplicationManagement|10|Indicates Mobile Application Management (MAM) for android devices.|
+|iOSMobileApplicationManagement|11|Indicates Mobile Application Management (MAM) for iOS devices.|
+|unknownFutureValue|12|Evolvable enumeration sentinel value. Do not use.|
v1.0 Intune Policyset Payloadcompatibleassignmentfilter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-payloadcompatibleassignmentfilter.md
Inherits from [deviceAndAppManagementAssignmentFilter](../resources/intune-polic
|Property|Type|Description| |:|:|:| |id|String|Key of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|createdDateTime|DateTimeOffset|Creation time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|displayName|String|DisplayName of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|description|String|Description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Platform type of the devices on which the Assignment Filter will be applicable. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`.|
-|rule|String|Rule definition of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|roleScopeTags|String collection|RoleScopeTags of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
-|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Associated assignments for a specific filter Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|createdDateTime|DateTimeOffset|The creation time of the assignment filter. The value cannot be modified and is automatically populated during new assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|lastModifiedDateTime|DateTimeOffset|Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|displayName|String|The name of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|description|String|Optional description of the Assignment Filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|platform|[devicePlatformType](../resources/intune-policyset-deviceplatformtype.md)|Indicates filter is applied to which flatform. Possible values are android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, androidAOSP,androidMobileApplicationManagement, iOSMobileApplicationManagement. Default filter will be applied to 'unknown'. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `android`, `androidForWork`, `iOS`, `macOS`, `windowsPhone81`, `windows81AndLater`, `windows10AndLater`, `androidWorkProfile`, `unknown`, `androidAOSP`, `androidMobileApplicationManagement`, `iOSMobileApplicationManagement`, `unknownFutureValue`.|
+|rule|String|Rule definition of the assignment filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|roleScopeTags|String collection|Indicates role scope tags assigned for the assignment filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|payloads|[payloadByFilter](../resources/intune-policyset-payloadbyfilter.md) collection|Indicates associated assignments for a specific filter. Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md)|
+|assignmentFilterManagementType|[assignmentFilterManagementType](../resources/intune-policyset-assignmentfiltermanagementtype.md)|Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default filter will be applied to 'devices' Inherited from [deviceAndAppManagementAssignmentFilter](../resources/intune-policyset-deviceandappmanagementassignmentfilter.md). Possible values are: `devices`, `apps`, `unknownFutureValue`.|
|payloadType|[assignmentFilterPayloadType](../resources/intune-policyset-assignmentfilterpayloadtype.md)|PayloadType of the Assignment Filter. Possible values are: `notSet`, `enrollmentRestrictions`.| ## Relationships
Here is a JSON representation of the resource.
"assignmentFilterType": "String" } ],
+ "assignmentFilterManagementType": "String",
"payloadType": "String" } ```
v1.0 Intune Shared Devicemanagement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-shared-devicemanagement.md
The deviceManagement resource represents a container whose contents vary accordi
- Device intent settings - Device management - Electronic SIM (ESIM)-- Fencing - Group Policy Analytics - Notifications - Onboarding policies, settings, and details
The deviceManagement resource represents a container whose contents vary accordi
|windowsAutopilotSettings|[windowsAutopilotSettings](../resources/intune-enrollment-windowsautopilotsettings.md)|The Windows autopilot account settings.| |**Embedded SIM**| |embeddedSIMActivationCodePools|[embeddedSIMActivationCodePool](../resources/intune-esim-embeddedsimactivationcodepool.md) collection|The embedded SIM activation code pools created by this account.|
-|**Fencing**|
-|managementConditions|[managementCondition](../resources/intune-fencing-managementcondition.md) collection|The management conditions associated with device management of the company.|
-|managementConditionStatements|[managementConditionStatement](../resources/intune-fencing-managementconditionstatement.md) collection|The management condition statements associated with device management of the company.|
|**Group Policy Analytics**| |groupPolicyMigrationReports|[groupPolicyMigrationReport](../resources/intune-gpanalyticsservice-grouppolicymigrationreport.md) collection|A list of Group Policy migration reports.| |**MicrosoftTunnel**|
v1.0 Keycredential https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/keycredential.md
To add a keyCredential using Microsoft Graph, see [Add a certificate to an app u
|key|Binary| Value for the key credential. Should be a Base64 encoded value. Returned only on `$select` for a single object, that is, `GET applications/{applicationId}?$select=keyCredentials` or `GET servicePrincipals/{servicePrincipalId}?$select=keyCredentials`; otherwise, it is always `null`. | |keyId|Guid|The unique identifier for the key.| |startDateTime|DateTimeOffset|The date and time at which the credential becomes valid.The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
-|type|String|The type of key credential; for example, `Symmetric`, `AsymmetricX509Cert`.|
-|usage|String|A string that describes the purpose for which the key can be used; for example, `Verify`.|
+|type|String|The type of key credential; for example, `Symmetric`, `AsymmetricX509Cert`, or `X509CertAndPassword`.|
+|usage|String|A string that describes the purpose for which the key can be used; for example, `None`ΓÇï, `Verify`ΓÇï, `PairwiseIdentifier`ΓÇï, `Delegation`ΓÇï, `Decrypt`ΓÇï, `Encrypt`ΓÇï, `HashedIdentifier`ΓÇï, `SelfSignedTls`, or `Sign`. <br/><br/>If **usage** is `Sign`ΓÇï, the **type** should be `X509CertAndPassword`ΓÇï, and the **passwordCredentials**ΓÇï for signing should be defined.|
## JSON representation
v1.0 Learningassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/learningassignment.md
doc_type: resourcePageType
Namespace: microsoft.graph
-Represents the details of a learning activity assigned to a user.
+Represents the details of a learning activity assigned to a user.
Inherits from [learningCourseActivity](../resources/learningcourseactivity.md). ## Properties+ |Property|Type|Description| |:|:|:| |@odata.type|String|Indicates whether this is a [learningAssignment](../resources/learningassignment.md) or [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) course activity. Required.|
-|assignedDateTime|DateTimeOffset|Assigned date for the course activity Optional.|
+|assignedDateTime|DateTimeOffset|Assigned date for the course activity. Optional.|
|assignerUserId|String|The user ID of the assigner. Optional.|
-|assignmentType|String|The assignment type for the course activity. Possible values are `required`, `recommended`, `UnknownFutureValue`. Required.|
-|completedDateTime|DateTimeOffset|Date time value when the assignment was completed. Optional.|
-|completionPercentage|Integer|The percentage of the course completed by the user. If the value is provided, the value needs to be in between 0 and 100 (inclusive). Optional.|
+|assignmentType|String|The assignment type for the course activity. Possible values are: `required`, `recommended`, `unknownFutureValue`. Required.|
+|completedDateTime|DateTimeOffset|Date and time when the assignment was completed. Optional.|
+|completionPercentage|Int32|The percentage of the course completed by the user. If a value is provided, it must be between `0` and `100` (inclusive). Optional.|
|dueDateTime|DateTimeOffset|Due date for the course activity. Optional.| |externalCourseActivityId|String|A course activity ID generated at provider. Optional.|
-|ID|String|The generated ID for a request and can be used to make further interactions to the course activity APIs.|
-|learningContentId|String| The ID of the learning content in Viva Learning. Required.|
+|id|String|The generated ID for a request that can be used to make further interactions to the course activity APIs.|
|learnerUserId|String|The user ID of the learner to whom the activity is assigned. Required.|
+|learningContentId|String| The ID of the learning content in Viva Learning. Required.|
|learningProviderId|String|The registration ID of the provider. Required.| |notes|String|Notes for the course activity. Optional.|
-|startedDateTime|DateTimeOffset|The date time value on which the self-initiated course was started by the learner. Optional.|
-|status|courseStatus|Represents status of the course activity. Possible values are `notStarted`, `inProgress`, `completed`. Required.|
+|startedDateTime|DateTimeOffset|The date and time when the self-initiated course was started by the learner. Optional.|
+|status|courseStatus|The status of the course activity. Possible values are: `notStarted`, `inProgress`, `completed`. Required.|
## Relationships+ None. ## JSON representation+ The following is a JSON representation of the resource. <!-- {
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.learningAssignment", "assignedDateTime": "String (timestamp)", "assignerUserId": "String",
- "assignmentType": "@odata.type: microsoft.graph.assignmentType",
+ "assignmentType": "String",
"completedDateTime": "String (timestamp)",
- "completionPercentage": "Integer",
- "dueDateTime": {
- "@odata.type": "microsoft.graph.dateTimeTimeZone"
- },
+ "completionPercentage": "Int32",
+ "dueDateTime": "String (timestamp)",
"externalCourseActivityId": "String",
+ "id": "String (identifier)",
"learnerUserId": "String", "learningContentId": "String", "learningProviderId": "String",
- "notes": {
- "@odata.type": "microsoft.graph.itemBody"
- },
- "status": "@odata.type: microsoft.graph.courseStatus"
+ "notes": "String",
+ "status": "String"
} ```-
v1.0 Learningcourseactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/learningcourseactivity.md
Title: "learningCourseActivity resource type"
-description: "Represents the learner course activities for employee learning - Assigned to Self initiated record."
+description: "Represents the activities that are part of an employee learning course."
ms.localizationpriority: medium ms.prod: "employee-learning"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents the activities that are part of an employee learning course. This is the base type for the [learningAssignment](../resources/learningassignment.md) and [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) types.
+Represents the activities that are part of an employee learning course.
+
+Base type for the [learningAssignment](../resources/learningassignment.md) and [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) types.
Inherits from [entity](../resources/entity.md). ## Methods+ |Method|Return type|Description| |:|:|:|
-|[List learningCourseActivities](../api/learningcourseactivity-list.md)|Collection of [learningCourseActivity](../resources/learningcourseactivity.md) object|Get a list of learning course activities (assigned or self-initiated) for a user.|
+|[List learningCourseActivities](../api/learningcourseactivity-list.md)|[learningCourseActivity](../resources/learningcourseactivity.md) collection|Get a list of the [learningCourseActivity](../resources/learningcourseactivity.md) objects (assigned or self-initiated) for a user.|
|[Create learningCourseActivity](../api/employeeexperienceuser-post-learningcourseactivities.md)|[learningCourseActivity](../resources/learningcourseactivity.md)|Create a new [learningCourseActivity](../resources/learningcourseactivity.md) object.|
-|[Get learningCourseActivity](../api/learningcourseactivity-get.md)|[learningCourseActivity](../resources/learningcourseactivity.md)|Read the properties and relationships of a [learningCourseActivity](../resources/learningcourseactivity.md) object.|
-|[Update learningCourseActivity](../api/learningcourseactivity-update.md)|[learningCourseActivity](../resources/learningcourseactivity.md)|Update the properties of a [learningCourseActivity](../resources/learningcourseactivity.md) object.|
-|[Delete learningCourseActivity](../api/learningcourseactivity-delete.md)|None|Delete a [learningCourseActivity](../resources/learningcourseactivity.md) object.|
+|[Get learningCourseActivity](../api/learningcourseactivity-get.md)|[learningCourseActivity](../resources/learningcourseactivity.md)|Get the specified [learningCourseActivity](../resources/learningcourseactivity.md) object using either an ID or an **externalCourseActivityId** of the learning provider, or a **courseActivityId** of a user.|
+|[Update learningCourseActivity](../api/learningcourseactivity-update.md)|[learningCourseActivity](../resources/learningcourseactivity.md)|Update the properties of a [learningCourseActivity](../resources/learningcourseactivity.md) object. |
+|[Delete learningCourseActivity](../api/learningcourseactivity-delete.md)|None|Delete a [learningCourseActivity](../resources/learningcourseactivity.md) object by using the course activity ID of either an assignment or a self-initiated activity.|
## Properties+ |Property|Type|Description| |:|:|:|
-|@odata.type|String|Indicates whether this is a [learningAssignment](../resources/learningassignment.md) or [learningSelfInitiated](../resources/learningselfinitiatedcourse.md) course activity. Required.|
-|assignedDateTime|DateTimeOffset|Date time value when the assignment was completed. Optional.|
+|assignedDateTime|DateTimeOffset|Date and time when the assignment was completed. Optional.|
|assignerUserId|String|The user ID of the assigner. Optional.|
-|assignmentType|assignmentType|Assignment type for the course activity. Possible values are `required`, `recommended`, `unknownFutureValue`. Required.|
-|completedDateTime|DateTimeOffset|Date time value when the assignment was completed. Optional.|
-|completionPercentage|Int32|Percenatge completion value of the course activity. Optional.|
+|assignmentType|assignmentType|Assignment type for the course activity. Possible values are: `required`, `recommended`, `unknownFutureValue`. Required.|
+|completedDateTime|DateTimeOffset|Date and time when the assignment was completed. Optional.|
+|completionPercentage|Int32|The percentage completion value of the course activity. Optional.|
|dueDateTime|DateTimeTimeZone|Due date for the course activity. Optional.| |externalcourseActivityId|String|A course activity ID generated by the provider. Optional.|
-|Id|String|A generated ID that can be used with other course activity APIs.|
-|learningContentId|String|The ID of the learning content created in Viva Learning. Required.|
+|id|String|A generated ID that can be used with other course activity APIs.|
|learnerUserId|String|The user ID of the learner to whom the activity is assigned. Required.|
+|learningContentId|String|The ID of the learning content created in Viva Learning. Required.|
|learningProviderId|String|The registration ID of the provider. Required.|
-|startedDateTime|DateTimeOffset|Date time value on which the self-initiated course was started by the learner. Optional.|
-|status|courseStatus|The status of the course activity. Possible values are `notStarted`, `inProgress`, `completed`. Required.|
+|startedDateTime|DateTimeOffset|Date and time when the self-initiated course was started by the learner. Optional.|
+|status|courseStatus|The status of the course activity. Possible values are: `notStarted`, `inProgress`, `completed`. Required.|
## Relationships+ None. ## JSON representation+ The following is a JSON representation of the resource. <!-- { "blockType": "resource",
The following is a JSON representation of the resource.
--> ``` json {
- "@odata.type": "#microsoft.graph.learningCourseActivity",
+ "assignedDateTime": "String (timestamp)",
"assignerUserId": "String",
- "assignmentType": "String (enum)",
+ "assignmentType": "String",
"completedDateTime": "String (timestamp)",
- "completionPercentage": "Integer",
+ "completionPercentage": "Int32",
+ "dueDateTime": "String (timestamp)",
"externalCourseActivityId": "String",
+ "id": "String (identifier)",
+ "learnerUserId": "String",
"learningContentId": "String", "learningProviderId": "String",
- "learnerUserId": "String",
- "status": "@odata.type: microsoft.graph.courseStatus"
+ "startedDateTime": "String (timestamp)",
+ "status": "String"
} ```-
v1.0 Listitemversion https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/listitemversion.md
The following tasks are available for listItemVersion resources.
| Common task | HTTP method | | : | :- |
-| [List versions][version-list] | `GET /sites/{site-id}/items/{item-id}/versions` |
-| [Get version][version-get] | `GET /sites/{site-id}/items/versions/{version-id}` |
-| [Restore version][version-restore] | `POST /sites/{site-id}/items/versions/{version-id}/restore` |
+| [List versions][version-list] | `GET /sites/{site-id}/lists/{list-id}/items/{item-id}/versions` |
+| [Get version][version-get] | `GET /sites/{site-id}/lists/{list-id}/items/versions/{version-id}` |
+| [Restore version][version-restore] | `POST /sites/{site-id}/lists/{list-id}/items/versions/{version-id}/restore` |
[version-list]: ../api/listitem-list-versions.md [version-get]: ../api/listitemversion-get.md
v1.0 Membershipoutlierinsight https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/membershipOutlierInsight.md
Inherits from [governanceInsight](governanceinsight.md).
|:|:|:| |container|[directoryObject](../resources/directoryobject.md)| Navigation link to the container directory object. For example, to a group.| |member|[directoryObject](../resources/directoryobject.md)| Navigation link to a member object. For example, to a user.|
+|lastModifiedBy|[user](../resources/user.md)| Navigation link to a member object who modified the record. For example, to a user.|
+ ## JSON representation The following is a JSON representation of the resource.
v1.0 Onattributecollectionexternalusersselfservicesignup https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onattributecollectionexternalusersselfservicesignup.md
+
+ Title: "onAttributeCollectionExternalUsersSelfServiceSignUp resource type"
+description: "Managed handler for the attribute collection step in an external identities user flow."
+
+ms.localizationpriority: medium
++
+# onAttributeCollectionExternalUsersSelfServiceSignUp resource type
+
+Namespace: microsoft.graph
++
+This is a managed handler for the attribute collection step in an external identities user flow on an Azure AD workforce or customer tenant. It defines what attributes to collect from a user and how the attribute collection will be rendered for the user.
+
+Inherits from [onAttributeCollectionHandler](../resources/onattributecollectionhandler.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|attributeCollectionPage|[authenticationAttributeCollectionPage](../resources/authenticationattributecollectionpage.md)|Required. The configuration for how attributes are displayed in the sign up experience defined by a user flow, like the [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md), specifically on the attribute collection page.|
+<!--|accessPackages|[authenticationAccessPackageConfiguration](../resources/authenticationaccesspackageconfiguration.md) collection|Optional. A list of GUIDs referencing Entitlement Management [accessPackages](../resources/accesspackage.md) to check whether there are pending access requests for the specified user. Applicable only to user flows configured in Azure AD workforce tenant.|-->
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|attributes|[identityUserFlowAttribute](../resources/identityuserflowattribute.md) collection|A list of user attributes to collect.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp",
+ "attributeCollectionPage": {
+ "@odata.type": "microsoft.graph.authenticationAttributeCollectionPage"
+ }
+}
+```
+
v1.0 Onattributecollectionhandler https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onattributecollectionhandler.md
+
+ Title: "onAttributeCollectionHandler resource type"
+description: "Represents a step in a multi-event user flow policy defining what happens when attributes are ready to be collected from the user."
+
+ms.localizationpriority: medium
++
+# onAttributeCollectionHandler resource type
+
+Namespace: microsoft.graph
++
+Used to configure what to invoke when attributes are ready to be collected from the user as defined in the **onAttributeCollectionHandler** event in an [externalUsersSelfServiceSignUpEventsFlow](externalUsersSelfServiceSignUpEventsFlow.md) user flow type.
+
+This is an abstract complex type from which the [onAttributeCollectionExternalUsersSelfServiceSignUp](../resources/onattributecollectionexternalusersselfservicesignup.md) subtype is derived.
+
+## Properties
+
+None.
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onAttributeCollectionHandler"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onAttributeCollectionHandler"
+}
+```
+
v1.0 Onattributecollectionlistener https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onattributecollectionlistener.md
+
+ Title: "onAttributeCollectionListener resource type"
+description: "Listener for the onAttributeCollection event"
+
+ms.localizationpriority: medium
++
+# onAttributeCollectionListener resource type
+
+Namespace: microsoft.graph
++
+Used for configuring the collection of attributes during user sign up as defined in the **onAttributeCollection** event in an [externalUsersSelfServiceSignUpEventsFlow](externalUsersSelfServiceSignUpEventsFlow.md) user flow type. This includes which attributes to collect and how to display them.
+
+Inherits from [authenticationEventListener](../resources/authenticationeventlistener.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List authenticationEventListeners](../api/identitycontainer-list-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md) collection|Retrieve a list of the following object types derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Create authenticationEventListener](../api/identitycontainer-post-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Create a new [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Get authenticationEventListener](../api/authenticationeventlistener-get.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Read the properties and relationships of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Update authenticationEventListener](../api/authenticationeventlistener-update.md)|None|Update the properties of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Delete authenticationEventListener](../api/authenticationeventlistener-delete.md)|None|Delete an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
++
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Required. Inherited from [entity](../resources/entity.md).|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|priority|Int32|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|authenticationEventsFlowId|String| Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|handler|[onAttributeCollectionHandler](../resources/onattributecollectionhandler.md)|Required. Configuration for what to invoke if the event resolves to this listener. This lets us define potential handler configurations per-event.|
++
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.onAttributeCollectionListener",
+ "baseType": "microsoft.graph.authenticationEventListener",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onAttributeCollectionListener",
+ "id": "String (identifier)",
+ "priority": "Integer",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "authenticationEventsFlowId": "String",
+ "handler": {
+ "@odata.type": "microsoft.graph.onAttributeCollectionHandler"
+ }
+}
+```
+
v1.0 Onauthenticationmethodloadstartexternalusersselfservicesignup https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onauthenticationmethodloadstartexternalusersselfservicesignup.md
+
+ Title: "onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp resource type"
+description: "Managed handler for loading the authentication methods during the authentication step in an external identities user flow."
+
+ms.localizationpriority: medium
++
+# onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp resource type
+
+Namespace: microsoft.graph
++
+This is a managed handler for the loading of authentication methods during the authentication step in an external identities user flow on an Azure AD workforce or customer tenant. It defines the authentication methods that a user can select.
+
+Inherits from [onAuthenticationMethodLoadStartHandler](../resources/onauthenticationmethodloadstarthandler.md).
+
+## Properties
+None
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|identityProviders|[identityProviderBase](../resources/identityproviderbase.md) collection|Required. The list of identity providers that user can sign in or sign up with. At least one identity provider must be specified.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp"
+}
+```
+
v1.0 Onauthenticationmethodloadstarthandler https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onauthenticationmethodloadstarthandler.md
+
+ Title: "onAuthenticationMethodLoadStartHandler resource type"
+description: "Represents a step in a multi-event user flow policy defining what happens when authentication methods are ready to be presented to the user."
+
+ms.localizationpriority: medium
++
+# onAuthenticationMethodLoadStartHandler resource type
+
+Namespace: microsoft.graph
++
+Used to configure what to invoke when authentication methods are ready to be presented to the user as defined in the **onAuthenticationMethodLoadStartHandler** event in an [externalUsersSelfServiceSignUpEventsFlow](externalUsersSelfServiceSignUpEventsFlow.md) user flow type.
+
+This is an abstract complex type from which the [onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp](../resources/onauthenticationmethodloadstartexternalusersselfservicesignup.md) subtype is derived.
++
+## Properties
+
+None.
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onAuthenticationMethodLoadStartHandler"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartHandler"
+}
+```
+
v1.0 Onauthenticationmethodloadstartlistener https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onauthenticationmethodloadstartlistener.md
+
+ Title: "onAuthenticationMethodLoadStartListener resource type"
+description: "Listener for the onAuthenticationMethodLoadStart event"
+
+ms.localizationpriority: medium
++
+# onAuthenticationMethodLoadStartListener resource type
+
+Namespace: microsoft.graph
++
+Used for configuring what authentication methods are enabled for the authentication flow as defined in the **onAuthenticationMethodLoadStart** event in an [externalUsersSelfServiceSignUpEventsFlow](externalUsersSelfServiceSignUpEventsFlow.md) user flow type. If this listener is not specified, the default option will be email one time passcode (OTP).
+
+Inherits from [authenticationEventListener](../resources/authenticationeventlistener.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List authenticationEventListeners](../api/identitycontainer-list-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md) collection|Retrieve a list of the following object types derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Create authenticationEventListener](../api/identitycontainer-post-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Create a new [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Get authenticationEventListener](../api/authenticationeventlistener-get.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Read the properties and relationships of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Update authenticationEventListener](../api/authenticationeventlistener-update.md)|None|Update the properties of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Delete authenticationEventListener](../api/authenticationeventlistener-delete.md)|None|Delete an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Required. Inherited from [entity](../resources/entity.md).|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|priority|Int32|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|authenticationEventsFlowId|String| Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|handler|[onAuthenticationMethodLoadStartHandler](../resources/onauthenticationmethodloadstarthandler.md)|Required. Configuration for what to invoke if the event resolves to this listener. This lets us define potential handler configurations per-event.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.onAuthenticationMethodLoadStartListener",
+ "baseType": "microsoft.graph.authenticationEventListener",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onAuthenticationMethodLoadStartListener",
+ "id": "String (identifier)",
+ "priority": "Integer",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "authenticationEventsFlowId": "String",
+ "handler": {
+ "@odata.type": "microsoft.graph.onAuthenticationMethodLoadStartHandler"
+ }
+}
+```
+
v1.0 Oninteractiveauthflowstartexternalusersselfservicesignup https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/oninteractiveauthflowstartexternalusersselfservicesignup.md
+
+ Title: "onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp resource type"
+description: "Managed handler for the starting authentication step of an external identities user flow."
+
+ms.localizationpriority: medium
++
+# onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp resource type
+
+Namespace: microsoft.graph
++
+This is a managed handler for the starting authentication step in an external identities user flow on an Azure AD workforce or customer tenant. It defines whether a user can sign up, that is create an account; otherwise, a user will is only able to sign-in.
+
+Inherits from [onInteractiveAuthFlowStartHandler](../resources/oninteractiveauthflowstarthandler.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|isSignUpAllowed|Boolean|Optional. Specifes whether the authentication flow includes an option to sign up (create account) as well as sign in. Default value is `false` meaning only sign in is enabled.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp",
+ "isSignUpAllowed": "Boolean"
+}
+```
+
v1.0 Oninteractiveauthflowstarthandler https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/oninteractiveauthflowstarthandler.md
+
+ Title: "onInteractiveAuthFlowStartHandler resource type"
+description: "Represents a step in a multi-event user flow policy defining what happens when an authentication flow is ready to be initiated by the user."
+
+ms.localizationpriority: medium
++
+# onInteractiveAuthFlowStartHandler resource type
+
+Namespace: microsoft.graph
++
+Used to configure what to invoke if the **onInteractiveAuthFlowStart** event resolves to this listener. It represents a step in a multi-event policy that defines what happens when when an authentication flow is ready to be initiated.
+
+This is an abstract complex type from which the [onInteractiveAuthFlowStartExternalUsersSelfServiceSignUp](../resources/oninteractiveauthflowstartexternalusersselfservicesignup.md) subtype is derived.
+
+## Properties
+
+None.
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onInteractiveAuthFlowStartHandler"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartHandler"
+}
+```
+
v1.0 Oninteractiveauthflowstartlistener https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/oninteractiveauthflowstartlistener.md
+
+ Title: "onInteractiveAuthFlowStartListener resource type"
+description: "Listener for the onInteractiveAuthFlowStart event."
+
+ms.localizationpriority: medium
++
+# onInteractiveAuthFlowStartListener resource type
+
+Namespace: microsoft.graph
++
+Used for configuring whether the authentication flow allows for sign up as defined in the **onInteractiveAuthFlowStart** event in an [externalUsersSelfServiceSignUpEventsFlow](externalUsersSelfServiceSignUpEventsFlow.md) user flow type. If this listener is not specified, then sign up is disabled by default.
+
+Inherits from [authenticationEventListener](../resources/authenticationeventlistener.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List authenticationEventListeners](../api/identitycontainer-list-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md) collection|Retrieve a list of the following object types derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Create authenticationEventListener](../api/identitycontainer-post-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Create a new [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Get authenticationEventListener](../api/authenticationeventlistener-get.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Read the properties and relationships of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Update authenticationEventListener](../api/authenticationeventlistener-update.md)|None|Update the properties of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Delete authenticationEventListener](../api/authenticationeventlistener-delete.md)|None|Delete an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Required. Inherited from [entity](../resources/entity.md).|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|priority|Int32|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|authenticationEventsFlowId|String| Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|handler|[onInteractiveAuthFlowStartHandler](../resources/oninteractiveauthflowstarthandler.md)|Required. Configuration for what to invoke if the event resolves to this listener. This lets us define potential handler configurations per-event.|
++
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.onInteractiveAuthFlowStartListener",
+ "baseType": "microsoft.graph.authenticationEventListener",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onInteractiveAuthFlowStartListener",
+ "id": "String (identifier)",
+ "priority": "Integer",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "authenticationEventsFlowId": "String",
+ "handler": {
+ "@odata.type": "microsoft.graph.onInteractiveAuthFlowStartHandler"
+ }
+}
+```
+
v1.0 Onlinemeeting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onlinemeeting.md
Namespace: microsoft.graph
Contains information about a meeting, including the URL used to join a meeting, the attendees list, and the description.
-This resource supports subscribing to [change notifications](/graph/webhooks). See [subscribe to online meetings](/graph/changenotifications-for-onlinemeeting) for more details.
+This resource supports subscribing to [change notifications](/graph/webhooks). For more details, see [subscribe to online meetings](/graph/changenotifications-for-onlinemeeting).
## Methods | Method | Return Type |Description |
-| | -- | - |
+| : | :-- | :- |
| [Create](../api/application-post-onlineMeetings.md) | [onlineMeeting](onlinemeeting.md) | Create an online meeting. | | [Get](../api/onlinemeeting-get.md) | [onlineMeeting](onlinemeeting.md) | Read the properties and relationships of an **onlineMeeting** object. | | [Update](../api/onlinemeeting-update.md) | [onlineMeeting](onlinemeeting.md) | Update the properties of an **onlineMeeting** object. |
v1.0 Onpremisescurrentexportdata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onpremisescurrentexportdata.md
+
+ Title: "onPremisesCurrentExportData resource type"
+description: "Data for the current export run."
+
+ms.localizationpriority: medium
++
+# onPremisesCurrentExportData resource type
+
+Namespace: microsoft.graph
++
+Data for the current export run.
+
+## Properties
+
+| Property | Type | Description |
+| : | :-- | :-- |
+| clientMachineName | String | The name of the onPremises client machine which ran the last export. |
+| pendingObjectsAddition | Int32 | The count of pending adds from on-premises directory. |
+| pendingObjectsDeletion | Int32 | The count of pending deletes from on-premises directory. |
+| pendingObjectsUpdate | Int32 | The count of pending updates from on-premises directory. |
+| serviceAccount | String | The name of the dirsync service account which is configured to connect to the directory. |
+| successfulLinksProvisioningCount | Int64 | The count of updated links during the current directory sync export run. |
+| successfulObjectsProvisioningCount | Int32 | The count of objects which were successfully provisioned during the current directory sync export run. |
+| totalConnectorSpaceObjects | Int32 | The total number of objects in the AAD Connector Space. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onPremisesCurrentExportData"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onPremisesCurrentExportData",
+ "pendingObjectsAddition": "Integer",
+ "pendingObjectsDeletion": "Integer",
+ "pendingObjectsUpdate": "Integer",
+ "successfulLinksProvisioningCount": "Integer",
+ "successfulObjectsProvisioningCount": "Integer",
+ "clientMachineName": "String",
+ "serviceAccount": "String",
+ "totalConnectorSpaceObjects": "Integer"
+}
+```
v1.0 Onpremisesdirectorysynchronizationconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onpremisesdirectorysynchronizationconfiguration.md
Consists of configurations that can be fine-tuned and impact the on-premises dir
## Properties
-| Property | Type | Description |
-| : | :-- | :- |
-| accidentalDeletionPrevention | [onPremisesAccidentalDeletionPrevention](../resources/onpremisesaccidentaldeletionprevention.md) | Contains the accidental deletion prevention configuration for a tenant. |
-| customerRequestedSynchronizationInterval | Duration | Interval of time that the customer requested the sync client waits between sync cycles. |
-| synchronizationInterval | Duration | Interval of time the sync client should honor between sync cycles |
+| Property | Type | Description |
+| : | :-- | : |
+| accidentalDeletionPrevention | [onPremisesAccidentalDeletionPrevention](../resources/onpremisesaccidentaldeletionprevention.md) | Contains the accidental deletion prevention configuration for a tenant. |
+| anchorAttribute | String | The anchor attribute allows customers to customize the property used to create source anchors for synchronization enabled objects. |
+| applicationId | String | The identifier of the on-premises directory synchronization client application that is configured for the tenant. |
+| currentExportData | [onPremisesCurrentExportData](../resources/onpremisescurrentexportdata.md) | Data for the current export run. |
+| customerRequestedSynchronizationInterval | Duration | Interval of time that the customer requested the sync client waits between sync cycles. |
+| synchronizationClientVersion | String | Indicates the version of the on-premises directory synchronization application. |
+| synchronizationInterval | Duration | Interval of time the sync client should honor between sync cycles |
+| writebackConfiguration | [onPremisesWritebackConfiguration](../resources/onpremiseswritebackconfiguration.md) | Configuration to control how cloud created or owned objects are synchronized back to the on-premises directory. |
## Relationships
The following is a JSON representation of the resource.
"accidentalDeletionPrevention": { "@odata.type": "microsoft.graph.onPremisesAccidentalDeletionPrevention" },
+ "anchorAttribute": "String",
+ "applicationId": "String",
+ "currentExportData": {
+ "@odata.type": "microsoft.graph.onPremisesCurrentExportData"
+ },
+ "customerRequestedSynchronizationInterval": "String (duration)",
+ "synchronizationClientVersion": "String",
"synchronizationInterval": "String (duration)",
- "customerRequestedSynchronizationInterval": "String (duration)"
+ "writebackConfiguration": {
+ "@odata.type": "microsoft.graph.onPremisesWritebackConfiguration"
+ }
}
-```
+```
v1.0 Onpremiseswritebackconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onpremiseswritebackconfiguration.md
+
+ Title: "onPremisesWritebackConfiguration resource type"
+description: "Configuration to control how cloud created or owned objects are synchronized back to the on-premises directory."
+
+ms.localizationpriority: medium
++
+# onPremisesWritebackConfiguration resource type
+
+Namespace: microsoft.graph
++
+Configuration to control how cloud created or owned objects are synchronized back to the on-premises directory.
+
+## Properties
+
+| Property | Type | Description |
+| :-- | :-- | :- |
+| unifiedGroupContainer | String | The distinguished name of the on-premises container that the customer is using to store unified groups which are created in the cloud. |
+| userContainer | String | The distinguished name of the on-premises container that the customer is using to store users which are created in the cloud. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onPremisesWritebackConfiguration"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onPremisesWritebackConfiguration",
+ "unifiedGroupContainer": "String",
+ "userContainer": "String"
+}
+```
v1.0 Ontokenissuancestartcustomextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/ontokenissuancestartcustomextension.md
+
+ Title: "onTokenIssuanceStartCustomExtension resource type"
+description: "Custom extension to invoke when handling the event when a token is about to be issued to your application."
+
+ms.localizationpriority: medium
++
+# onTokenIssuanceStartCustomExtension resource type
+
+Namespace: microsoft.graph
++
+Custom extension to invoke when handling the event when a token is about to be issued to your application.
+
+Inherits from [customAuthenticationExtension](../resources/customauthenticationextension.md).
++
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|The authentication configuration for this custom authentication extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|claimsForTokenConfiguration|[onTokenIssuanceStartReturnClaim](../resources/ontokenissuancestartreturnclaim.md) collection|Collection of claims to be returned by the API called by this custom authentication extension.|
+|clientConfiguration|[customExtensionClientConfiguration](../resources/customextensionclientconfiguration.md)|The connection settings for the custom authentication extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|description|String|Description for the custom authentication extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|displayName|String|Display name for the custom authentication extension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|Configuration for the API endpoint that the custom authentication extension will call. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|id|String|Identifier for onTokenIssuanceStartCustomExtension. Inherited from [entity](../resources/entity.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "baseType": "microsoft.graph.customAuthenticationExtension",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtension",
+ "id": "String (identifier)",
+ "authenticationConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration"
+ },
+ "clientConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionClientConfiguration"
+ },
+ "description": "String",
+ "displayName": "String",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ },
+ "claimsForTokenConfiguration": [
+ {
+ "@odata.type": "microsoft.graph.onTokenIssuanceStartReturnClaim"
+ }
+ ]
+}
+```
+
v1.0 Ontokenissuancestartcustomextensionhandler https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/ontokenissuancestartcustomextensionhandler.md
+
+ Title: "onTokenIssuanceStartCustomExtensionHandler resource type"
+description: "Custom extension handler for the event when a token is about to be issued to your application."
+
+ms.localizationpriority: medium
++
+# onTokenIssuanceStartCustomExtensionHandler resource type
+
+Namespace: microsoft.graph
++
+Custom extension handler for the event when a token is about to be issued to your application.
+
+Inherits from [onTokenIssuanceStartHandler](../resources/ontokenissuancestarthandler.md).
+
+## Properties
+None.
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|customExtension|[onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md)|The custom extension to invoke to handle the event when a token is about to be issued to your application.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onTokenIssuanceStartCustomExtensionHandler"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartCustomExtensionHandler"
+}
+```
+
v1.0 Ontokenissuancestarthandler https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/ontokenissuancestarthandler.md
+
+ Title: "onTokenIssuanceStartHandler resource type"
+description: "Handler for the event when a token is about to be issued to your application."
+
+ms.localizationpriority: medium
++
+# onTokenIssuanceStartHandler resource type
+
+Namespace: microsoft.graph
++
+Handler for the event when a token is about to be issued to your application.
+This is an abstract type from which the [onTokenIssuanceStartCustomExtensionHandler](../resources/ontokenissuancestartcustomextensionhandler.md) resource type is derived.
+
+## Properties
+
+None.
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onTokenIssuanceStartHandler"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartHandler"
+}
+```
+
v1.0 Ontokenissuancestartlistener https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/ontokenissuancestartlistener.md
+
+ Title: "onTokenIssuanceStartListener resource type"
+description: "A listener for when a token is about to be issued to your application."
+
+ms.localizationpriority: medium
++
+# onTokenIssuanceStartListener resource type
+
+Namespace: microsoft.graph
++
+A listener for when a token is about to be issued to your application.
+
+Inherits from [authenticationEventListener](../resources/authenticationeventlistener.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List authenticationEventListeners](../api/identitycontainer-list-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md) collection|Retrieve a list of the following object types derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Create authenticationEventListener](../api/identitycontainer-post-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Create a new [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Get authenticationEventListener](../api/authenticationeventlistener-get.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Read the properties and relationships of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Update authenticationEventListener](../api/authenticationeventlistener-update.md)|None|Update the properties of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Delete authenticationEventListener](../api/authenticationeventlistener-delete.md)|None|Delete an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationEventsFlowId|String|The identifier of the [authenticationEventsFlow](authenticationeventsflow.md). Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|The conditions on which onTokenIssuanceStartListener should trigger. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|handler|[onTokenIssuanceStartHandler](../resources/ontokenissuancestarthandler.md)|The handler to invoke when conditions are met for this onTokenIssuanceStartListener.|
+|id|String|Identifier for the onTokenIssuanceStartListener. Inherited from [entity](../resources/entity.md).|
+|priority|Int32| The priority of this handler. Priority should be set to 500 for onTokenIssuanceStartListeners. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.onTokenIssuanceStartListener",
+ "baseType": "microsoft.graph.authenticationEventListener",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartListener",
+ "id": "String (identifier)",
+ "priority": "Integer",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "tags": [
+ {
+ "@odata.type": "microsoft.graph.keyValuePair"
+ }
+ ],
+ "authenticationEventsFlowId": "String",
+ "handler": {
+ "@odata.type": "microsoft.graph.onTokenIssuanceStartHandler"
+ }
+}
+```
+
v1.0 Ontokenissuancestartreturnclaim https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/ontokenissuancestartreturnclaim.md
+
+ Title: "onTokenIssuanceStartReturnClaim resource type"
+description: "A claim returned by an API that is to be added to a token after the event when a token is about to be issued to your application."
+
+ms.localizationpriority: medium
++
+# onTokenIssuanceStartReturnClaim resource type
+
+Namespace: microsoft.graph
++
+A claim returned by an API that is to be added to a token after the event when a token is about to be issued to your application.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|claimIdInApiResponse|String|The identifier of the claim returned by an API that is to be add to a token being issued.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onTokenIssuanceStartReturnClaim"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onTokenIssuanceStartReturnClaim",
+ "claimIdInApiResponse": "String"
+}
+```
+
v1.0 Onusercreatestartexternalusersselfservicesignup https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onusercreatestartexternalusersselfservicesignup.md
+
+ Title: "onUserCreateStartExternalUsersSelfServiceSignUp resource type"
+description: "Managed handler for user creation step in an external identities self-service sign up user flow."
+
+ms.localizationpriority: medium
++
+# onUserCreateStartExternalUsersSelfServiceSignUp resource type
+
+Namespace: microsoft.graph
++
+This is a managed handler for the user creation step in an external identities self-service sign up user flow on an Azure AD workforce or customer tenant. It defines whether a guest or member user type is created.
+
+Inherits from [onUserCreateStartHandler](../resources/onusercreatestarthandler.md). Complex type.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|userTypeToCreate|userType| The type of [user](user.md) object to create. The possible values are: `member`, `guest`, `unknownFutureValue`.|
+<!--
+|accessPackages|[authenticationAccessPackageConfiguration](../resources/authenticationaccesspackageconfiguration.md) collection|Optional. Defines the access package attached to the user flow - for which a request will be submitted. Applicable only to user flows configured in Azure AD workforce tenant.**SHOULD BE HIDDEN**|
+|userTypeToCreate|userType|Defines the type of user created by this authentication flow. The possible values are: `member`, `guest`, `unknownFutureValue`.|
+-->
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onUserCreateStartExternalUsersSelfServiceSignUp",
+ "userTypeToCreate": "String"
+}
+```
+
v1.0 Onusercreatestarthandler https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onusercreatestarthandler.md
+
+ Title: "onUserCreateStartHandler resource type"
+description: "Represents a step in a multi-event user flow policy defining what happens during user creation."
+
+ms.localizationpriority: medium
++
+# onUserCreateStartHandler resource type
+
+Namespace: microsoft.graph
++
+Used to configure what to invoke during user creation as defined in the **onUserCreateStartHandler** event in an [externalUsersSelfServiceSignUpEventsFlow](externalUsersSelfServiceSignUpEventsFlow.md) user flow type.
+
+This is an abstract complex type from which the [onUserCreateStartExternalUsersSelfServiceSignUp](../resources/onusercreatestartexternalusersselfservicesignup.md) subtype is derived.
+
+## Properties
+
+None.
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.onUserCreateStartHandler"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onUserCreateStartHandler"
+}
+```
+
v1.0 Onusercreatestartlistener https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onusercreatestartlistener.md
+
+ Title: "onUserCreateStartListener resource type"
+description: "Listener for the onUserCreateStart event"
+
+ms.localizationpriority: medium
++
+# onUserCreateStartListener resource type
+
+Namespace: microsoft.graph
++
+Used for configuring actions done during user creation as defined in the **onUserCreateStart** event in an [externalUsersSelfServiceSignUpEventsFlow](externalUsersSelfServiceSignUpEventsFlow.md) user flow type.
+
+Inherits from [authenticationEventListener](../resources/authenticationeventlistener.md).
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List authenticationEventListeners](../api/identitycontainer-list-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md) collection|Retrieve a list of the following object types derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Create authenticationEventListener](../api/identitycontainer-post-authenticationeventlisteners.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Create a new [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Get authenticationEventListener](../api/authenticationeventlistener-get.md)|[authenticationEventListener](../resources/authenticationeventlistener.md)|Read the properties and relationships of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Update authenticationEventListener](../api/authenticationeventlistener-update.md)|None|Update the properties of an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+|[Delete authenticationEventListener](../api/authenticationeventlistener-delete.md)|None|Delete an [onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) object type. The type can be one of the following subtypes derived from authenticationEventListener: <br/> <li>[onTokenIssuanceStartListener](../resources/ontokenissuancestartlistener.md) <li>[onInteractiveAuthFlowStartListener](../resources/oninteractiveauthflowstartlistener.md) <li>[onAuthenticationMethodLoadStartListener](../resources/onauthenticationmethodloadstartlistener.md) <li>[onAttributeCollectionListener](../resources/onattributecollectionlistener.md)<li>[onUserCreateStartListener](../resources/onusercreatestartlistener.md)|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Required. Inherited from [entity](../resources/entity.md).|
+|conditions|[authenticationConditions](../resources/authenticationconditions.md)|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|priority|Int32|Required. Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|authenticationEventsFlowId|String| Inherited from [authenticationEventListener](../resources/authenticationeventlistener.md).|
+|handler|[onUserCreateStartHandler](../resources/onusercreatestarthandler.md)|Required. Configuration for what to invoke if the event resolves to this listener. This lets us define potential handler configurations per-event.|
++
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.onUserCreateStartListener",
+ "baseType": "microsoft.graph.authenticationEventListener",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.onUserCreateStartListener",
+ "id": "String (identifier)",
+ "priority": "Integer",
+ "conditions": {
+ "@odata.type": "microsoft.graph.authenticationConditions"
+ },
+ "authenticationEventsFlowId": "String",
+ "handler": {
+ "@odata.type": "microsoft.graph.onUserCreateStartHandler"
+ }
+}
+```
+
v1.0 Orgcontact https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/orgcontact.md
This resource supports using [delta query](/graph/delta-query-overview) to track
| onPremisesSyncEnabled | Boolean | **true** if this object is synced from an on-premises directory; **false** if this object was originally synced from an on-premises directory but is no longer synced and now mastered in Exchange; **null** if this object has never been synced from an on-premises directory (default). <br/> <br/>Supports `$filter` (`eq`, `ne`, `not`, `in`, and `eq` for `null` values). | | phones | [phone](phone.md) collection | List of phones for this organizational contact. Phone types can be mobile, business, and businessFax. Only one of each type can ever be present in the collection. Supports `$filter` (`eq`, `ne`, `not`, `in`). | | proxyAddresses | String collection | For example: "SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com". The **any** operator is required for filter expressions on multi-valued properties. Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`, `/$count eq 0`, `/$count ne 0`). |
+| serviceProvisioningErrors | [serviceProvisioningError](serviceprovisioningerror.md) collection | Errors published by a federated service describing a non-transient, service-specific error regarding the properties or link from an orgContact object . <br> Supports `$filter` (`eq`, `not`, for isResolved and serviceInstance).|
| surname | String | Last name for this organizational contact. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` for `null` values) | ## Relationships
Here is a JSON representation of the resource
"onPremisesSyncEnabled": true, "phones": [{"@odata.type": "microsoft.graph.phone"}], "proxyAddresses": ["string"],
+ "serviceProvisioningErrors": [{"@odata.type": "microsoft.graph.serviceProvisioningXmlError"}],
"surname": "string" } ```
v1.0 Outlookcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/outlookcategory.md
Title: "outlookCategory resource type"
-description: "Represents a category by which a user can group Outlook items such as messages and events. In Outlook, the user defines categories in a master list, and can apply one or more of these user-defined"
+description: "Represents a category by which a user can group Outlook items such as messages and events."
ms.localizationpriority: medium ms.prod: "outlook"
Namespace: microsoft.graph
[!INCLUDE [outlooktask-deprecate-sharedfeature](../../includes/outlooktask-deprecate-sharedfeature.md)]
-Represents a category by which a user can group Outlook items such as messages and events. In Outlook, the user defines categories in a master list, and can apply one or more of these user-defined
-categories to an item.
+Represents a category by which a user can group Outlook items such as messages and events. In Outlook, the user defines categories in a master list, and can apply one or more of these user-defined categories to an item.
Using the REST API, you can [create](../api/outlookuser-post-mastercategories.md) and define categories in the master list of categories for a user. You can also [get this master list of categories](../api/outlookuser-list-mastercategories.md), [get a specific category](../api/outlookcategory-get.md),
You can apply a category to an item by assigning the **displayName** property of
Resources that can be assigned categories include [contact](contact.md), [event](event.md), [message](message.md), [outlookTask](outlooktask.md), [post](post.md), and [todoTask](todotask.md). Each category is attributed by 2 properties: **displayName** and **color**. The **displayName** value must be unique in a user's master list.
-The **color** however does not have to be unique; multiple categories in the master list can be mapped to the same color. You can map up
-to 25 different colors to categories in a user's master list.
+The **color** however does not have to be unique; multiple categories in the master list can be mapped to the same color. You can map up to 25 different colors to categories in a user's master list.
+
+## Methods
+| Method | Return Type |Description|
+|:|:--|:-|
+|[List categories](../api/outlookuser-list-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) collection |Get all the categories that have been defined for the user.|
+|[Get category](../api/outlookcategory-get.md) | [outlookCategory](../resources/outlookcategory.md) |Get the properties and relationships of the specified **outlookCategory** object.|
+|[Create](../api/outlookuser-post-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) |Create an **outlookCategory** object in the user's master list of categories.|
+|[Update](../api/outlookcategory-update.md) | [outlookCategory](../resources/outlookcategory.md) |Update the writable property, **color**, of the specified **outlookCategory** object. |
+|[Delete](../api/outlookcategory-delete.md) | None |Delete the specified **outlookCategory** object. |
## Properties | Property | Type |Description| |:|:--|:-|
+|color|String|A pre-set color constant that characterizes a category, and that is mapped to one of 25 predefined colors. For more details, see the following note. |
|displayName|String|A unique name that identifies a category in the user's mailbox. After a category is created, the name cannot be changed. Read-only.|
-|color|String|A pre-set color constant that characterizes a category, and that is mapped to one of 25 predefined colors. See the note below. |
> **Note** The possible values for **color** are pre-set constants such as `None`, `preset0` and `preset1`. Each pre-set constant is further mapped to a color; the actual color is dependent on the Outlook client that the categories are being displayed in. The following table shows the colors mapped to each pre-set constant for Outlook (desktop client).
color is dependent on the Outlook client that the categories are being displayed
| Preset24 | DarkCranberry | ## JSON representation
-Here is a JSON representation of the resource.
+The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
Here is a JSON representation of the resource.
"color": "String", "displayName": "String" }- ```
-## Methods
-| Method | Return Type |Description|
-|:|:--|:-|
-|[List categories](../api/outlookuser-list-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) collection |Get all the categories that have been defined for the user.|
-|[Get category](../api/outlookcategory-get.md) | [outlookCategory](../resources/outlookcategory.md) |Get the properties and relationships of the specified **outlookCategory** object.|
-|[Create](../api/outlookuser-post-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) |Create an **outlookCategory** object in the user's master list of categories.|
-|[Update](../api/outlookcategory-update.md) | [outlookCategory](../resources/outlookcategory.md) |Update the writable property, **color**, of the specified **outlookCategory** object. |
-|[Delete](../api/outlookcategory-delete.md) | None |Delete the specified **outlookCategory** object. |
- <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC -->
v1.0 Participant https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/participant.md
Represents a participant in a call.
| mediaStreams | [mediaStream](mediastream.md) collection | The list of media streams. | | metadata | String | A blob of data provided by the participant in the roster. | | recordingInfo | [recordingInfo](recordinginfo.md) | Information on whether the participant has recording capability. |
+| removedState | [removedState](removedstate.md) | Indicates the reason why the **participant** was removed from the roster. |
| restrictedExperience | [onlineMeetingRestricted](onlinemeetingrestricted.md) | Indicates the reason or reasons why media content from this participant is restricted. |
+| rosterSequenceNumber | Int64 | Indicates the roster sequence number the **participant** was last updated in. |
## Relationships
The following is a JSON representation of the resource.
"mediaStreams": [ { "@odata.type": "#microsoft.graph.mediaStream" } ], "metadata": "String", "recordingInfo": { "@odata.type": "#microsoft.graph.recordingInfo" },
- "restrictedExperience": { "@odata.type": "#microsoft.graph.onlineMeetingRestricted" }
+ "removedState": { "@odata.type": "#microsoft.graph.removedState" },
+ "restrictedExperience": { "@odata.type": "#microsoft.graph.onlineMeetingRestricted" },
+ "rosterSequenceNumber": "Int64"
} ```
v1.0 Phoneauthenticationmethod https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/phoneauthenticationmethod.md
A representation of a phone registered to a user. This resource includes the pho
A phone has one of three types: mobile, alternate mobile, or office. A user can have one number registered for each type, and must have a mobile phone before an alternate mobile phone is added. When using a phone for multi-factor authentication (MFA) or self-service password reset (SSPR), the mobile phone is the default and the alternate mobile phone is the backup.
-Mobile phones can be used for both SMS and voice calls, depending on the tenant settings.
+Primary mobile phones can be used for both SMS and voice calls, depending on the tenant settings.
An office phone can only receive voice calls, not SMS messages.
Phones can be of three types, the following are the possible values.
|Value|Description| |--|--| |mobile|A primary mobile phone, usable for SMS and voice calls.|
-|alternateMobile|An alternate or backup mobile phone, usable for SMS and voice calls.|
+|alternateMobile|An alternate or backup mobile phone, usable only for voice calls.|
|office|An office phone or landline, usable only for voice calls.| ### authenticationMethodSignInState values
v1.0 Plannerplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannerplan.md
Represents a plan in Microsoft 365. A plan can be owned by a [group](group.md) a
|title|String|Required. Title of the plan.| |creationSource|[plannerPlanCreation](plannerplancreation.md)| Contains information about the origin of the plan.| |owner (deprecated) |String| Use the **container** property instead. ID of the [group](group.md) that owns the plan. After it is set, this property canΓÇÖt be updated. This property will not return a valid group ID if the container of the plan is not a group.|
+|sharedWithContainers|[plannerSharedWithContainer](plannersharedwithcontainer.md) collection|List of containers the plan is shared with.|
## Relationships | Relationship | Type |Description|
The following is a JSON representation of the resource.
"containerId": "String", "type": "String" },
+ "sharedWithContainers": [
+ {
+ "@odata.type": "microsoft.graph.plannerSharedWithContainer"
+ }
+ ],
"title": "String" } ```
v1.0 Plannerplancontainer https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannerplancontainer.md
Planner currently supports the container types listed in the following table. Wh
|group| Plan is contained by a [group](group.md).| `https://graph.microsoft.com/beta/groups/<id>` | |roster| Plan is contained by a [plannerRoster](plannerroster.md). | `https://graph.microsoft.com/beta/planner/rosters/<id>` | |project| Plan is contained by a Project from [Microsoft Project for the web](/project-for-the-web/projectforweb-admin-home). | Microsoft Project currently doesn't have a resource path on Microsoft Graph. Project details and members can be managed from [Microsoft Project](https://project.microsoft.com). |
+|driveItem| Plan is contained by a [driveItem](driveitem.md). | `https://graph.microsoft.com/beta/drives/<driveId>/items/<itemId>`|
## Properties |Property|Type|Description| |:|:|:| |containerId|String|The identifier of the resource that contains the plan. Optional.|
-|type|plannerContainerType|The type of the resource that contains the plan. For supported types, see the previous table. Possible values are: `group`, `unknownFutureValue`, `roster`, and `project`. Note that you must use the `Prefer: include-unknown-enum-members` request header to get the following value in this [evolvable enum](/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): `roster`, `project`. Optional.|
+|type|plannerContainerType|The type of the resource that contains the plan. For supported types, see the previous table. Possible values are: `group`, `unknownFutureValue`, `roster`, `project` and `driveItem`. Note that you must use the `Prefer: include-unknown-enum-members` request header to get the following value in this [evolvable enum](/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): `roster`, `project`, `driveItem`. Optional.|
|url|String|The full canonical URL of the container. Optional.| ## Relationships
v1.0 Plannersharedwithcontainer https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannersharedwithcontainer.md
+
+ Title: "plannerSharedWithContainer resource type"
+description: "Represents a container for a plannerPlan. The container is a resource that specifies authorization rules and the lifetime of the plan."
+
+ms.localizationpriority: medium
++
+# plannerSharedWithContainer resource type
+
+Namespace: microsoft.graph
++
+Represents the relationship of a Planner plan to a Planner container. Plans can be shared with containers that are not the original container the plan belongs to. When the plan is verifying a user's access to it, the plan will additionally check the authorization logic of the containers it is shared with.
+
+Inherits from [plannerPlanContainer](plannerplancontainer.md).
+
+## Properties
+
+|Property|Type|Description|
+|:-|:|:-|
+| accessLevel| plannerPlanAccessLevel | The maxmimum access level the shared container can provide to the plan. The possible values are: `readAccess`, `readWriteAccess`, `fullAccess`, `unknownFutureValue`. |
+| containerId | String | The identifier of the resource that contains the plan. Optional. Inherited from [plannerPlanContainer](plannerplancontainer.md). |
+| type | plannerContainerType | The type of the resource that contains the plan. Possible values are: `group`, `unknownFutureValue`, `roster`, `project`, and `driveItem`. Note that you must use the `Prefer: include-unknown-enum-members` request header to get the following value in this [evolvable enum](/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): `roster`, `project`, `driveItem`. Optional. Inherited from [plannerPlanContainer](plannerplancontainer.md). |
+| url | String | The full canonical URL of the container. Optional. Inherited from [plannerPlanContainer](plannerplancontainer.md). |
+
+### plannerPlanAccessLevel values
+
+|Member|Description|
+|:--|:-|
+| readAccess | The highest level of access that a user can gain through this relationship will be read access to the plan. |
+| readWriteAccess | The highest level of access that a user can gain through this relationship will be read and write access to the plan. |
+| fullAccess | The highest level of access that a user can gain through this relationship will be full access to the plan. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.plannerSharedWithContainer"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.plannerSharedWithContainer",
+ "url": "String",
+ "containerId": "String",
+ "type": "String",
+ "accessLevel": "String"
+}
+```
+
v1.0 Privilegedaccessgroup https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessgroup.md
+
+ Title: "privilegedAccessGroup resource type"
+description: "The entry point for all resources related to Privileged Identity Management (PIM) for groups."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroup resource type
+
+Namespace: microsoft.graph
+
+The entry point for all resources related to Privileged Identity Management (PIM) for groups.
+
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+None.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|The unique identifier of an object in PIM governance for a group. Inherited from [entity](../resources/entity.md).|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|assignmentScheduleInstances|[privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) collection|The instances of assignment schedules to activate a just-in-time access.|
+|assignmentScheduleRequests|[privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) collection|The schedule requests for operations to create, update, delete, extend, and renew an assignment.|
+|assignmentSchedules|[privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) collection|The assignment schedules to activate a just-in-time access.|
+|eligibilityScheduleInstances|[privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) collection|The instances of eligibility schedules to activate a just-in-time access.|
+|eligibilityScheduleRequests|[privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) collection|The schedule requests for operations to create, update, delete, extend, and renew an eligibility.|
+|eligibilitySchedules|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) collection|The eligibility schedules to activate a just-in-time access.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessGroup",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessGroup",
+ "id": "String (identifier)"
+}
+```
+
v1.0 Privilegedaccessgroupassignmentschedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessgroupassignmentschedule.md
+
+ Title: "privilegedAccessGroupAssignmentSchedule resource type"
+description: "Represents the schedule of membership or ownership assignments to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupAssignmentSchedule resource type
+
+Namespace: microsoft.graph
+
+Represents the schedule of membership or ownership assignments to groups that are governed by PIM.
+
+Inherits from [privilegedAccessSchedule](../resources/privilegedaccessschedule.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List assignmentSchedules](../api/privilegedaccessgroup-list-assignmentschedules.md)|[privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) collection|Get a list of the [privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) objects and their properties.|
+|[Get privilegedAccessGroupAssignmentSchedule](../api/privilegedaccessgroupassignmentschedule-get.md)|[privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md)|Read the properties and relationships of a [privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) object.|
+|[filterByCurrentUser](../api/privilegedaccessgroupassignmentschedule-filterbycurrentuser.md)|[privilegedAccessGroupAssignmentSchedule](../resources/privilegedaccessgroupassignmentschedule.md) collection|Return schedules of membership and ownership assignment requests for the calling principal.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of the membership or ownership assignment to the group that is governed by PIM. Required. The possible values are: `owner`, `member`, `unknownFutureValue`.|
+|assignmentType|privilegedAccessGroupAssignmentType|Indicates whether the membership or ownership assignment for the principal is granted through activation or direct assignment. Required. The possible values are: `assigned`, `activated`, `unknownFutureValue`.|
+|createdDateTime|DateTimeOffset|When the schedule was created. Optional.|
+|createdUsing|String|The identifier of the access assignment or eligibility request that created this schedule. Optional.|
+|groupId|String|The identifier of the group representing the scope of the membership or ownership assignment through PIM for groups. Required.|
+|id|String|The identifier of the schedule. Required. Inherited from [entity](../resources/entity.md).|
+|memberType|privilegedAccessGroupMemberType|Indicates whether the assignment is derived from a direct group assignment or through a transitive assignment. The possible values are: `direct`, `group`, `unknownFutureValue`.|
+|modifiedDateTime|DateTimeOffset|When the schedule was last modified. Optional.|
+|principalId|String|The identifier of the principal whose membership or ownership assignment is granted through PIM for groups. Required.|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|Represents the period of the access assignment or eligibility. The scheduleInfo can represent a single occurrence or multiple recurring instances. Required.|
+|status|String|The status of the access assignment or eligibility request. The possible values are: `Canceled`, `Denied`, `Failed`, `Granted`, `PendingAdminDecision`, `PendingApproval`, `PendingProvisioning`, `PendingScheduleCreation`, `Provisioned`, `Revoked`, and `ScheduleCreated`. Not nullable. Optional.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|activatedUsing|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md)|When the request activates an ownership or membership assignment in PIM for groups, this object represents the eligibility relationship. Otherwise, it is `null`. Supports `$expand`.|
+|group|[group](../resources/group.md)|References the group that is the scope of the membership or ownership assignment through PIM for groups. Supports `$expand`.|
+|principal|[directoryObject](../resources/directoryobject.md)|References the principal that's in the scope of this membership or ownership assignment request to the group that's governed by PIM. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentSchedule",
+ "baseType": "microsoft.graph.privilegedAccessSchedule",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentSchedule",
+ "id": "String (identifier)",
+ "scheduleInfo": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "createdDateTime": "String (timestamp)",
+ "modifiedDateTime": "String (timestamp)",
+ "createdUsing": "String",
+ "status": "String",
+ "principalId": "String",
+ "accessId": "String",
+ "groupId": "String",
+ "memberType": "String",
+ "assignmentType": "String"
+}
+```
+
v1.0 Privilegedaccessgroupassignmentscheduleinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessgroupassignmentscheduleinstance.md
+
+ Title: "privilegedAccessGroupAssignmentScheduleInstance resource type"
+description: "Represents an instance of a provisioned membership or ownership assignment in PIM for groups."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupAssignmentScheduleInstance resource type
+
+Namespace: microsoft.graph
+
+Represents an instance of a provisioned membership or ownership assignment in PIM for groups.
+
+Inherits from [privilegedAccessScheduleInstance](../resources/privilegedaccessscheduleinstance.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List assignmentScheduleInstances](../api/privilegedaccessgroup-list-assignmentscheduleinstances.md)|[privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) collection|Get a list of the [privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) objects and their properties.|
+|[Get privilegedAccessGroupAssignmentScheduleInstance](../api/privilegedaccessgroupassignmentscheduleinstance-get.md)|[privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md)|Read the properties and relationships of a [privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) object.|
+|[filterByCurrentUser](../api/privilegedaccessgroupassignmentscheduleinstance-filterbycurrentuser.md)|[privilegedAccessGroupAssignmentScheduleInstance](../resources/privilegedaccessgroupassignmentscheduleinstance.md) collection|Return instances of membership and ownership assignment schedules for the calling principal.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of the membership or ownership assignment relationship to the group. Required. The possible values are: `owner`, `member`, `unknownFutureValue`.|
+|assignmentScheduleId|String|The identifier of the [privilegedAccessGroupAssignmentSchedule](privilegedaccessgroupassignmentschedule.md) from which this instance was created. Required.|
+|assignmentType|privilegedAccessGroupAssignmentType|Indicates whether the membership or ownership assignment is granted through activation of an eligibility or through direct assignment. Required. The possible values are: `assigned`, `activated`, `unknownFutureValue`.|
+|endDateTime|DateTimeOffset|When the schedule instance ends. Required.|
+|groupId|String|The identifier of the group representing the scope of the membership or ownership assignment through PIM for groups. Optional.|
+|id|String|The identifier of the access assignment schedule instance. Required. Inherited from [entity](../resources/entity.md).|
+|memberType|privilegedAccessGroupMemberType| Indicates whether the assignment is derived from a group assignment. It can further imply whether the caller can manage the assignment schedule. Required. The possible values are: `direct`, `group`, `unknownFutureValue`.|
+|principalId|String|The identifier of the principal whose membership or ownership assignment to the group is managed through PIM for groups. Required.|
+|startDateTime|DateTimeOffset|When this instance starts. Required.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|activatedUsing|[privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md)|When the request activates a membership or ownership in PIM for groups, this object represents the eligibility request for the group. Otherwise, it is `null`.|
+|group|[group](../resources/group.md)|References the group that is the scope of the membership or ownership assignment through PIM for groups. Supports `$expand`.|
+|principal|[directoryObject](../resources/directoryobject.md)|References the principal that's in the scope of the membership or ownership assignment request through the group that's governed by PIM. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentScheduleInstance",
+ "baseType": "microsoft.graph.privilegedAccessScheduleInstance",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentScheduleInstance",
+ "id": "String (identifier)",
+ "startDateTime": "String (timestamp)",
+ "endDateTime": "String (timestamp)",
+ "principalId": "String",
+ "accessId": "String",
+ "groupId": "String",
+ "memberType": "String",
+ "assignmentType": "String",
+ "assignmentScheduleId": "String"
+}
+```
+
v1.0 Privilegedaccessgroupassignmentschedulerequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessgroupassignmentschedulerequest.md
+
+ Title: "privilegedAccessGroupAssignmentScheduleRequest resource type"
+description: "Represents requests for operations to create, update, delete, extend, and renew a membership or ownership assignment in PIM for groups."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupAssignmentScheduleRequest resource type
+
+Namespace: microsoft.graph
+
+Represents requests for operations to create, update, delete, extend, and renew a membership or ownership assignment in PIM for groups. The privilegedAccessGroupAssignmentScheduleRequest object is also created when an authorized principal requests a just-in-time activation of an eligible access assignment to a group's membership or ownership.
+
+Inherits from [privilegedAccessScheduleRequest](../resources/privilegedaccessschedulerequest.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List assignmentScheduleRequests](../api/privilegedaccessgroup-list-assignmentschedulerequests.md)|[privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) collection|Get a list of the [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) objects and their properties.|
+|[Create assignmentScheduleRequest](../api/privilegedaccessgroup-post-assignmentschedulerequests.md)|[privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md)|Create a new [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) object.|
+|[Get privilegedAccessGroupAssignmentScheduleRequest](../api/privilegedaccessgroupassignmentschedulerequest-get.md)|[privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md)|Read the properties and relationships of a [privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) object.|
+|[filterByCurrentUser](../api/privilegedaccessgroupassignmentschedulerequest-filterbycurrentuser.md)|[privilegedAccessGroupAssignmentScheduleRequest](../resources/privilegedaccessgroupassignmentschedulerequest.md) collection|Return assignment schedule requests for the calling principal.|
+|[cancel](../api/privilegedaccessgroupassignmentschedulerequest-cancel.md)|None|Cancel a pending request for a membership or ownership assignment to a group.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of a membership or ownership assignment relationship to the group. Required. The possible values are: `owner`, `member`, `unknownFutureValue`.|
+|action|String|Represents the type of operation on the group membership or ownership assignment request. The possible values are: `adminAssign`, `adminUpdate`, `adminRemove`, `selfActivate`, `selfDeactivate`, `adminExtend`, `adminRenew`. <br/><ul><li>`adminAssign`: For administrators to assign group membership or ownership to principals.</li><li>`adminRemove`: For administrators to remove principals from group membership or ownership.</li><li> `adminUpdate`: For administrators to change existing group membership or ownership assignments.</li><li>`adminExtend`: For administrators to extend expiring assignments.</li><li>`adminRenew`: For administrators to renew expired assignments.</li><li>`selfActivate`: For principals to activate their assignments.</li><li>`selfDeactivate`: For principals to deactivate their active assignments.</li></ul>|
+|approvalId|String|The identifier of the approval of the request. Inherited from [request](../resources/request.md).|
+|completedDateTime|DateTimeOffset|The request completion date time. Inherited from [request](../resources/request.md).|
+|createdBy|[identitySet](../resources/identityset.md)|The principal that created this request. Inherited from [request](../resources/request.md). Read-only. Supports `$filter` (`eq`, `ne`, and on `null` values).|
+|createdDateTime|DateTimeOffset|The request creation date time. Inherited from [request](../resources/request.md). Read-only.|
+|customData|String|Free text field to define any custom data for the request. Not used. Inherited from [request](../resources/request.md).|
+|groupId|String|The identifier of the group representing the scope of the membership or ownership assignment through PIM for groups. Required.|
+|id|String|The unique identifier for the **privilegedAccessGroupAssignmentScheduleRequest** object. Key, not nullable, Read-only. Inherited from [entity](../resources/entity.md). Supports `$filter` (`eq`, `ne`).|
+|isValidationOnly|Boolean|Determines whether the call is a validation or an actual call. Only set this property if you want to check whether an activation is subject to additional rules like MFA before actually submitting the request.|
+|justification|String|A message provided by users and administrators when they create the **privilegedAccessGroupAssignmentScheduleRequest** object.|
+|principalId|String|The identifier of the principal whose membership or ownership assignment to the group is managed through PIM for groups. Supports `$filter` (`eq`, `ne`).|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|The period of the group membership or ownership assignment. Recurring schedules are currently unsupported.|
+|status|String|The status of the group membership or ownership assignment request. Inherited from [request](../resources/request.md). Read-only. Supports `$filter` (`eq`, `ne`).|
+|targetScheduleId|String| The identifier of the schedule that's created from the membership or ownership assignment request. Supports `$filter` (`eq`, `ne`).|
+|ticketInfo|[ticketInfo](../resources/ticketinfo.md)|Ticket details linked to the group membership or ownership assignment request including details of the ticket number and ticket system.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|activatedUsing|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md)|When the request activates a membership or ownership assignment in PIM for groups, this object represents the eligibility policy for the group. Otherwise, it is `null`. Supports `$expand`.|
+|group|[group](../resources/group.md)|References the group that is the scope of the membership or ownership assignment request through PIM for groups. Supports `$expand`.|
+|principal|[directoryObject](../resources/directoryobject.md)|References the principal that's in the scope of this membership or ownership assignment request through the group that's governed by PIM. Supports `$expand`.|
+|targetSchedule|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md)|Schedule created by this request. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest",
+ "baseType": "microsoft.graph.privilegedAccessScheduleRequest",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupAssignmentScheduleRequest",
+ "id": "String (identifier)",
+ "status": "String",
+ "completedDateTime": "String (timestamp)",
+ "createdDateTime": "String (timestamp)",
+ "approvalId": "String",
+ "customData": "String",
+ "createdBy": {
+ "@odata.type": "microsoft.graph.identitySet"
+ },
+ "action": "String",
+ "isValidationOnly": "Boolean",
+ "justification": "String",
+ "scheduleInfo": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "ticketInfo": {
+ "@odata.type": "microsoft.graph.ticketInfo"
+ },
+ "principalId": "String",
+ "accessId": "String",
+ "groupId": "String",
+ "targetScheduleId": "String"
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityschedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessgroupeligibilityschedule.md
+
+ Title: "privilegedAccessGroupEligibilitySchedule resource type"
+description: "Represents the schedule of eligible ownership and membership to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupEligibilitySchedule resource type
+
+Namespace: microsoft.graph
+
+Represents the schedule of eligible ownership and membership to groups that are governed by PIM.
+
+Inherits from [privilegedAccessSchedule](../resources/privilegedaccessschedule.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List eligibilitySchedules](../api/privilegedaccessgroup-list-eligibilityschedules.md)|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) collection|Get a list of the [privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) objects and their properties.|
+|[Get privilegedAccessGroupEligibilitySchedule](../api/privilegedaccessgroupeligibilityschedule-get.md)|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md)|Read the properties and relationships of a [privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) object.|
+|[filterByCurrentUser](../api/privilegedaccessgroupeligibilityschedule-filterbycurrentuser.md)|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md) collection|Return schedules of membership and ownership eligibility requests for the calling principal.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of the membership or ownership eligibility to the group that is governed by PIM. Required. The possible values are: `owner`, `member`.|
+|createdDateTime|DateTimeOffset|When the schedule was created. Optional. Inherited from [privilegedAccessSchedule](../resources/privilegedaccessschedule.md).|
+|createdUsing|String|The identifier of the access assignment or eligibility request that creates this schedule. Optional. Inherited from [privilegedAccessSchedule](../resources/privilegedaccessschedule.md).|
+|groupId|String|The identifier of the group representing the scope of the membership or ownership eligibility through PIM for groups. Required.|
+|id|String|The identifier of the schedule. Required. Inherited from [entity](../resources/entity.md).|
+|memberType|privilegedAccessGroupMemberType|Indicates whether the assignment is derived from a group assignment. It can further imply whether the caller can manage the schedule. Required. The possible values are: `direct`, `group`, `unknownFutureValue`.|
+|modifiedDateTime|DateTimeOffset|When the schedule was last modified. Optional. Inherited from [privilegedAccessSchedule](../resources/privilegedaccessschedule.md).|
+|principalId|String|The identifier of the principal whose membership or ownership eligibility is granted through PIM for groups. Required.|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|Represents the period of the access assignment or eligibility. The scheduleInfo can represent a single occurrence or multiple recurring instances. Required. Inherited from [privilegedAccessSchedule](../resources/privilegedaccessschedule.md).|
+|status|String|The status of the access assignment or eligibility request. The possible values are: `Canceled`, `Denied`, `Failed`, `Granted`, `PendingAdminDecision`, `PendingApproval`, `PendingProvisioning`, `PendingScheduleCreation`, `Provisioned`, `Revoked`, and `ScheduleCreated`. Not nullable. Optional. Inherited from [privilegedAccessSchedule](../resources/privilegedaccessschedule.md).|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|group|[group](../resources/group.md)|References the group that is the scope of the membership or ownership eligibility through PIM for groups. Supports `$expand`.|
+|principal|[directoryObject](../resources/directoryobject.md)|References the principal that's in the scope of this membership or ownership eligibility request to the group that's governed by PIM. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilitySchedule",
+ "baseType": "microsoft.graph.privilegedAccessSchedule",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilitySchedule",
+ "id": "String (identifier)",
+ "scheduleInfo": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "createdDateTime": "String (timestamp)",
+ "modifiedDateTime": "String (timestamp)",
+ "createdUsing": "String",
+ "status": "String",
+ "principalId": "String",
+ "accessId": "String",
+ "groupId": "String",
+ "memberType": "String"
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityscheduleinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessgroupeligibilityscheduleinstance.md
+
+ Title: "privilegedAccessGroupEligibilityScheduleInstance resource type"
+description: "Represents an instance of a provisioned membership or ownership assignment in PIM for groups."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupEligibilityScheduleInstance resource type
+
+Namespace: microsoft.graph
+
+Represents an instance of a provisioned membership or ownership assignment in PIM for groups.
+
+Inherits from [privilegedAccessScheduleInstance](../resources/privilegedaccessscheduleinstance.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List eligibilityScheduleInstances](../api/privilegedaccessgroup-list-eligibilityscheduleinstances.md)|[privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) collection|Get a list of the [privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) objects and their properties.|
+|[Get privilegedAccessGroupEligibilityScheduleInstance](../api/privilegedaccessgroupeligibilityscheduleinstance-get.md)|[privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md)|Read the properties and relationships of a [privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) object.|
+|[filterByCurrentUser](../api/privilegedaccessgroupeligibilityscheduleinstance-filterbycurrentuser.md)|[privilegedAccessGroupEligibilityScheduleInstance](../resources/privilegedaccessgroupeligibilityscheduleinstance.md) collection|Return instances of membership and ownership eligibility schedules for the calling principal.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of the membership or ownership eligibility relationship to the group. Required. The possible values are: `owner`, `member`.|
+|eligibilityScheduleId|String|The identifier of the [privilegedAccessGroupEligibilitySchedule](privilegedaccessgroupeligibilityschedule.md) from which this instance was created. Required.|
+|endDateTime|DateTimeOffset|When the schedule instance ends. Required.|
+|groupId|String|The identifier of the group representing the scope of the membership or ownership eligibility through PIM for groups. Required.|
+|id|String|The identifier of the access assignment schedule instance. Required. Inherited from [entity](../resources/entity.md).|
+|memberType|privilegedAccessGroupMemberType|Indicates whether the assignment is derived from a group assignment. It can further imply whether the calling principal can manage the assignment schedule. Required. The possible values are: `direct`, `group`, `unknownFutureValue`.|
+|principalId|String|The identifier of the principal whose membership or ownership eligibility to the group is managed through PIM for groups. Required.|
+|startDateTime|DateTimeOffset|When this instance starts. Required.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|group|[group](../resources/group.md)|References the group that is the scope of the membership or ownership eligibility through PIM for groups. Supports `$expand`.|
+|principal|[directoryObject](../resources/directoryobject.md)|References the principal that's in the scope of the membership or ownership eligibility request through the group that's governed by PIM. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilityScheduleInstance",
+ "baseType": "microsoft.graph.privilegedAccessScheduleInstance",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilityScheduleInstance",
+ "id": "String (identifier)",
+ "startDateTime": "String (timestamp)",
+ "endDateTime": "String (timestamp)",
+ "principalId": "String",
+ "accessId": "String",
+ "groupId": "String",
+ "memberType": "String",
+ "eligibilityScheduleId": "String"
+}
+```
+
v1.0 Privilegedaccessgroupeligibilityschedulerequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessgroupeligibilityschedulerequest.md
+
+ Title: "privilegedAccessGroupEligibilityScheduleRequest resource type"
+description: "Represents requests for operations to create, update, delete, extend, and renew group membership and ownership eligibility in PIM for groups."
+
+ms.localizationpriority: medium
++
+# privilegedAccessGroupEligibilityScheduleRequest resource type
+
+Namespace: microsoft.graph
+
+Represents requests for operations to create, update, delete, extend, and renew group membership and ownership eligibility in PIM for groups.
+
+Inherits from [privilegedAccessScheduleRequest](../resources/privilegedaccessschedulerequest.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List eligibilityScheduleRequests](../api/privilegedaccessgroup-list-eligibilityschedulerequests.md)|[privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) collection|Get a list of the [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) objects and their properties.|
+|[Create eligibilityScheduleRequest](../api/privilegedaccessgroup-post-eligibilityschedulerequests.md)|[privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md)|Create a new [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) object.|
+|[Get privilegedAccessGroupEligibilityScheduleRequest](../api/privilegedaccessgroupeligibilityschedulerequest-get.md)|[privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md)|Read the properties and relationships of a [privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) object.|
+|[filterByCurrentUser](../api/privilegedaccessgroupeligibilityschedulerequest-filterbycurrentuser.md)|[privilegedAccessGroupEligibilityScheduleRequest](../resources/privilegedaccessgroupeligibilityschedulerequest.md) collection|Return eligibility schedule requests for the calling principal.|
+|[cancel](../api/privilegedaccessgroupeligibilityschedulerequest-cancel.md)|None|Cancel membership or ownership eligibility schedule requests for the calling principal.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|accessId|privilegedAccessGroupRelationships|The identifier of membership or ownership eligibility relationship to the group. Required. The possible values are: `owner`, `member`, `unknownFutureValue`.|
+|action|String|Represents the type of operation on the group membership or ownership eligibility assignment request. The possible values are: `adminAssign`, `adminUpdate`, `adminRemove`, `selfActivate`, `selfDeactivate`, `adminExtend`, `adminRenew`. <br/><ul><li>`adminAssign`: For administrators to assign group membership or ownership eligibility to principals.</li><li>`adminRemove`: For administrators to remove principals from group membership or ownership eligibilities.</li><li> `adminUpdate`: For administrators to change existing eligible assignments.</li><li>`adminExtend`: For administrators to extend expiring eligible assignments.</li><li>`adminRenew`: For administrators to renew expired eligible assignments.</li><li>`selfActivate`: For principals to activate their eligible assignments.</li><li>`selfDeactivate`: For principals to deactivate their eligible assignments.</li></ul>|
+|approvalId|String|The identifier of the approval of the request. Inherited from [request](../resources/request.md).|
+|completedDateTime|DateTimeOffset|The request completion date time. Inherited from [request](../resources/request.md).|
+|createdBy|[identitySet](../resources/identityset.md)|The principal that created this request. Inherited from [request](../resources/request.md). Read-only. Supports `$filter` (`eq`, `ne`, and on `null` values).|
+|createdDateTime|DateTimeOffset|The request creation date time. Inherited from [request](../resources/request.md). Read-only.|
+|customData|String|Free text field to define any custom data for the request. Not used. Inherited from [request](../resources/request.md).|
+|groupId|String|The identifier of the group representing the scope of the membership and ownership eligibility through PIM for groups. Required.|
+|id|String|The unique identifier for the **privilegedAccessGroupEligibilityScheduleRequest** object. Key, not nullable, read-only. Inherited from [entity](../resources/entity.md). Supports `$filter` (`eq`, `ne`).|
+|isValidationOnly|Boolean|Determines whether the call is a validation or an actual call. Only set this property if you want to check whether an activation is subject to additional rules like MFA before actually submitting the request.|
+|justification|String|A message provided by users and administrators when they create the **privilegedAccessGroupEligibilityScheduleRequest** object.|
+|principalId|String|The identifier of the principal whose membership or ownership eligibility to the group is managed through PIM for groups. Required.|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|The period of the group membership or ownership assignment. Recurring schedules are currently unsupported.|
+|status|String|The status of the group membership or ownership assignment request. Inherited from [request](../resources/request.md). Read-only. Supports `$filter` (`eq`, `ne`).|
+|targetScheduleId|String|The identifier of the schedule that's created from the eligibility request. Optional.|
+|ticketInfo|[ticketInfo](../resources/ticketinfo.md)|Ticket details linked to the group membership or ownership assignment request including details of the ticket number and ticket system.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|group|[group](../resources/group.md)|References the group that is the scope of the membership or ownership eligibility request through PIM for groups. Supports `$expand`.|
+|principal|[directoryObject](../resources/directoryobject.md)|References the principal that's in the scope of the membership or ownership eligibility request through the group that's governed by PIM. Supports `$expand`.|
+|targetSchedule|[privilegedAccessGroupEligibilitySchedule](../resources/privilegedaccessgroupeligibilityschedule.md)|Schedule created by this request.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest",
+ "baseType": "microsoft.graph.privilegedAccessScheduleRequest",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessGroupEligibilityScheduleRequest",
+ "id": "String (identifier)",
+ "status": "String",
+ "completedDateTime": "String (timestamp)",
+ "createdDateTime": "String (timestamp)",
+ "approvalId": "String",
+ "customData": "String",
+ "createdBy": {
+ "@odata.type": "microsoft.graph.identitySet"
+ },
+ "action": "String",
+ "isValidationOnly": "Boolean",
+ "justification": "String",
+ "scheduleInfo": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "ticketInfo": {
+ "@odata.type": "microsoft.graph.ticketInfo"
+ },
+ "principalId": "String",
+ "accessId": "String",
+ "groupId": "String",
+ "targetScheduleId": "String"
+}
+```
+
v1.0 Privilegedaccessroot https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessroot.md
+
+ Title: "privilegedAccessRoot resource type"
+description: "Represents the entry point for resources related to Privileged Identity Management (PIM)."
+
+ms.localizationpriority: medium
++
+# privilegedAccessRoot resource type
+
+Namespace: microsoft.graph
+
+Represents the entry point for resources related to Privileged Identity Management (PIM).
+
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+None.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Identifier for an object. Inherited from [entity](../resources/entity.md).|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|group|[privilegedAccessGroup](../resources/privilegedaccessgroup.md)|A group that's governed through Privileged Identity Management (PIM).|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessRoot",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessRoot",
+ "id": "String (identifier)"
+}
+```
+
v1.0 Privilegedaccessschedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessschedule.md
+
+ Title: "privilegedAccessSchedule resource type"
+description: "An abstract type that exposes properties relating to the schedule of assigned and eligible ownership and membership to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessSchedule resource type
+
+Namespace: microsoft.graph
+
+An abstract type that exposes properties relating to the schedule of assigned and eligible membership and ownership to groups that are governed by PIM. This abstract type is inherited by the following derived types:
++ [privilegedAccessGroupAssignmentSchedule](privilegedaccessgroupassignmentschedule.md)++ [privilegedAccessGroupEligibilitySchedule](privilegedaccessgroupeligibilityschedule.md)++
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+None.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|createdDateTime|DateTimeOffset|When the schedule was created. Optional.|
+|createdUsing|String|The identifier of the access assignment or eligibility request that created this schedule. Optional.|
+|id|String|The identifier of the schedule. Required. Inherited from [entity](../resources/entity.md).|
+|modifiedDateTime|DateTimeOffset|When the schedule was last modified. Optional.|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|Represents the period of the access assignment or eligibility. The scheduleInfo can represent a single occurrence or multiple recurring instances. Required.|
+|status|String|The status of the access assignment or eligibility request. The possible values are: `Canceled`, `Denied`, `Failed`, `Granted`, `PendingAdminDecision`, `PendingApproval`, `PendingProvisioning`, `PendingScheduleCreation`, `Provisioned`, `Revoked`, and `ScheduleCreated`. Not nullable. Optional.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessSchedule",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessSchedule",
+ "id": "String (identifier)",
+ "scheduleInfo": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "createdDateTime": "String (timestamp)",
+ "modifiedDateTime": "String (timestamp)",
+ "createdUsing": "String",
+ "status": "String"
+}
+```
+
v1.0 Privilegedaccessscheduleinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessscheduleinstance.md
+
+ Title: "privilegedAccessScheduleInstance resource type"
+description: "An abstract type that exposes properties relating to the instances of membership and ownership assignments and eligibilities to groups that are governed by PIM."
+
+ms.localizationpriority: medium
++
+# privilegedAccessScheduleInstance resource type
+
+Namespace: microsoft.graph
+
+An abstract type that exposes properties relating to the instances of membership and ownership assignments and eligibilities to groups that are governed by PIM. This abstract type is inherited by the following derived types:
++ [privilegedAccessGroupAssignmentScheduleInstance](privilegedaccessgroupassignmentscheduleinstance.md)++ [privilegedAccessGroupEligibilityScheduleInstance](privilegedaccessgroupeligibilityscheduleinstance.md)+
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+None.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|endDateTime|DateTimeOffset|When the schedule instance ends. Required.|
+|id|String|The identifier of the access assignment schedule instance. Required. Inherited from [entity](../resources/entity.md).|
+|startDateTime|DateTimeOffset|When this instance starts. Required.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessScheduleInstance",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessScheduleInstance",
+ "id": "String (identifier)",
+ "startDateTime": "String (timestamp)",
+ "endDateTime": "String (timestamp)"
+}
+```
+
v1.0 Privilegedaccessschedulerequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedaccessschedulerequest.md
+
+ Title: "privilegedAccessScheduleRequest resource type"
+description: "An abstract type that exposes properties used to configure access eligibility and assignment in privileged identity management (PIM) governance operations for groups."
+
+ms.localizationpriority: medium
++
+# privilegedAccessScheduleRequest resource type
+
+Namespace: microsoft.graph
+
+An abstract type that exposes properties used to configure access eligibility and assignment in privileged identity management (PIM) governance operations for groups.
+
+This is an abstract type from which the [privilegedAccessGroupAssignmentScheduleRequest](privilegedaccessgroupassignmentschedulerequest.md) and [privilegedAccessGroupEligibilityScheduleRequest](privilegedaccessgroupeligibilityschedulerequest.md) resource types inherit.
+
+Inherits from [request](../resources/request.md).
+
+## Methods
+None.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|action|String|Represents the type of operation on the group membership or ownership assignment request. The possible values are: `adminAssign`, `adminUpdate`, `adminRemove`, `selfActivate`, `selfDeactivate`, `adminExtend`, `adminRenew`. <br/><ul><li>`adminAssign`: For administrators to assign group membership or ownership to principals.</li><li>`adminRemove`: For administrators to remove principals from group membership or ownership.</li><li> `adminUpdate`: For administrators to change existing group membership or ownership assignments.</li><li>`adminExtend`: For administrators to extend expiring assignments.</li><li>`adminRenew`: For administrators to renew expired assignments.</li><li>`selfActivate`: For principals to activate their assignments.</li><li>`selfDeactivate`: For principals to deactivate their active assignments.</li></ul>|
+|approvalId|String|The identifier of the approval of the request. Inherited from [request](../resources/request.md).|
+|completedDateTime|DateTimeOffset|The request completion date time. Inherited from [request](../resources/request.md).|
+|createdBy|[identitySet](../resources/identityset.md)|The principal that created this request. Inherited from [request](../resources/request.md). Read-only. Supports `$filter` (`eq`, `ne`, and on `null` values).|
+|createdDateTime|DateTimeOffset|The request creation date time. Inherited from [request](../resources/request.md). Read-only.|
+|customData|String|Free text field to define any custom data for the request. Not used. Inherited from [request](../resources/request.md).|
+|id|String|The unique identifier for the **privilegedAccessGroupAssignmentScheduleRequest** object. Key, not nullable, Read-only. Inherited from [entity](../resources/entity.md). Supports `$filter` (`eq`, `ne`).|
+|isValidationOnly|Boolean|Determines whether the call is a validation or an actual call. Only set this property if you want to check whether an activation is subject to additional rules like MFA before actually submitting the request.|
+|justification|String|A message provided by users and administrators when create they create the **privilegedAccessGroupAssignmentScheduleRequest** object.|
+|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|The period of the group membership or ownership assignment. Recurring schedules are currently unsupported.|
+|status|String|The status of the group membership or ownership assignment request. Inherited from [request](../resources/request.md). Read-only. Supports `$filter` (`eq`, `ne`).|
+|ticketInfo|[ticketInfo](../resources/ticketinfo.md)|Ticket details linked to the group membership or ownership assignment request including details of the ticket number and ticket system.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.privilegedAccessScheduleRequest",
+ "baseType": "microsoft.graph.request",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.privilegedAccessScheduleRequest",
+ "id": "String (identifier)",
+ "status": "String",
+ "completedDateTime": "String (timestamp)",
+ "createdDateTime": "String (timestamp)",
+ "approvalId": "String",
+ "customData": "String",
+ "createdBy": {
+ "@odata.type": "microsoft.graph.identitySet"
+ },
+ "action": "String",
+ "isValidationOnly": "Boolean",
+ "justification": "String",
+ "scheduleInfo": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "ticketInfo": {
+ "@odata.type": "microsoft.graph.ticketInfo"
+ }
+}
+```
+
v1.0 Privilegedapproval https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedapproval.md
- Title: "privilegedApproval resource type"
-description: "Represents an approval that is requested in Privileged Identity Management for getting into a role."
-doc_type: resourcePageType
---
-# privilegedApproval resource type (deprecated)
-
-Namespace: microsoft.graph
---
-Represents an approval that is requested in Privileged Identity Management (PIM) for getting into a role.
--
-## Methods
-
-| Method | Return Type |Description|
-|:|:--|:-|
-|[Get privilegedApproval](../api/privilegedapproval-get.md) | [privilegedApproval](privilegedapproval.md) |Read properties and relationships of privilegedApproval object.|
-|[List privilegedApproval objects](../api/privilegedapproval-list.md) | [privilegedApproval](privilegedapproval.md) collection|Get the collection of privilegedApproval.|
-|[Create privilegedApproval](../api/privilegedapproval-post-privilegedapproval.md) | [privilegedApproval](privilegedapproval.md) |Create privilegedApproval object. |
-|[Update privilegedApproval](../api/privilegedapproval-update.md) | [privilegedApproval](privilegedapproval.md) |Update privilegedApproval object. |
-|[Myrequests](../api/privilegedapproval-myrequests.md)|[privilegedApproval](privilegedapproval.md)|Get the requestor's approval requests.|
-
-## Properties
-| Property | Type |Description|
-|:|:--|:-|
-|approvalDuration|Duration||
-|approvalState|approvalState| Possible values are: `pending`, `approved`, `denied`, `aborted`, `canceled`.|
-|approvalType|String||
-|approverReason|String||
-|endDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`|
-|id|String| Read-only.|
-|requestorReason|String||
-|roleId|String||
-|startDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`|
-|userId|String||
-
-## Relationships
-| Relationship | Type |Description|
-|:|:--|:-|
-|roleInfo|[privilegedRole](privilegedrole.md)| Read-only. Nullable.|
-|request|[privilegedRoleAssignmentRequest](privilegedroleassignmentrequest.md)| Read-only. The role assignment request for this approval object|
-
-## JSON representation
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "keyProperty": "id",
- "baseType":"microsoft.graph.entity",
- "@odata.type": "microsoft.graph.privilegedApproval"
-}-->
-
-```json
-{
- "approvalDuration": "string (timestamp)",
- "approvalState": "string",
- "approvalType": "string",
- "approverReason": "String",
- "endDateTime": "String (timestamp)",
- "id": "String (identifier)",
- "requestorReason": "String",
- "roleId": "String",
- "startDateTime": "String (timestamp)",
- "userId": "String"
-}
-
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedApproval resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Privilegedidentitymanagement Directory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedidentitymanagement-directory.md
- Title: "Privileged Identity Management - Azure AD"
-description: "APIs for Azure AD Privileged Identity Management to manage Azure Active Directory roles."
-
-doc_type: conceptualPageType
--
-# Privileged Identity Management - Azure AD (deprecated)
-
-Namespace: microsoft.graph
---
-The following methods are provided by PIM for Azure AD roles. The service is built on top of OData. To filter the results from a query, use the standard OData `$filter` expressions in the URIs.
-
-## Methods
-
-| Method | Return Type | Description |
-|:|:--|:-|
-|[List privilegedOperationEvent](../api/privilegedoperationevent-list.md) | [privilegedOperationEvent](privilegedoperationevent.md) collection |Get privilegedOperationEvent object collection. |
-|[Get privilegedRole](../api/privilegedrole-get.md) |[privilegedRole](privilegedrole.md)| Get a privilegedRole object.|
-|[List privilegedRole](../api/privilegedrole-list.md) | [privilegedRole](privilegedrole.md) collection |Get privilegedRole object collection. |
-|[List role assignments](../api/privilegedrole-list-assignments.md) | [privilegedRoleAssignment](privilegedroleassignment.md) collection |Get privilegedRoleAssignment collection for the particular role. Each privilegedRoleAssignment represents a role assignment to a user.|
-|[selfActivate](../api/privilegedrole-selfactivate.md) | [privilegedRoleAssignment](privilegedroleassignment.md) |Activate the role that is assigned to the requestor.|
-|[selfDeactivate](../api/privilegedrole-selfdeactivate.md) | [privilegedRoleAssignment](privilegedroleassignment.md) |Deactivate the role that is assigned to the requestor.|
-|[Create privilegedRoleAssignment](../api/privilegedroleassignment-post-privilegedroleassignments.md) |[privilegedRoleAssignment](privilegedroleassignment.md)| Create a new privilegedRoleAssignment (role assignment) by posting to the privilegedRoleAssignments collection.|
-|[List privilegedRoleAssignment](../api/privilegedroleassignment-list.md) | [privilegedRoleAssignment](privilegedroleassignment.md) collection |Get privilegedRoleAssignment object collection. The collection contains all role assignments for the organization. Each privilegedRoleAssignment represents a role assignment to a user. |
-|[Get privilegedRoleAssignment](../api/privilegedroleassignment-get.md) | [privilegedRoleAssignment](privilegedroleassignment.md)|Get privilegedRoleAssignment object with the specified assignment id. |
-|[Delete privilegedRoleAssignment](../api/privilegedroleassignment-delete.md) | None. |Delete privilegedRoleAssignment object. |
-|[makePermanent](../api/privilegedroleassignment-makepermanent.md) | [privilegedRoleAssignment](privilegedroleassignment.md) |Make the role assignment as permanent. |
-|[makeEligible](../api/privilegedroleassignment-makeeligible.md) | [privilegedRoleAssignment](privilegedroleassignment.md) |Make the role assignment as eligible. |
-|[my](../api/privilegedroleassignment-my.md) | [privilegedRoleAssignment](privilegedroleassignment.md) collection|Get the requestor's role assignments. |
-|[Get privilegedRoleSettings](../api/privilegedrolesettings-get.md) | [privilegedRoleSettings](../resources/privilegedrolesettings.md)|Retrieve the properties of privilegedRoleSettings object. |
-|[Get privilegedRoleSummary](../api/privilegedrolesummary-get.md) | [privilegedRoleSummary](../resources/privilegedrolesummary.md)|Retrieve the privilegedRoleSummary object. |
-|[Get privilegedApproval](../api/privilegedapproval-get.md) |[privilegedApproval](privilegedapproval.md)| Get a privilegedApproval object.|
-|[List privilegedApproval](../api/privilegedapproval-list.md) | [privilegedApproval](privilegedapproval.md) collection |Get privilegedApproval object collection. |
-|[Create privilegedApproval](../api/privilegedapproval-post-privilegedapproval.md) | [privilegedApproval](privilegedapproval.md) |Create privilegedApproval object. |
-|[Update privilegedApproval](../api/privilegedapproval-update.md) | [privilegedApproval](privilegedapproval.md) |Update privilegedApproval object. |
-|[myrequests](../api/privilegedapproval-myrequests.md) | [privilegedApproval](privilegedapproval.md) collection|Get the requestor's approval requests. |
--
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Service root",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>
v1.0 Privilegedidentitymanagement For Groups Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedidentitymanagement-for-groups-api-overview.md
+
+ Title: "Govern membership and ownership of groups using privileged identity management (PIM) for groups"
+description: "Privileged Identity Management (PIM) is a feature of Azure AD Identity Governance that enables you to manage, control, and monitor access to important resources, such as groups, in your organization."
+
+ms.localizationpriority: medium
Last updated : 03/22/2023++
+# Govern membership and ownership of groups using PIM for groups
+
+With Privileged Identity Management for groups (PIM for groups), you can govern how principals are assigned membership or ownership of [groups](groups-overview.md). Security and Microsoft 365 groups are critical resources that you can use to provide access to various other resources in the Microsoft cloud like Azure AD roles, Azure roles, Azure SQL, Azure Key Vault, Intune, and third-party applications. PIM for groups gives you more control over how and when principals are members or owners of groups, and therefore have privileges granted through their group memberhip or ownership.
+
+The PIM for groups APIs in Microsoft Graph provide you with more governance over security and Microsoft 365 groups such as the following capabilities:
+
+- Providing principals just-in-time membership or ownership of groups
+- Assigning principals temporary membership or ownership of groups
+
+This article introduces the governance capabilities of the APIs for PIM for groups in Microsoft Graph.
+
+## PIM for groups APIs for managing active assignments of group owners and members
+
+The PIM for groups APIs in Microsoft Graph allow you to assign principals permanent or temporary and time-bound membership or ownership to groups.
+
+The following table lists scenarios for using PIM for groups APIs to manage active assignments for principals and the corresponding APIs to call.
+
+| **Scenarios** | **API** |
+| | |
+| An administrator: <li>Assigns a principal active membership or ownership to a group <li> Renews, updates, extends, or removes a principal from their active membership or ownership to a group <br/><br/> A principal: <li> Performs just-in-time and time-bound activation of their _eligible_ membership or ownership assignment for a group <li> Deactivates their eligible membership and ownership assignment it when they no longer need access <li> Deactivates, extends, or renews their own membership and ownership assignment| [Create assignmentScheduleRequest](../api/privilegedaccessgroup-post-assignmentschedulerequests.md) |
+| An administrator lists all requests for active membership and ownership assignments for a group |[List assignmentScheduleRequests](../api/privilegedaccessgroup-list-assignmentschedulerequests.md) |
+| An administrator lists all active assignments, as well as requests for assignments to be created in the future, for membership and ownership for a group | [List assignmentSchedules](../api/privilegedaccessgroup-list-assignmentschedules.md) |
+| An administrator lists all active membership and ownership assignments for a group | [List assignmentScheduleInstances](../api/privilegedaccessgroup-list-assignmentscheduleinstances.md) |
+| An administrator queries a member and ownership assignment for a group and its details | [Get privilegedAccessGroupAssignmentScheduleRequest](../api/privilegedaccessgroupassignmentschedulerequest-get.md) |
+| A principal queries their membership or ownership assignment requests and the details | [privilegedAccessGroupAssignmentScheduleRequest: filterByCurrentUser](../api/privilegedaccessgroupassignmentschedulerequest-filterbycurrentuser.md) |
+| A principal cancels a membership or ownership assignment request they created | [privilegedAccessGroupAssignmentScheduleRequest: cancel](../api/privilegedaccessgroupassignmentschedulerequest-cancel.md) |
+
+## PIM for groups APIs for managing eligible assignments of group owners and members
+
+Your principals may not require permanent membership or ownership of groups because they may not require the privileges granted through the membership or ownership all the time. In this case, PIM for groups allows you to make the principals eligible for the membership or ownership of the groups.
+
+When a principal has an eligible assignment, they activate their assignment when they need the privileges granted through the groups to perform privileged tasks. An eligible assignment can be permanent or temporary. The activation is always time-bound for up to a maximum of eight hours.
+
+The following table lists scenarios for using PIM for groups APIs to manage eligible assignments for principals and the corresponding APIs to call.
+
+| **Scenarios** | **API** |
+|||
+| An administrator: <li> Creates an eligible membership or ownership assignment for the group <li> Renews, updates, extends, or removes an eligible membership/ownership assignment for the group <li> Deactivates, extends, or renews their own membership/ownership eligibility| [Create eligibilityScheduleRequest](../api/privilegedaccessgroup-post-eligibilityschedulerequests.md) |
+| An administrator queries all eligible membership or ownership requests and their details | [List eligibilityScheduleRequests](../api/privilegedaccessgroup-list-eligibilityschedulerequests.md) |
+| An administrator queries an eligible membership or ownership request and its details | [Get eligibilityScheduleRequest](../api/privilegedaccessgroupeligibilityschedulerequest-get.md) |
+| An administrator cancels an eligible membership or ownership request they created | [privilegedAccessGroupEligibilityScheduleRequest:cancel](../api/privilegedaccessgroupeligibilityschedulerequest-cancel.md) |
+| A principal queries their eligible membership or ownership request their details | [privilegedAccessGroupEligibilityScheduleRequest: filterByCurrentUser](../api/privilegedaccessgroupeligibilityschedulerequest-filterbycurrentuser.md) |
+
+## PIM for groups and the group object
+
+Membership and ownership of any security and Microsoft 365 group (except dynamic groups and groups synchronized from on-premises) can be governed through PIM for groups. The group doesn't have to be role-assignable to be enabled in PIM for groups.
+
+When a principal is assigned *active* permanent or temporary membership or ownership of a group, or when they make a just-in-time activation:
+
+- The principal's details are returned when you query the **members** and **owners** relationships through the [List group members](../api/group-list-members.md) or [List group owners](../api/group-list-owners.md) APIs.
+- You can remove the principal from the group using the [Remove group owner](../api/group-delete-owners.md) or [Remove group member](../api/group-delete-members.md) APIs.
+- If changes to the group are tracked using the [Get delta](../api/group-delta.md) and [Get delta for directory objects](../api/directoryobject-delta.md) functions, an `@odata.nextLink` contains the new member or owner.
+- The changes to group **members** and **owners** made through PIM for groups are logged in Azure AD audit logs and can be read through the [List directory audits](../api/directoryaudit-list.md) API.
+
+When a principal is assigned *eligible* permanent or temporary membership or ownership of a group, the members and owners relationships of the group aren't updated.
+
+When a principal's *temporary active* membership or ownership of a group expires:
+
+- The principal's details are automatically removed from the **members** and **owners** relationships.
+- If changes to the group are tracked using the [Get delta](../api/group-delta.md) and [Get delta for directory objects](../api/directoryobject-delta.md) functions, an `@odata.nextLink` indicates the removed group member or owner.
+
+## PIM for groups and identity security with Zero Trust
+
+PIM APIs support organizations to adopt a Zero Trust approach to secure the identities in their organization. For more information about Zero Trust, see [Securing identity with Zero Trust](/security/zero-trust/deploy/identity#secure-privileged-access-with-privileged-identity-management).
+
+## Permissions and privileges
+
+The following Microsoft Graph permissions are required to call the PIM for groups APIs.
+
+| Endpoints | Supported operations | Permissions |
+||||
+| assignmentSchedule <br/> assignmentScheduleInstance | LIST, GET | PrivilegedAssignmentSchedule.Read.AzureADGroup <br/> PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup |
+| assignmentScheduleRequest | CREATE, LIST, GET, UPDATE, DELELE | PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup |
+| eligibilitySchedule <br/> eligibilityScheduleInstance | LIST, GET | PrivilegedEligibilitySchedule.Read.AzureADGroup <br/> PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup |
+| eligibilityScheduleRequest | CREATE, LIST, GET, UPDATE, DELELE | PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup |
++
+In addition, for delegated scenarios, the calling principal needs one of the following roles.
+
+| Group | Role | Supported operations |
+||||
+| Role-assignable | Privileged Role Administrator <br/> Group owner* <br/> Group member* | CREATE, UPDATE, DELELE |
+| Role-assignable | Global Reader <br/> Privileged Role Administrator <br/> Group owner* <br/> Group member* | LIST, GET |
+| Non-role-assignable | Directory Writer <br/> Groups Administrator <br/> Identity Governance Administrator <br/> User Administrator <br/> Group owner* <br/> Group member* | CREATE, UPDATE, DELELE |
+| Non-role-assignable | Global Reader <br/> Directory Writer <br/> Groups Administrator <br/> Identity Governance Administrator <br/> User Administrator <br/> Group owner* <br/> Group member* | LIST, GET |
+
+`*` Permissions for group members and group owners are limited to the read or write operations they need to perform. For example, a group member can [cancel their assignmentScheduleRequest](../api/privilegedaccessgroupassignmentschedulerequest-cancel.md) but not any other principal's request.
++
+## See also
+
+- [What is Azure AD Identity Governance?](/azure/active-directory/governance/identity-governance-overview)
+- [What is Azure AD Privileged Identity Management?](/azure/active-directory/privileged-identity-management/pim-configure)
+- [Privileged Identity Management (PIM) for groups (preview)](/azure/active-directory/privileged-identity-management/concept-pim-for-groups)
+
+ <!-- {
+ "type": "#page.annotation",
+ "description": "Govern membership and ownership of groups using privileged identity management (PIM) for groups",
+ "section": "documentation",
+ "suppressions": [
+ "Error: /resources/privilegedidentitymanagement-for-groups-api-overview.md:
+ Failed to parse enumeration values for type microsoft.graph.and. Table requires a column header named one of the following: Member, Name, Value"
+ ]
+}-->
v1.0 Privilegedidentitymanagement Root https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedidentitymanagement-root.md
ms.prod: "governance"
-# Privileged Identity Management (deprecated)
+# Privileged Identity Management iteration 2 APIs
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
->[!CAUTION]
->The Privileged Identity Management (PIM) API for **Azure AD roles** is deprecated and stopped returning data on May 31, 2021. Use the [PIM v3 for managing Azure AD roles](/graph/api/resources/privilegedidentitymanagementv3-overview) and see the [migration guidance below](#migrate-from-pim-v2-to-pim-v3-apis).
->
->The Privileged Identity Management (PIM) API for **Azure resources** will be deprecated soon. Use the new [Azure REST PIM API for Azure resources](/rest/api/authorization/role-eligibility-schedule-requests). To migrate, see the migration guidance below.
+> [!CAUTION]
+> The Privileged Identity Management (PIM) API for **Azure resources** and **Azure AD Roles** iteration 2 will be deprecated soon. Use the new [Azure REST PIM API for Azure resources](/rest/api/authorization/role-eligibility-schedule-requests) and [PIM API for Azure AD Roles iteration 3](privilegedidentitymanagementv3-overview.md). To migrate, see the [migration guidance](/graph/api/resources/privilegedidentitymanagement-root).
[Privileged Identity Management (PIM)](/azure/active-directory/privileged-identity-management/pim-configure) is a service that enables you to manage, control, and monitor access to important resources in your organization. This scope includes access to resources in Azure AD, Azure resources, and other Microsoft services like Microsoft 365 or Microsoft Intune.
-There have been several iterations of the PIM API over the past few years. This iteration is the second iteration (here referred to as PIM v2) and it's succeeded by PIM v3. For more information about the history of the PIM API, see [PIM API history](/azure/active-directory/privileged-identity-management/pim-apis#pim-api-history).
+There have been several iterations of the PIM API over the past few years. This iteration is the second iteration (here referred to as iteration 2) and it's succeeded by PIM iteration 3. For more information about the history of the PIM API, see [PIM API history](/azure/active-directory/privileged-identity-management/pim-apis#pim-api-history).
-Microsoft Graph provides the following PIM v2 APIs to manage Azure AD roles and Azure resource roles. We recommend that you migrate from PIM v2 to PIM v3.
+Microsoft Graph provides the following PIM iteration 2 APIs to manage Azure AD roles and Azure resource roles. We recommend that you migrate from PIM iteration 2 API to PIM iteration 3 API.
-- [APIs for Azure AD roles](privilegedidentitymanagement-directory.md) (deprecated)
+- APIs for Azure AD roles
- [APIs for Azure resources](privilegedidentitymanagement-resources.md)
-## Migrate from PIM v2 to PIM v3 APIs
-
+## Migrate from PIM iteration 2 APIs to PIM iteration 3 APIs
[!INCLUDE [pimv2AzureResources-migration](../../includes/pimv2AzureResources-migration.md)]
v1.0 Privilegedoperationevent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedoperationevent.md
- Title: "privilegedOperationEvent resource type"
-description: "Represents an audit event that is generated by Privileged Identity Management for the role operations, such as an administrator manages privileged roles, a user activates his role, and a user deactivates his role."
-doc_type: resourcePageType
---
-# privilegedOperationEvent resource type (deprecated)
-
-Namespace: microsoft.graph
---
-Represents an audit event that is generated by Privileged Identity Management for the role operations, such as an administrator manages privileged roles, a user activates his role, and a user deactivates his role.
--
-## Methods
-
-| Method | Return Type |Description|
-|:|:--|:-|
-|[List privilegedOperationEvent](../api/privilegedoperationevent-list.md) | [privilegedOperationEvent](privilegedoperationevent.md) collection. |Get collection of privilegedOperationEvent objects.|
-
-## Properties
-| Property | Type |Description|
-|:|:--|:-|
-|additionalInformation|string|Detailed human readable information for the event.|
-|creationDateTime|DateTimeOffset|Indicates the time when the event is created.|
-|expirationDateTime|DateTimeOffset|This is only used when the **requestType** is `Activate`, and it indicates the expiration time for the role activation.|
-|id|string|The unique identifier for privilegedOperationEvent. Read-only.|
-|referenceKey|string|Incident/Request ticket number during role activation. The value is presented only if the ticket number is provided during role activation.|
-|referenceSystem|string|Incident/Request ticketing system provided during tole activation. The value is presented only if the ticket system is provided during role activation.|
-|requestType|String|The request operation type. The requestType value can be: `Assign` (role assignment), `Activate` (role activation), `Unassign` (remove role assignment), `Deactivate` (role deactivation), `ScanAlertsNow` (scan security alerts), `DismissAlert` (dismiss security alert), `FixAlertItem` (fix a security alert issue), `AccessReview_Review` (review an Access Review), `AccessReview_Create` (create an Access Review) , `AccessReview_Update` (update an Access Review), `AccessReview_Delete` (delete an Access Review).|
-|requestorId|string|The user id of the requestor who initiates the operation.|
-|requestorName|string|The user name of the requestor who initiates the operation.|
-|roleId|string|The id of the role that is associated with the operation.|
-|roleName|string|The name of the role.|
-|tenantId|string|The tenant (organization) id.|
-|userId|string|The id of the user that is associated with the operation.|
-|userMail|string|The user's email.|
-|userName|string|The user's display name.|
-
-## Relationships
-None
--
-## JSON representation
-
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "@odata.type": "microsoft.graph.privilegedOperationEvent"
-}-->
-
-```json
-{
- "additionalInformation": "string",
- "creationDateTime": "String (timestamp)",
- "expirationDateTime": "String (timestamp)",
- "id": "string (identifier)",
- "requestType": "string",
- "requestorId": "string",
- "requestorName": "string",
- "roleId": "string",
- "roleName": "string",
- "tenantId": "string",
- "userId": "string",
- "userMail": "string",
- "userName": "string",
- "referenceKey": "string",
- "referenceSystem": "string"
-}
-
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedOperationEvent resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Privilegedrole https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedrole.md
- Title: "privilegedRole resource type"
-description: "Represents an Azure AD administrator role, such as: Global Administrator, Billing Administrator, Service Administrator, User Administrator, and Password Administrator."
-doc_type: resourcePageType
---
-# privilegedRole resource type (deprecated)
-
-Namespace: microsoft.graph
---
-Represents an [Azure AD built-in administrator role](/azure/active-directory/roles/permissions-reference), for example, **Global Administrator, Billing Administrator, Service Administrator, User Administrator**, and **Password Administrator**.
--
-## Methods
-
-| Method | Return Type |Description|
-|:|:--|:-|
-|[List privilegedRole objects](../api/privilegedrole-list.md) | [privilegedRole](privilegedrole.md) collection|Get the collection of privilegedRole.|
-|[Get privilegedRole](../api/privilegedrole-get.md) | [privilegedRole](privilegedrole.md) |Read properties and relationships of privilegedRole object.|
-|[List assignments](../api/privilegedrole-list-assignments.md) |[privilegedRoleAssignment](privilegedroleassignment.md) collection| Get a assignment object collection for this role.|
-|[selfActivate](../api/privilegedrole-selfactivate.md)|[privilegedRoleAssignment](privilegedroleassignment.md)|Activate the assigned role.|
-|[selfDeactivate](../api/privilegedrole-selfdeactivate.md)|[privilegedRoleAssignment](privilegedroleassignment.md)|Deactivate the assigned role.|
-
-## Properties
-| Property | Type |Description|
-|:|:--|:-|
-|id|string|The unique identifier for administrator role. It is a GUID string and has the same value as the role template id from Azure AD for the given role. Read-only.|
-|name|string|Role name.|
-
-## Relationships
-| Relationship | Type |Description|
-|:|:--|:-|
-|assignments|[privilegedRoleAssignment](privilegedroleassignment.md) collection| The assignments for this role. Read-only. Nullable.|
-|settings|[privilegedRoleSettings](privilegedrolesettings.md)| The settings for this role. Read-only. Nullable.|
-|summary|[privilegedRoleSummary](privilegedrolesummary.md)| The summary information for this role. Read-only. Nullable.|
-
-## JSON representation
-
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "keyProperty": "id",
- "baseType":"microsoft.graph.entity",
- "@odata.type": "microsoft.graph.privilegedRole"
-}-->
-
-```json
-{
- "id": "string (identifier)",
- "name": "string"
-}
-
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRole resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Privilegedroleassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedroleassignment.md
- Title: "privilegedRoleAssignment resource type"
-description: "Represents a privileged role assignment for a particular user. "
-doc_type: resourcePageType
---
-# privilegedRoleAssignment resource type (deprecated)
-
-Namespace: microsoft.graph
---
-Represents a privileged role assignment for a particular user.
--
-## Methods
-
-| Method | Return Type |Description|
-|:|:--|:-|
-|[List privilegedRoleAssignment collection](../api/privilegedroleassignment-list.md) | [privilegedRoleAssignment](privilegedroleassignment.md) collection|Get the collection of privilegedRoleAssignment objects.|
-|[Get privilegedRoleAssignment](../api/privilegedroleassignment-get.md) | [privilegedRoleAssignment](privilegedroleassignment.md) |Read properties and relationships of privilegedRoleAssignment object.|
-|[Create assignment](../api/privilegedroleassignment-post-privilegedroleassignments.md) |[privilegedRoleAssignment](privilegedroleassignment.md)| Create a new assignment by posting to the assignments collection.|
-|[Delete](../api/privilegedroleassignment-delete.md) | None |Delete privilegedRoleAssignment object. |
-|[makePermanent](../api/privilegedroleassignment-makepermanent.md)|[privilegedRoleAssignment](privilegedroleassignment.md)|Make the role assignment as permanent.|
-|[makeEligible](../api/privilegedroleassignment-makeeligible.md)|[privilegedRoleAssignment](privilegedroleassignment.md)|Make the role assignment as eligible.|
-|[my](../api/privilegedroleassignment-my.md)|[privilegedRoleAssignment](privilegedroleassignment.md) collection|Get the current user's privileged role assignments.|
-
-## Properties
-| Property | Type |Description|
-|:|:--|:-|
-|expirationDateTime|dateTimeOffset|The UTC DateTime when the temporary privileged role assignment will be expired. For permanent role assignment, the value is null.|
-|id|string| The unique identifier for the privileged role assignment. Read-only. It is in the format of 'userId_roleId', where userId is the GUID string for Azure AD user id, and roleId is the GUID string for Azure administrator role id.|
-|isElevated|boolean|**true** if the role assignment is activated. **false** if the role assignment is deactivated.|
-|resultMessage|string|Result message set by the service.|
-|roleId|string|Role identifier. In GUID string format.|
-|userId|string|User identifier. In GUID string format.|
-
-## Relationships
-| Relationship | Type |Description|
-|:|:--|:-|
-|roleInfo|[privilegedRole](privilegedrole.md)| Read-only. Nullable. The associated role information.|
-
-## JSON representation
-
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "keyProperty": "id",
- "baseType":"microsoft.graph.entity",
- "@odata.type": "microsoft.graph.privilegedRoleAssignment"
-}-->
-
-```json
-{
- "expirationDateTime": "String (timestamp)",
- "id": "string (identifier)",
- "isElevated": true,
- "resultMessage": "string",
- "roleId": "string",
- "userId": "string"
-}
-
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleAssignment resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Privilegedroleassignmentrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedroleassignmentrequest.md
- Title: "privilegedRoleAssignmentRequest resource type"
-description: "Represents the request for role assignment operations in Privilegd Identity Management."
-doc_type: resourcePageType
---
-# privilegedRoleAssignmentRequest resource type (deprecated)
-
-Namespace: microsoft.graph
---
-Represents the request for role assignment operations in Privileged Identity Management (PIM).
-
-`privilegedRoleAssignmentRequest` is a ticket-modeled entity used to manage the lifecycle of role assignments. It represents the intention/decision of the users and administrators, and also provides the flexibility to enable implementation of recurrent schduling, approval gates, and so on, as compared to directly exposing `POST` and `LIST` operations as well as `MY` and `Cancel` functions on `governanceRoleAssignment`.
-
-## Methods
-
-| Method | Return Type | Description |
-|:-|:|:|
-|[List](../api/privilegedroleassignmentrequest-list.md) | [privilegedroleassignmentrequest](../resources/privilegedroleassignmentrequest.md) collection|List role assignment requests.|
-|[Create](../api/privilegedroleassignmentrequest-post.md)| [privilegedroleassignmentrequest](../resources/privilegedroleassignmentrequest.md)|Create a request to manage the lifecycle of existing or new role assignment.|
-|[Cancel](../api/privilegedroleassignmentrequest-cancel.md)| |Cancel a pending role assignment request.|
-|[My](../api/privilegedroleassignmentrequest-my.md)| |Get role assignment request for current requstor.|
-
-## Properties
-
-| Property | Type | Description |
-|:-|:|:|
-|id|String| Read-only. The id of the role assignment request.|
-|assignmentState|String| The state of the assignment. The value can be `Eligible` for eligible assignment `Active` - if it is directly assigned `Active` by administrators, or activated on an eligible assignment by the users.|
-|duration|String| The duration of a role assignment.|
-|reason|String| The reason for the role assignment.|
-|requestedDateTime|DateTimeOffset| Read-only. The request create time. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
-|roleId|String| The id of the role.|
-|schedule|[governanceSchedule](governanceschedule.md)| The schedule object of the role assignment request.|
-|status|String| Read-only.The status of the role assignment request. The value can be `NotStarted`,`Completed`,`RequestedApproval`,`Scheduled`,`Approved`,`ApprovalDenied`,`ApprovalAborted`,`Cancelling`,`Cancelled`,`Revoked`,`RequestExpired`.|
-|ticketNumber|String| The ticketNumber for the role assignment. |
-|ticketSystem|String| The ticketSystem for the role assignment.|
-|type|String| Representing the type of the operation on the role assignment. The value can be `AdminAdd`: Administrators add users to roles;`UserAdd`: Users add role assignments.|
-|userId|String| The id of the user.|
-
-## Relationships
-| Relationship | Type | Description |
-|:-|:|:|
-|roleInfo|[privilegedRole](privilegedrole.md)| The roleInfo object of the role assignment request.|
-
-## JSON representation
-
-The following is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "keyProperty": "id",
- "@odata.type": "microsoft.graph.privilegedRoleAssignmentRequest"
-}-->
-
-```json
-{
- "assignmentState": "String",
- "duration": "String",
- "id": "String (identifier)",
- "reason": "String",
- "requestedDateTime": "String (timestamp)",
- "roleId": "String",
- "schedule": {"@odata.type": "microsoft.graph.governanceSchedule"},
- "status": "String",
- "ticketNumber": "String",
- "ticketSystem": "String",
- "type": "String",
- "userId": "String"
-}
-
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleAssignmentRequest resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Privilegedrolesettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedrolesettings.md
- Title: "privilegedRoleSettings resource type"
-description: "Represents the settings for a privileged role."
-doc_type: resourcePageType
---
-# privilegedRoleSettings resource type
-
-Namespace: microsoft.graph
--
-Represents the settings for a privileged role.
--
-## Methods
-
-| Method | Return Type |Description|
-|:|:--|:-|
-|[Get privilegedRoleSettings](../api/privilegedrolesettings-get.md) | [privilegedRoleSettings](privilegedrolesettings.md) |Read properties and relationships of privilegedRoleSettings object.|
-|[Update privilegedRoleSettings](../api/privilegedrolesettings-update.md) | [privilegedRoleSettings](privilegedrolesettings.md) |Update privilegedRoleSettings object.|
-## Properties
-| Property | Type |Description|
-|:|:--|:-|
-|elevationDuration|duration|The duration when the role is activated.|
-|id|string| The unique identifier for the role settings. Read-only.|
-|isMfaOnElevationConfigurable|boolean|`true` if **mfaOnElevation** is configurable. `false` if **mfaOnElevation** is not configurable.|
-|lastGlobalAdmin|boolean|Internal used only.|
-|maxElavationDuration|duration|Maximal duration for the activated role.|
-|mfaOnElevation|boolean|`true` if MFA is required to activate the role. `false` if MFA is not required to activate the role.|
-|minElevationDuration|duration|Minimal duration for the activated role.|
-|notificationToUserOnElevation|boolean|`true` if send notification to the end user when the role is activated. `false` if do not send notification when the role is activated.|
-|ticketingInfoOnElevation|boolean|`true` if the ticketing information is required when activate the role. `false` if the ticketing information is not required when activate the role.|
-|approvalOnElevation|boolean|`true` if the approval is required when activate the role. `false` if the approval is not required when activate the role.|
-|approverIds| string collection |List of Approval ids, if approval is required for activation.|
-
-## Relationships
-None
--
-## JSON representation
-
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "@odata.type": "microsoft.graph.privilegedRoleSettings"
-}-->
-
-```json
-{
- "elevationDuration": "String (timestamp)",
- "id": "string (identifier)",
- "isMfaOnElevationConfigurable": true,
- "lastGlobalAdmin": true,
- "maxElavationDuration": "String (timestamp)",
- "mfaOnElevation": true,
- "minElevationDuration": "String (timestamp)",
- "notificationToUserOnElevation": true,
- "ticketingInfoOnElevation": true,
- "approvalOnElevation": false,
- "approverIds": ["string"]
-}
-
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleSettings resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Privilegedrolesummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedrolesummary.md
- Title: "privilegedRoleSummary resource type"
-description: "The statistics summary for a particular role."
-doc_type: resourcePageType
---
-# privilegedRoleSummary resource type
-
-Namespace: microsoft.graph
--
-The statistics summary for a particular role.
--
-## Methods
-
-| Method | Return Type |Description|
-|:|:--|:-|
-|[Get privilegedRoleSummary](../api/privilegedrolesummary-get.md) | [privilegedRoleSummary](privilegedrolesummary.md) |Read properties and relationships of privilegedRoleSummary object.|
-
-## Properties
-| Property | Type |Description|
-|:|:--|:-|
-|elevatedCount|int32|The number of users that have the role assigned and the role is activated.|
-|id|string| The unique identifier for the role. Read-only.|
-|managedCount|int32|The number of users that have the role assigned but the role is deactivated.|
-|mfaEnabled|boolean|`true` if the role activation requires MFA. `false` if the role activation doesn't require MFA.|
-|status|roleSummaryStatus| Possible values are: `ok`, `bad`. The value depends on the ratio of (managedCount / usersCount). If the ratio is less than a predefined threshold, `ok` is returned. Otherwise, `bad` is returned.|
-|usersCount|int32|The number of users that are assigned with the role.|
-
-## Relationships
-None
--
-## JSON representation
-
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "@odata.type": "microsoft.graph.privilegedRoleSummary"
-}-->
-
-```json
-{
- "elevatedCount": 1024,
- "id": "string (identifier)",
- "managedCount": 1024,
- "mfaEnabled": true,
- "status": "string",
- "usersCount": 1024
-}
-
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "privilegedRoleSummary resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>--
v1.0 Removedstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/removedstate.md
+
+ Title: "removedState resource type"
+description: "Represents the deletion reason for a participant resource from a roster."
+
+ms.localizationpriority: medium
++
+# removedState resource type
+
+Namespace: microsoft.graph
++
+Represents the deletion reason for a [participant](participant.md) resource from a roster.
+
+## Properties
+
+| Property | Type | Description |
+|:|:-|:-|
+| reason | String | The removal reason for the **participant** resource. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.removedState"
+} -->
+```json
+{
+ "@odata.type": "#microsoft.graph.removedState",
+ "reason": "String"
+}
+```
v1.0 Report https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/report.md
The following table shows the availability for each API across all cloud deploym
| [Microsoft 365 browser usage](/graph/api/resources/microsoft-365-browser-usage-report?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | Γ₧û | | [Microsoft 365 groups activity](/graph/api/resources/office-365-groups-activity-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ£ö | Γ₧û | Γ₧û | | [Microsoft Forms Usage](/graph/api/resources/microsoft-forms-usage-reports.md?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û |
-| [Microsoft Teams device usage](/graph/api/resources/microsoft-teams-device-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ₧û | Γ₧û | Γ£ö |
-| [Microsoft Teams team usage](/graph/api/resources/microsoft-teams-team-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ₧û | Γ₧û | Γ£ö |
-| [Microsoft Teams user activity](/graph/api/resources/microsoft-teams-user-activity-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ₧û | Γ₧û | Γ£ö |
+| [Microsoft Teams device usage](/graph/api/resources/microsoft-teams-device-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö |
+| [Microsoft Teams team usage](/graph/api/resources/microsoft-teams-team-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö |
+| [Microsoft Teams user activity](/graph/api/resources/microsoft-teams-user-activity-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö |
| [Outlook activity](/graph/api/resources/email-activity-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö | | [Outlook app usage](/graph/api/resources/email-app-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö | | [Outlook mailbox usage](/graph/api/resources/mailbox-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö |
v1.0 Requestschedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/requestschedule.md
Namespace: microsoft.graph
In [Azure AD entitlement management](entitlementmanagement-overview.md), an access package assignment request is created by a user who wants to obtain an access package assignment. This request can include a schedule for when the user would like to have an assignment. An access package assignment that results from such a request also has a schedule.
-In PIM, use this resource to define the schedule for when the principal will have an eligible or active role assignment.
+In [PIM for Azure AD roles](privilegedidentitymanagementv3-overview.md) and [PIM for Groups](privilegedidentitymanagement-for-groups-api-overview.md), use this resource to define the schedule for when the principal will have an eligible or active role assignment.
## Properties
v1.0 Search Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-api-overview.md
When searching an entity type, such as **message**, **event**, **drive**, **driv
For all these entity types, specifying the **fields** property reduces the number of properties returned in the response, optimizing the payload over the wire.
-The **listItem** and **externalItem** entities are the only supported entities that allow getting extended retrievable fields configured in the schema. You cannot retrieve extended properties from all the other entities by using the search API. For example, if you created a retrievable field for **externalItem** in the search schema, or if you have a retrievable custom column on a **listItem**, you can retrieve these properties from search. To retrieve an extended property on a file, specify the **listItem** type in the request.
+The **listItem**, **driveItem** and **externalItem** entities are the only supported entities that allow getting extended retrievable fields configured in the schema. You cannot retrieve extended properties from all the other entities by using the search API. For example, if you created a retrievable field for **externalItem** in the search schema, or if you have a retrievable custom column on a **listItem** or **driveItem**, you can retrieve these properties from search. To retrieve an extended property on a file, specify the **listItem** or **driveItem** type in the request.
If the **fields** specified in the request are either not present in the schema, or not marked as retrievable, they will not be returned in the response. Invalid fields in the request are silently ignored.
-If you do not specify any **fields** in the request, you will get the default set of properties for all types. For extended properties, **listItem** and **externalItem** behave differently when no **fields** are passed in the request:
+If you do not specify any **fields** in the request, you will get the default set of properties for all types. For extended properties, **listItem**, **driveItem** and **externalItem** behave differently when no **fields** are passed in the request:
- **listItem** will not return any custom field.
+- **driveItem** will return an internal listItem with an empty field.
- **externalItem** will return all the fields marked with the **retrievable** attribute in the Microsoft Graph connector schema for that particular connection. ## Keyword Query Language (KQL) support
For backward compatibility, the original properties and types are accessible and
## What's new
-Find out about the [latest new features and updates](/graph/whats-new-overview) for this API set.
+Find out about the [latest new features and updates](/graph/whats-new-overview) for this API set.
v1.0 Security Threatintelligence Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-threatintelligence-overview.md
Title: "Use the threat intelligence APIs in Microsoft Graph (preview)"
+ Title: "Use the Microsoft Graph APIs for Microsoft Defender Threat Intelligence (preview)"
description: "The threat intelligence APIs in Microsoft Graph lets apps manage administrator tasks for organizations." ms.localizationpriority: medium
ms.prod: "security"
doc_type: conceptualPageType
-# Use the threat intelligence APIs in Microsoft Graph (preview)
+# Use the Microsoft Graph APIs for Microsoft Defender Threat Intelligence (preview)
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Microsoft Graph threat intelligence APIs deliver world-class threat intelligence to help protect your organization from modern cyber threats. Using threat intelligence APIs, you can identify adversaries and their operations, accelerate detection and remediation, and enhance your security investments and workflows.
+Organizations conducting threat infrastructure analysis and gathering threat intelligence can use [Microsoft Defender Threat Intelligence](/defender/threat-intelligence/what-is-microsoft-defender-threat-intelligence-defender-ti) (Defender TI) to streamline triage, incident response, threat hunting, vulnerability management, and cyber threat intelligence analyst workflows. In addition, you can use the APIs exposed by Microsoft Defender Threat Intelligence on Microsoft Graph to deliver world-class threat intelligence that helps protect your organization from modern cyber threats. You can identify adversaries and their operations, accelerate detection and remediation, and enhance your security investments and workflows.
-Threat intelligence APIs allow you to operationalize intelligence found within the UI. This includes finished intelligence in the forms of articles and intel profiles, machine intelligence including indicators of compromise (IoCs) and reputation verdicts, and finally, enrichment data including passive DNS, cookies, components, and trackers.
+These threat intelligence APIs allow you to operationalize intelligence found within the UI. This includes finished intelligence in the forms of articles and intel profiles, machine intelligence including indicators of compromise (IoCs) and reputation verdicts, and finally, enrichment data including passive DNS, cookies, components, and trackers.
## Authorization
v1.0 Serviceprincipal https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/serviceprincipal.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|passwordCredentials|[passwordCredential](passwordcredential.md) collection|The collection of password credentials associated with the service principal. Not nullable. | |passwordSingleSignOnSettings|[passwordSingleSignOnSettings](passwordsinglesignonsettings.md)|The collection for settings related to password single sign-on. Use `$select=passwordSingleSignOnSettings` to read the property. Read-only for [applicationTemplates](applicationTemplate.md) except for custom applicationTemplates. | |preferredSingleSignOnMode|string|Specifies the single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps. The supported values are `password`, `saml`, `notSupported`, and `oidc`.|
-|preferredTokenSigningKeyEndDateTime|DateTimeOffset|Specifies the expiration date of the keyCredential used for token signing, marked by **preferredTokenSigningKeyThumbprint**.|
-|preferredTokenSigningKeyThumbprint|String|Reserved for internal use only. Do not write or otherwise rely on this property. May be removed in future versions. |
+|preferredTokenSigningKeyEndDateTime|DateTimeOffset|Specifies the expiration date of the keyCredential used for token signing, marked by **preferredTokenSigningKeyThumbprint**. Updating this attribute is not currentlysupported. For details, see [ServicePrincipal property differences](/graph/migrate-azure-ad-graph-property-differences#serviceprincipal-property-differences).|
+|preferredTokenSigningKeyThumbprint|String|This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to `saml`) to control which certificate is used to sign the SAML responses. For applications that are not SAML, do not write or otherwise rely on this property. |
|publishedPermissionScopes|[permissionScope](permissionscope.md) collection|The delegated permissions exposed by the application. For more information see the **oauth2PermissionScopes** property on the [application](application.md) entity's **api** property. Not nullable. <br/>**Note:** This property is named **oauth2PermissionScopes** in v1.0.| |publisherName| String | The name of the Azure AD tenant that published the application. | |replyUrls|String collection|The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable. | |samlMetadataUrl|String|The url where the service exposes SAML metadata for federation.| |samlSingleSignOnSettings|[samlSingleSignOnSettings](samlsinglesignonsettings.md)|The collection for settings related to saml single sign-on.|
-|servicePrincipalNames|String collection|Contains the list of **identifiersUris**, copied over from the associated [application](application.md). Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Azure AD. For example,<ul><li>Client apps can specify a resource URI which is based on the values of this property to acquire an access token, which is the URI returned in the ΓÇ£audΓÇ¥ claim.</li></ul><br>The any operator is required for filter expressions on multi-valued properties. Not nullable. <br><br> Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
+|servicePrincipalNames|String collection|Contains the list of **identifiersUris**, copied over from the associated [application](application.md). Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Azure AD. For example,<ul><li>Client apps can specify a resource URI which is based on the values of this property to acquire an access token, which is the URI returned in the "aud" claim.</li></ul><br>The any operator is required for filter expressions on multi-valued properties. Not nullable. <br><br> Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
|servicePrincipalType|String|Identifies if the service principal represents an application or a managed identity. This is set by Azure AD internally. For a service principal that represents an [application](./application.md) this is set as __Application__. For a service principal that represent a [managed identity](/azure/active-directory/managed-identities-azure-resources/overview) this is set as __ManagedIdentity__. The __SocialIdp__ type is for internal use. |
-| signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. Read-only. <br><br>Supported values are:<ul><li>`AzureADMyOrg`: Users with a Microsoft work or school account in my organizationΓÇÖs Azure AD tenant (single-tenant).</li><li>`AzureADMultipleOrgs`: Users with a Microsoft work or school account in any organizationΓÇÖs Azure AD tenant (multi-tenant).</li><li>`AzureADandPersonalMicrosoftAccount`: Users with a personal Microsoft account, or a work or school account in any organizationΓÇÖs Azure AD tenant.</li><li>`PersonalMicrosoftAccount`: Users with a personal Microsoft account only.</li></ul> |
+| signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. Read-only. <br><br>Supported values are:<ul><li>`AzureADMyOrg`: Users with a Microsoft work or school account in my organization's Azure AD tenant (single-tenant).</li><li>`AzureADMultipleOrgs`: Users with a Microsoft work or school account in any organization's Azure AD tenant (multi-tenant).</li><li>`AzureADandPersonalMicrosoftAccount`: Users with a personal Microsoft account, or a work or school account in any organization's Azure AD tenant.</li><li>`PersonalMicrosoftAccount`: Users with a personal Microsoft account only.</li></ul> |
|tags|String collection| Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated [application](application.md) entity's **tags** property.<br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).| |tokenEncryptionKeyId|String|Specifies the keyId of a public key from the keyCredentials collection. When configured, Azure AD issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.| | verifiedPublisher | [verifiedPublisher](verifiedPublisher.md) | Specifies the verified publisher of the application which this service principal represents.|
v1.0 Serviceprovisioningerror https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/serviceprovisioningerror.md
+
+ Title: "serviceProvisioningError resource type"
+description: "Represents an abstract base type for service provisioning errors."
+ms.localizationpriority: medium
+++
+# serviceProvisioningError resource type
+
+Namespace: microsoft.graph
++
+Represents an abstract base type for service provisioning errors which are information published by a federated service describing a non-transient, service-specific error for the [user](user.md), [group](group.md), or [organizational contact](orgcontact.md) entities regarding the properties or link from an object that requires an explicit administrator action to resolve.
+
+Base type of [serviceProvisioningXmlError](../resources/serviceprovisioningxmlerror.md).
+
+## Properties
+
+| Property | Type | Description |
+| :-- | :- | : |
+| createdDateTime | DateTimeOffset | The date and time at which the error occurred. |
+| isResolved | Boolean | Indicates whether the Error has been attended to. |
+| serviceInstance | String | Qualified service instance (e.g., "SharePoint/Dublin") that published the service error information. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+ ],
+ "@odata.type": "microsoft.graph.serviceProvisioningError"
+}-->
+
+```json
+{
+ "createdDateTime": "2020-01-31T17:45:18.00",
+ "isResolved": false,
+ "serviceInstance": "exchange/NAMPRD09-001-01"
+}
+```
v1.0 Serviceprovisioningxmlerror https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/serviceprovisioningxmlerror.md
+
+ Title: "serviceProvisioningXmlError resource type"
+description: "Represents information published by a federated service describing a non-transient, service-specific error regarding the properties or link from an object that are represented as an xml string"
+ms.localizationpriority: medium
+++
+# serviceProvisioningXmlError resource type
+
+Namespace: microsoft.graph
++
+Represents information published by a federated service describing a non-transient, service-specific error for the [user](user.md), [group](group.md), or [organizational contact](orgcontact.md) entities regarding the properties or link from an object. These errors are represented as an xml string.
+
+Inherits from [serviceProvisioningError](../resources/serviceprovisioningerror.md).
+
+## Properties
+
+| Property | Type | Description |
+| :-- | :- | : |
+| createdDateTime | DateTimeOffset | The date and time at which the error occurred. |
+| errorDetail | String | Error Information published by the Federated Service as an xml string . |
+| isResolved | Boolean | Indicates whether the Error has been attended to. |
+| serviceInstance | String | Qualified service instance (e.g., "SharePoint/Dublin") that published the service error information. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+ ],
+ "@odata.type": "microsoft.graph.serviceProvisioningXmlError"
+}-->
+
+```json
+{
+ "createdDateTime": "2020-01-31T17:45:18.00",
+ "errorDetail": "<a/>",
+ "isResolved": false,
+ "serviceInstance": "exchange/NAMPRD09-001-01"
+}
+```
v1.0 Sharepoint https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/sharepoint.md
The SharePoint API in Microsoft Graph supports the following core scenarios:
* Access to SharePoint **sites**, **lists**, and **drives** (document libraries) * Read-only support for **site** resources (no ability to create new sites) * Read-write support for **lists**, **listItems**, and **driveItems**
+* Read-write support for tenant-level **SharePointSettings**
* Address resources by SharePoint ID, URL, or relative path The SharePoint API exposes three major resource types:
The following examples are relative to `https://graph.microsoft.com/beta`.
| /sites/{site-id}/lists | Enumerate the [lists](list.md) under the [site](site.md). | /sites/{site-id}/lists/{list-id}/items | Enumerate the [listItems](listitem.md) under the [list](list.md). | /groups/{group-id}/sites/root | Access a group's team [site][].
+| /admin/sharepoint/settings | Access the organization's admin level [settings](sharepointSettings.md).
Sites can also be addressed by path by using the SharePoint hostname, followed by a colon and the relative path to the site. You can optionally transition back to addressing the resource model by putting another colon at the end.
Find out about the [latest new features and updates](/graph/whats-new-overview)
[list]: list.md [drive]: drive.md [siteCollection]: sitecollection.md
+[settings]: sharepointSettings.md
<!-- { "type": "#page.annotation",
v1.0 Sharepointsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/sharepointsettings.md
+
+ Title: "sharepointSettings resource type"
+description: "Represents the tenant-level settings for SharePoint and OneDrive."
+
+ms.localizationpriority: medium
++
+# sharepointSettings resource type
+Namespace: microsoft.graph
++
+Represents the tenant-level settings for SharePoint and OneDrive.
+
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+|Method|Return type|Description
+|:|:|:
+|[Get settings](../api/sharepointsettings-get.md)|[microsoft.graph.sharepointSettings](../resources/sharepointsettings.md) | Get the tenant-level settings for SharePoint and OneDrive.|
+|[Update settings](../api/sharepointsettings-update.md) | [microsoft.graph.sharepointSettings](../resources/sharepointsettings.md) | Update one or more tenant-level settings for SharePoint and OneDrive.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+| allowedDomainGuidsForSyncApp | GUID collection | Collection of trusted domain GUIDs for the OneDrive sync app. |
+| availableManagedPathsForSiteCreation | String collection | Collection of managed paths available for site creation. Read-only. |
+| deletedUserPersonalSiteRetentionPeriodInDays | Int32 | The number of days for preserving a deleted user's OneDrive. |
+| excludedFileExtensionsForSyncApp | String collection | Collection of file extensions not uploaded by the OneDrive sync app. |
+| idleSessionSignOut | [microsoft.graph.idleSessionSignOut](../resources/idlesessionsignout.md) | Specifies the idle session sign-out policies for the tenant. |
+| imageTaggingOption | [microsoft.graph.imageTaggingChoice](../resources/sharepointsettings.md#imagetaggingchoice-values) | Specifies the image tagging option for the tenant. Possible values are: `disabled`, `basic`, `enhanced`. |
+| isCommentingOnSitePagesEnabled | Boolean | Indicates whether comments are allowed on modern site pages in SharePoint. |
+| isFileActivityNotificationEnabled | Boolean | Indicates whether push notifications are enabled for OneDrive events. |
+| isLegacyAuthProtocolsEnabled | Boolean | Indicates whether legacy authentication protocols are enabled for the tenant. |
+| isLoopEnabled | Boolean | Indicates whetherif Fluid Framework is allowed on SharePoint sites. |
+| isMacSyncAppEnabled | Boolean | Indicates whether files can be synced using the OneDrive sync app for Mac. |
+| isRequireAcceptingUserToMatchInvitedUserEnabled | Boolean | Indicates whether guests must sign in using the same account to which sharing invitations are sent. |
+| isResharingByExternalUsersEnabled | Boolean | Indicates whether guests are allowed to reshare files, folders, and sites they don't own. |
+| isSharePointMobileNotificationEnabled | Boolean | Indicates whether mobile push notifications are enabled for SharePoint. |
+| isSharePointNewsfeedEnabled | Boolean | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. |
+| isSiteCreationEnabled | Boolean | Indicates whether users are allowed to create sites. |
+| isSiteCreationUIEnabled | Boolean | Indicates whether the UI commands for creating sites are shown. |
+| isSitePagesCreationEnabled | Boolean | Indicates whether creating new modern pages is allowed on SharePoint sites. |
+| isSitesStorageLimitAutomatic | Boolean | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. |
+| isSyncButtonHiddenOnPersonalSite | Boolean | Indicates whether the sync button in OneDrive is hidden. |
+| isUnmanagedSyncAppForTenantRestricted | Boolean | Indicates whether users are allowed to sync files only on PCs joined to specific domains. |
+| personalSiteDefaultStorageLimitInMB | Int64 | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). |
+| sharingAllowedDomainList | String collection | Collection of email domains that are allowed for sharing outside the organization. |
+| sharingBlockedDomainList | String collection | Collection of email domains that are blocked for sharing outside the organization. |
+| sharingCapability | [microsoft.graph.sharingCapabilities](../resources/sharepointsettings.md#sharingcapabilities-values) | Sharing capability for the tenant. Possible values are: `disabled`, `externalUserSharingOnly`, `externalUserAndGuestSharing`, `existingExternalUserSharingOnly`. |
+| sharingDomainRestrictionMode | [microsoft.graph.sharingDomainRestrictionMode](../resources/sharepointsettings.md#sharingdomainrestrictionmode-values) | Specifies the external sharing mode for domains. Possible values are: `none`, `allowList`, `blockList`. |
+| siteCreationDefaultManagedPath | String | The value of the team site managed path. This is the path under which new team sites will be created. |
+| siteCreationDefaultStorageLimitInMB | Int32 | The default storage quota for a new site upon creation. Measured in megabytes (MB). |
+| tenantDefaultTimezone | String | The default timezone of a tenant for newly created sites. For a list of possible values, see [SPRegionalSettings.TimeZones property](/sharepoint/dev/schema/regional-settings-schema). |
+
+### imageTaggingChoice values
+| Member | Description |
+| : | :|
+| disabled | The image tagging option for the tenant is disabled. |
+| basic | Allows users within the tenant to add basic tags to images to make them accessible through search. |
+| enhanced | Allows users to tag images with custom tags and enhanced features. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+### sharingCapabilities values
+| Member | Description |
+| : | :|
+| disabled | Users can share only with people in the organization. No external sharing is allowed. |
+| externalUserSharingOnly | Users can share with new and existing guests. Guests must sign in or provide a verification code. |
+| externalUserAndGuestSharing | Users can share with anyone by using links that don't require sign-in. |
+| existingExternalUserSharingOnly | Users can share with existing guests (those already in the directory of the organization). |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+### sharingDomainRestrictionMode values
+| Member | Description |
+||--|
+| none | No restrictions apply. |
+| allowList | Users will be able to share with external collaborators coming only from the list of allowed email domains. |
+| blockList | Users will be able to share with all external collaborators apart from the ones on the list of blocked email domains. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.sharepointSettings",
+ "openType": "false"
+}
+-->
+``` json
+{
+ "allowedDomainGuidsForSyncApp": ["string (identifier)"],
+ "availableManagedPathsForSiteCreation": ["string"],
+ "deletedUserPersonalSiteRetentionPeriodInDays": "Int32",
+ "excludedFileExtensionsForSyncApp": ["string"],
+ "idleSessionSignOut": "microsoft.graph.idleSessionSignOut",
+ "imageTaggingOption": "string",
+ "isCommentingOnSitePagesEnabled": "boolean",
+ "isFileActivityNotificationEnabled": "boolean",
+ "isLegacyAuthProtocolsEnabled": "boolean",
+ "isLoopEnabled": "boolean",
+ "isMacSyncAppEnabled": "boolean",
+ "isRequireAcceptingUserToMatchInvitedUserEnabled": "boolean",
+ "isResharingByExternalUsersEnabled": "boolean",
+ "isSharePointMobileNotificationEnabled": "boolean",
+ "isSharePointNewsfeedEnabled": "boolean",
+ "isSiteCreationEnabled": "boolean",
+ "isSiteCreationUIEnabled": "boolean",
+ "isSitePagesCreationEnabled": "boolean",
+ "isSitesStorageLimitAutomatic": "boolean",
+ "isSyncButtonHiddenOnPersonalSite": "boolean",
+ "isUnmanagedSyncAppForTenantRestricted": "boolean",
+ "personalSiteDefaultStorageLimitInMB": "Int64",
+ "sharingAllowedDomainList" : ["string"],
+ "sharingBlockedDomainList" : ["string"],
+ "sharingCapability": "string",
+ "sharingDomainRestrictionMode": "string",
+ "siteCreationDefaultManagedPath": "string",
+ "siteCreationDefaultStorageLimitInMB": "Int32",
+ "tenantDefaultTimezone": "string"
+}
+```
+
+<!--
+{
+ "type": "#page.annotation",
+ "description": "settings resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "namespace": "microsoft.graph"
+}
+-->
v1.0 Signinactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/signinactivity.md
Provides the last interactive or non-interactive sign-in time for a specific [us
| Property | Type | Description | |:-|:|:|
-|lastSignInDateTime|DateTimeOffset|The last interactive sign-in date and time for a specific user. You can use this field to calculate the last time a user signed in to the directory with an interactive authentication method. This field can be used to build reports, such as inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains interactive sign-ins going back to April 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
+|lastSignInDateTime|DateTimeOffset|The last interactive sign-in date and time for a specific user. You can use this field to calculate the last time a user attempted to sign into the directory the directory with an interactive authentication method. This field can be used to build reports, such as inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains interactive sign-ins going back to April 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
|lastSignInRequestId|String|Request identifier of the last interactive sign-in performed by this user.|
-|lastNonInteractiveSignInDateTime|DateTimeOffset|The last non-interactive sign-in date for a specific user. You can use this field to calculate the last time a client signed in to the directory on behalf of a user. Because some users may use clients to access tenant resources rather than signing into your tenant directly, you can use the non-interactive sign-in date to along with lastSignInDateTime to identify inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains non-interactive sign-ins going back to May 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
+|lastNonInteractiveSignInDateTime|DateTimeOffset|The last non-interactive sign-in date for a specific user. You can use this field to calculate the last time a client attempted to sign into the directory the directory on behalf of a user. Because some users may use clients to access tenant resources rather than signing into your tenant directly, you can use the non-interactive sign-in date to along with lastSignInDateTime to identify inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains non-interactive sign-ins going back to May 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
|lastNonInteractiveSignInRequestId|String|Request identifier of the last non-interactive sign-in performed by this user.| ## JSON representation
v1.0 Subjectrightsrequest Subjectrightsrequestapioverview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/subjectrightsrequest-subjectrightsrequestapioverview.md
In accordance with certain privacy regulations around the world, individuals can
The Microsoft Graph APIs for subject rights request provide functionality for organizations to automate repetitive tasks and integrate with existing data subject request tools, to enable building repeatable workflows that can be incorporated to their business processes. You can use the subject rights request APIs to help you automate and scale your organization's ability to perform subject rights requests searches in Microsoft 365 and help meet industry regulations more efficiently. > [!IMPORTANT]
-> The Microsoft Graph APIs for subject rights request are intended to help meet the need to fulfill subject rights requests within Microsoft 365 services for Exchange Online, SharePoint Online, Teams chats, and OneDrive for Business. These APIs should not be used as a substitute for searching for data in any other Microsoft 365 system or any other area as those scenarios are not explicity supported.
+> The Microsoft Graph APIs for subject rights request are intended to help meet the need to fulfill subject rights requests within Microsoft 365 services for Exchange Online, SharePoint Online, Teams chats, and OneDrive for Business. These APIs should not be used as a substitute for searching for data in any other Microsoft 365 system or any other area as those scenarios are not explicitly supported.
The API includes the following key entities.
The API includes the following key entities.
| Subject rights request history | [microsoft.graph.subjectRightsRequesthistory](subjectRightsRequesthistory.md) | Represents the history for a subject rights request. | | Subject rights request detail | [microsoft.graph.subjectRightsRequestDetail](subjectRightsRequestDetail.md) | Represents the details of a subject rights request, including number of items found, number of items reviewed, and so on. | | Subject rights request stage detail | [microsoft.graph.subjectRightsRequestStageDetail](subjectRightsRequestStageDetail.md) | Represents the properties of the stages of a subject rights request. |----
v1.0 Tenantadmin Idlesessionsignout https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/tenantadmin-idlesessionsignout.md
- Title: "idleSessionSignOut resource type"
-description: "Represents the idle session sign-out policy settings for SharePoint."
-
-doc_type: resourcePageType
--
-# idleSessionSignOut resource type
-
-Namespace: microsoft.graph.tenantAdmin
--
-Represents the idle session sign-out policy settings for SharePoint.
-
-## Properties
-
-| Property | Type | Description |
-|:-|:|:|
-| isEnabled | Boolean | Indicates whether the idle session sign-out policy is enabled. |
-| signOutAfterInSeconds | Int64 | Number of seconds of inactivity after which a user is signed out. |
-| warnAfterInSeconds | Int64 | Number of seconds of inactivity after which a user is notified that they'll be signed out.|
-
-## JSON representation
-
-The following is a JSON representation of the resource.
-
-<!-- { "blockType": "resource", "@odata.type": "microsoft.graph.tenantAdmin.idleSessionSignOut" } -->
-
-```json
-{
- "isEnabled": "Boolean",
- "signOutAfterInSeconds": "Int64",
- "warnAfterInSeconds": "Int64"
-}
-```
-
-<!-- {
- "type": "#page.annotation",
- "description": "Idle session sign out parameters",
- "section": "documentation",
- "tocPath": "Resources/idleSessionSignOut"
-} -->
v1.0 Tenantadmin Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/tenantadmin-settings.md
- Title: "settings resource type"
-description: "Represents the tenant-level settings for SharePoint and OneDrive."
-
-doc_type: "resourcePageType"
--
-# settings resource type
-Namespace: microsoft.graph.tenantAdmin
--
-Represents the tenant-level settings for SharePoint and OneDrive.
-
-Inherits from [entity](../resources/entity.md).
-
-## Methods
-|Method|Return type|Description
-|:|:|:
-|[Get settings](../api/tenantadmin-settings-get.md)|[microsoft.graph.tenantAdmin.settings](../resources/tenantadmin-settings.md) | Get the tenant-level settings for SharePoint and OneDrive.|
-|[Update settings](../api/tenantadmin-settings-update.md) | [microsoft.graph.tenantAdmin.settings](../resources/tenantadmin-settings.md) | Update one or more tenant-level settings for SharePoint and OneDrive.|
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-| allowedDomainGuidsForSyncApp | GUID collection | Collection of trusted domain GUIDs for the OneDrive sync app. |
-| availableManagedPathsForSiteCreation | String collection | Collection of managed paths available for site creation. Read-only. |
-| deletedUserPersonalSiteRetentionPeriodInDays | Int32 | The number of days for preserving a deleted user's OneDrive. |
-| excludedFileExtensionsForSyncApp | String collection | Collection of file extensions not uploaded by the OneDrive sync app. |
-| idleSessionSignOut | [tenantAdmin.idleSessionSignOut](../resources/tenantadmin-idlesessionsignout.md) | Specifies the idle session sign-out policies for the tenant. |
-| imageTaggingOption | [tenantAdmin.imageTaggingChoice](../resources/tenantadmin-settings.md#imagetaggingchoice-values) | Specifies the image tagging option for the tenant. Possible values are: `disabled`, `basic`, `enhanced`. |
-| isCommentingOnSitePagesEnabled | Boolean | Indicates whether comments are allowed on modern site pages in SharePoint. |
-| isFileActivityNotificationEnabled | Boolean | Indicates whether push notifications are enabled for OneDrive events. |
-| isLegacyAuthProtocolsEnabled | Boolean | Indicates whether legacy authentication protocols are enabled for the tenant. |
-| isLoopEnabled | Boolean | Indicates whetherif Fluid Framework is allowed on SharePoint sites. |
-| isMacSyncAppEnabled | Boolean | Indicates whether files can be synced using the OneDrive sync app for Mac. |
-| isRequireAcceptingUserToMatchInvitedUserEnabled | Boolean | Indicates whether guests must sign in using the same account to which sharing invitations are sent. |
-| isResharingByExternalUsersEnabled | Boolean | Indicates whether guests are allowed to reshare files, folders, and sites they don't own. |
-| isSharePointMobileNotificationEnabled | Boolean | Indicates whether mobile push notifications are enabled for SharePoint. |
-| isSharePointNewsfeedEnabled | Boolean | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. |
-| isSiteCreationEnabled | Boolean | Indicates whether users are allowed to create sites. |
-| isSiteCreationUIEnabled | Boolean | Indicates whether the UI commands for creating sites are shown. |
-| isSitePagesCreationEnabled | Boolean | Indicates whether creating new modern pages is allowed on SharePoint sites. |
-| isSitesStorageLimitAutomatic | Boolean | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. |
-| isSyncButtonHiddenOnPersonalSite | Boolean | Indicates whether the sync button in OneDrive is hidden. |
-| isUnmanagedSyncAppForTenantRestricted | Boolean | Indicates whether users are allowed to sync files only on PCs joined to specific domains. |
-| personalSiteDefaultStorageLimitInMB | Int64 | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). |
-| sharingAllowedDomainList | String collection | Collection of email domains that are allowed for sharing outside the organization. |
-| sharingBlockedDomainList | String collection | Collection of email domains that are blocked for sharing outside the organization. |
-| sharingCapability | [tenantAdmin.sharingCapabilities](#sharingcapabilities-values) | Sharing capability for the tenant. Possible values are: `disabled`, `externalUserSharingOnly`, `externalUserAndGuestSharing`, `existingExternalUserSharingOnly`. |
-| sharingDomainRestrictionMode | [tenantAdmin.sharingDomainRestrictionMode](#sharingdomainrestrictionmode-values) | Specifies the external sharing mode for domains. Possible values are: `none`, `allowList`, `blockList`. |
-| siteCreationDefaultManagedPath | String | The value of the team site managed path. This is the path under which new team sites will be created. |
-| siteCreationDefaultStorageLimitInMB | Int32 | The default storage quota for a new site upon creation. Measured in megabytes (MB). |
-| tenantDefaultTimezone | String | The default timezone of a tenant for newly created sites. For a list of possible values, see [SPRegionalSettings.TimeZones property](/dotnet/api/microsoft.sharepoint.spregionalsettings.timezones). |
-
-### imageTaggingChoice values
-| Member | Description |
-| : | :|
-| disabled | The image tagging option for the tenant is disabled. |
-| basic | Allows users within the tenant to add basic tags to images to make them accessible through search. |
-| enhanced | Allows users to tag images with custom tags and enhanced features. |
-| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
-
-### sharingCapabilities values
-| Member | Description |
-| : | :|
-| disabled | Users can share only with people in the organization. No external sharing is allowed. |
-| externalUserSharingOnly | Users can share with new and existing guests. Guests must sign in or provide a verification code. |
-| externalUserAndGuestSharing | Users can share with anyone by using links that don't require sign-in. |
-| existingExternalUserSharingOnly | Users can share with existing guests (those already in the directory of the organization). |
-| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
-
-### sharingDomainRestrictionMode values
-| Member | Description |
-||--|
-| none | No restrictions apply. |
-| allowList | Users will be able to share with external collaborators coming only from the list of allowed email domains. |
-| blockList | Users will be able to share with all external collaborators apart from the ones on the list of blocked email domains. |
-| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
-
-## JSON representation
-The following is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.tenantAdmin.settings",
- "openType": "false"
-}
>
-``` json
-{
- "allowedDomainGuidsForSyncApp": ["string (identifier)"],
- "availableManagedPathsForSiteCreation": ["string"],
- "deletedUserPersonalSiteRetentionPeriodInDays": "Int32",
- "excludedFileExtensionsForSyncApp": ["string"],
- "idleSessionSignOut": "microsoft.graph.tenantAdmin.idleSessionSignOut",
- "imageTaggingOption": "string",
- "isCommentingOnSitePagesEnabled": "boolean",
- "isFileActivityNotificationEnabled": "boolean",
- "isLegacyAuthProtocolsEnabled": "boolean",
- "isLoopEnabled": "boolean",
- "isMacSyncAppEnabled": "boolean",
- "isRequireAcceptingUserToMatchInvitedUserEnabled": "boolean",
- "isResharingByExternalUsersEnabled": "boolean",
- "isSharePointMobileNotificationEnabled": "boolean",
- "isSharePointNewsfeedEnabled": "boolean",
- "isSiteCreationEnabled": "boolean",
- "isSiteCreationUIEnabled": "boolean",
- "isSitePagesCreationEnabled": "boolean",
- "isSitesStorageLimitAutomatic": "boolean",
- "isSyncButtonHiddenOnPersonalSite": "boolean",
- "isUnmanagedSyncAppForTenantRestricted": "boolean",
- "personalSiteDefaultStorageLimitInMB": "Int64",
- "sharingAllowedDomainList" : ["string"],
- "sharingBlockedDomainList" : ["string"],
- "sharingCapability": "string",
- "sharingDomainRestrictionMode": "string",
- "siteCreationDefaultManagedPath": "string",
- "siteCreationDefaultStorageLimitInMB": "Int32",
- "tenantDefaultTimezone": "string"
-}
-```
-
-<!--
-{
- "type": "#page.annotation",
- "description": "settings resource",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "namespace": "microsoft.graph.tenantAdmin"
-}
>
v1.0 Tenantadmin Sharepoint https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/tenantadmin-sharepoint.md
- Title: "sharepoint resource type"
-description: "Represents a container for administrative resources to manage tenant-level settings for SharePoint and OneDrive."
-
-doc_type: resourcePageType
--
-# sharepoint resource type
-
-Namespace: microsoft.graph.tenantAdmin
--
-Represents a container for administrative resources to manage tenant-level settings for SharePoint and OneDrive.
-
-## Properties
-None.
-
-## Relationships
-|Relationship|Type|Description|
-|:|:|:|
-|settings|[microsoft.graph.tenantAdmin.settings](../resources/tenantadmin-settings.md)|Represents the tenant-level settings for SharePoint and OneDrive.|
-
-## JSON representation
-The following is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.tenantAdmin.sharepoint",
- "openType": false
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.tenantAdmin.sharepoint"
-}
-```
-
v1.0 Ticketinfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/ticketinfo.md
doc_type: resourcePageType
Namespace: microsoft.graph
-Represents ticket information related to role assignment and eligibility requests. Use this object to define ticket parameters for a role assignment or eligibility request is initiated by another request made in an external system.
+Represents ticket information related to assignment and eligibility requests in [PIM for Azure AD roles](privilegedidentitymanagementv3-overview.md) and [PIM for Groups](privilegedidentitymanagement-for-groups-api-overview.md). Use this object to define ticket parameters for an assignment or eligibility request that's initiated by another request made in an external system.
## Properties |Property|Type|Description|
v1.0 Timecard https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/timecard.md
Title: "timecard resource type"
-description: "A timecard entry in the schedule."
+description: "Represents a timecard entry in the schedule."
ms.localizationpriority: medium ms.prod: "microsoft-teams"
Represents a timecard entry in the schedule.
## Properties |Property |Type |Description | |--|||
-| id |`string` |ID of the **timeCard**.|
-| userId |`string` |User ID to which the **timeCard** belongs. |
-| state |`timeCardState` | The current state of the **timeCard** during its life cycle.Possible values are: `clockedIn`, `onBreak`, `clockedOut`, `unknownFutureValue`.|
+| breaks |[timeCardBreak](timecardbreak.md) collection |The list of breaks associated with the **timeCard**.|
| clockInEvent |[timeCardEvent](../resources/timecardevent.md) | The clock-in event of the **timeCard**. | | clockOutEvent |[timeCardEvent](../resources/timecardevent.md) |The clock-out event of the **timeCard**. |
+| confirmedBy |confirmedBy | Indicates whether this **timeCard** entry is confirmed. Possible values are `none`, `user`, `manager`, `unknownFutureValue`.|
+|createdBy|[identitySet](identityset.md)| Identity of the person who created the entity. |
+|createdDateTime|DateTimeOffset| The timestamp in which the **timeCard** was created. |
+| id |String |Unique identifier for the **timeCard**.|
+|lastModifiedBy| [identitySet](identityset.md)| Identity of the person who last modified the entity.|
+|lastModifiedDateTime|DateTimeOffset| The timestamp in which the **timeCard** was last modified.|
| notes | [itemBody](itembody.md) |Notes about the **timeCard**. |
-| breaks |[timeCardBreak](timecardbreak.md) collection |The list of breaks associated with the **timeCard**.|
| originalEntry| [timeCardEntry](../resources/timecardentry.md) | The original **timeCardEntry** of the **timeCard**, before user edits. |
-| confirmedBy |`confirmedBy` | Indicate if this **timeCard** entry is confirmed. Possible values are `none`, `user`, `manager`, `unknownFutureValue`.|
-|createdDateTime|`Edm.dateTimeOffset`| The timestamp in which the **timeCard** was created. |
-|createdBy|`IdentitySet`| Identity of the person who created the entity. |
-|lastModifiedDateTime|`dateTimeOffset`| The timestamp in which the **timeCard** was last modified.|
-|lastModifiedBy| `IdentitySet`| Identity of the person who last modified the entity.|
+| state |timeCardState | The current state of the **timeCard** during its life cycle.Possible values are: `clockedIn`, `onBreak`, `clockedOut`, `unknownFutureValue`.|
+| userId |String |User ID to which the **timeCard** belongs. |
## JSON representation
The following is a JSON representation of the resource.
```json {
- "userId": "string (identifier)",
+ "breaks": [{"@odata.type":"microsoft.graph.timeCardEvent"}],
+ "clockInEvent": {"@odata.type":"microsoft.graph.timeCardEvent"},
+ "clockOutEvent": {"@odata.type":"microsoft.graph.timeCardEvent"},
+ "confirmedBy": "String",
+ "createdBy": {"@odata.type":"microsoft.graph.identitySet"},
"createdDateTime": "String (timestamp)",
- "lastModifiedDateTime": "String (timestamp)",
+ "id": "String (identifier)",
"lastModifiedBy": {"@odata.type":"microsoft.graph.identitySet"},
- "clockInEvent" : {"@odata.type":"microsoft.graph.timeCardEvent"},
- "clockOutEvent" : {"@odata.type":"microsoft.graph.timeCardEvent"},
- "notes" : {"@odata.type":"microsoft.graph.itemBody"},
- "breaks" : [{"@odata.type":"microsoft.graph.timeCardEvent"}],
- "originalEntry" : {"@odata.type":"microsoft.graph.timeCardEntry"}
+ "lastModifiedDateTime": "String (timestamp)",
+ "notes": {"@odata.type":"microsoft.graph.itemBody"},
+ "originalEntry": {"@odata.type":"microsoft.graph.timeCardEntry"},
+ "state": "String",
+ "userId": "String"
} ```
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/user.md
This resource supports:
| imAddresses | String collection | The instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only. Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).| | infoCatalogs | String collection | Identifies the info segments assigned to the user. Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`). | | interests | String collection | A list for the user to describe their interests. <br><br>Returned only on `$select`. |
+| isLicenseReconciliationNeeded | Boolean | Indicates whether the user is pending an exchange mailbox license assignment. <br><br> Read-only. <br><br> Supports `$filter` (`eq` where `true` only). |
| isResourceAccount | Boolean | Do not use ΓÇô reserved for future use. | | jobTitle | String | The user's job title. Maximum length is 128 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not` , `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values).| | lastPasswordChangeDateTime | DateTimeOffset | The time when this Azure AD user last changed their password or when their password was created, , whichever date the latest action was performed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. <br><br>Returned only on `$select`. |
This resource supports:
| responsibilities | String collection | A list for the user to enumerate their responsibilities. <br><br>Returned only on `$select`. | | schools | String collection | A list for the user to enumerate the schools they have attended. <br><br>Returned only on `$select`. | |securityIdentifier| String | Security identifier (SID) of the user, used in Windows scenarios. <br><br>Read-only. Returned by default. <br>Supports `$select` and `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`). |
+| serviceProvisioningErrors | [serviceProvisioningError](serviceprovisioningerror.md) collection | Errors published by a federated service describing a non-transient, service-specific error regarding the properties or link from a user object . <br> Supports `$filter` (`eq`, `not`, for isResolved and serviceInstance).|
| showInAddressList | Boolean | **Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead.** Represents whether the user should be included in the Outlook global address list. See [Known issue](/graph/known-issues#showinaddresslist-property-is-out-of-sync-with-microsoft-exchange).| | signInSessionsValidFromDateTime | DateTimeOffset | Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. Read-only. Use [revokeSignInSessions](../api/user-revokesigninsessions.md) to reset.| | skills | String collection | A list for the user to enumerate their skills. <br><br>Returned only on `$select`. |
-| signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties. <br><br>**Note:** <br/><li> Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<li>When you specify `$select=signInActivity` or `$filter=signInActivity` while [listing users](../api/user-list.md), the maximum page size is 120 users. Requests with `$top` set higher than 120 will return pages with up to 120 users.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
+| signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties. <br><br>**Note:** <br/><li> Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
| state | String | The state or province in the user's address. Maximum length is 128 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values). | | streetAddress | String | The street address of the user's place of business. Maximum length is 1024 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values).| | surname | String | The user's surname (family name or last name). Maximum length is 64 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values). |
Here is a JSON representation of the resource
"id": "String (identifier)", "identities": [{"@odata.type": "microsoft.graph.objectIdentity"}], "interests": ["String"],
+ "isLicenseReconciliationNeeded": false,
"isResourceAccount": false, "jobTitle": "String", "legalAgeGroupClassification": "String",
Here is a JSON representation of the resource
"responsibilities": ["String"], "schools": ["String"], "securityIdentifier": "String",
+ "serviceProvisioningErrors": [{"@odata.type": "microsoft.graph.serviceProvisioningXmlError"}],
"showInAddressList": true, "signInSessionsValidFromDateTime": "2019-02-07T21:53:13.084Z", "skills": ["String"],
v1.0 Usersimulationdetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/usersimulationdetails.md
Represents a user of a tenant and their online actions in an attack simulation a
|compromisedDateTime|DateTimeOffset|Date and time of the compromising online action by a user in an attack simulation and training campaign.| |inProgressTrainingsCount|Int32|Number of trainings in progress by a user in an attack simulation and training campaign.| |isCompromised|Boolean|Indicates whether a user was compromised in an attack simulation and training campaign.|
+|latestSimulationActivity|String|Indicates latest user activity.|
|reportedPhishDateTime|DateTimeOffset|Date and time when a user reported the delivered payload as phishing in the attack simulation and training campaign.| |simulationEvents|[userSimulationEventInfo](../resources/usersimulationeventinfo.md) collection|List of simulation events of a user in the attack simulation and training campaign.| |simulationUser|[attackSimulationUser](../resources/attacksimulationuser.md)|The user in an attack simulation and training campaign.|
The following is a JSON representation of the resource.
"compromisedDateTime": "String (timestamp)", "inProgressTrainingsCount": "Int32", "isCompromised": "Boolean",
+ "latestSimulationActivity": "TrainingCompletion",
"reportedPhishDateTime": "String (timestamp)", "simulationEvents": [ {
v1.0 Virtualappointment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/virtualappointment.md
ms.prod: "cloud-communications"
doc_type: resourcePageType
-# virtualAppointment resource type
+# virtualAppointment resource type (deprecated)
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] > [!CAUTION]
- > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on May 31, 2023. We recommend that you update existing apps that use this API to the new [Get Virtual appointment join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
+ > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on June 30, 2023. We recommend that you update existing apps that use this API to the new [Get Virtual appointment join link](../api/virtualappointment-getvirtualappointmentjoinweburl.md) function.
Represents information about a virtual appointment, including the client join URL, settings, and the client information. Virtual appointments are designed for business to consume online workflows and include enhanced features such as mobile browser join and client waiting room.
v1.0 Virtualappointmentsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/virtualappointmentsettings.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] > [!CAUTION]
- > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on May 31, 2023.
+ > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on June 30, 2023.
Represents settings that define the experience of a client user during a virtual appointment.
v1.0 Virtualappointmentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/virtualappointmentuser.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] > [!CAUTION]
- > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on May 31, 2023.
+ > The Virtual appointment resource and supporting methods are deprecated and will stop returning data on June 30, 2023.
Represents information about a client user in a virtual appointment.
v1.0 Watermarkprotectionvalues https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/watermarkprotectionvalues.md
Title: "watermarkProtectionValues resource type"
-description: "Indicates whether a watermark is enabled for different entities."
+description: "Indicates whether a watermark is enabled for different content types in a meeting."
ms.localizationpriority: medium ms.prod: "cloud-communications"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Indicates whether a watermark is enabled for different entities.
+Indicates whether a watermark is enabled for different content types.
-Setting either flag indicates that a watermark has been enabled for a meeting. Any clients that don't support watermarks will have a restricted (audio-only) experience in the meeting.
+These flags indicate indicate that a watermark is enabled for this particular meeting. Any clients that don't support watermarks will have a restricted (audio-only) experience in the meeting.
## Properties
v1.0 Accesspackageassignmentpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accesspackageassignmentpolicy-get.md
GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/as
[!INCLUDE [sample-code](../includes/snippets/php/get-accesspackageassignmentpolicy-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Accesspackageassignmentpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accesspackageassignmentpolicy-update.md
PUT /identityGovernance/entitlementManagement/assignmentPolicies/{accessPackageA
|Content-Type|application/json. Required.| ## Request body |Property|Type|Description| |:|:|:|
-|displayName|String|The display name of the policy.|
-|description|String|The description of the policy.|
-|allowedTargetScope|allowedTargetScope|Who is allowed to request the access package through this policy. The possible values are: `notSpecified`, `specificDirectoryUsers`, `specificConnectedOrganizationUsers`, `specificDirectoryServicePrincipals`, `allMemberUsers`, `allDirectoryUsers`, `allDirectoryServicePrincipals`, `allConfiguredConnectedOrganizationUsers`, `allExternalUsers`, `unknownFutureValue`.|
-|automaticRequestSettings|[accessPackageAutomaticRequestSettings](../resources/accessPackageAutomaticRequestSettings.md)|This property is only present for an auto assignment policy; if absent, this is a request-based policy.|
-|specificAllowedTargets|[subjectSet](../resources/subjectset.md) collection|The principals that can be assigned access from an access package through this policy.|
-|expiration|[expirationPattern](../resources/expirationpattern.md)|The expiration date for assignments created in this policy.|
-|requestorSettings|[accessPackageAssignmentRequestorSettings](../resources/accesspackageassignmentrequestorsettings.md)|Provides additional settings to select who can create a request for an access package assignment through this policy, and what they can include in their request.|
-|requestApprovalSettings|[accessPackageAssignmentApprovalSettings](../resources/accesspackageassignmentapprovalsettings.md)|Specifies the settings for approval of requests for an access package assignment through this policy. For example, if approval is required for new requests.|
-|reviewSettings|[accessPackageAssignmentReviewSettings](../resources/accesspackageassignmentreviewsettings.md)|Settings for access reviews of assignments through this policy.|
-|questions|[accessPackageQuestion](../resources/accesspackagequestion.md) collection|Questions that are posed to the requestor.|
+|displayName|String|The display name of the policy. Required.|
+|description|String|The description of the policy. Required.|
+|allowedTargetScope|allowedTargetScope|Who is allowed to request the access package through this policy. The possible values are: `notSpecified`, `specificDirectoryUsers`, `specificConnectedOrganizationUsers`, `specificDirectoryServicePrincipals`, `allMemberUsers`, `allDirectoryUsers`, `allDirectoryServicePrincipals`, `allConfiguredConnectedOrganizationUsers`, `allExternalUsers`, `unknownFutureValue`. Required.|
+|automaticRequestSettings|[accessPackageAutomaticRequestSettings](../resources/accessPackageAutomaticRequestSettings.md)|This property is only present for an auto assignment policy; if absent, this is a request-based policy. Required.|
+|specificAllowedTargets|[subjectSet](../resources/subjectset.md) collection|The principals that can be assigned access from an access package through this policy. Required.|
+|expiration|[expirationPattern](../resources/expirationpattern.md)|The expiration date for assignments created in this policy. Required.|
+|requestorSettings|[accessPackageAssignmentRequestorSettings](../resources/accesspackageassignmentrequestorsettings.md)|Provides additional settings to select who can create a request for an access package assignment through this policy, and what they can include in their request. Required.|
+|requestApprovalSettings|[accessPackageAssignmentApprovalSettings](../resources/accesspackageassignmentapprovalsettings.md)|Specifies the settings for approval of requests for an access package assignment through this policy. For example, if approval is required for new requests. Required.|
+|reviewSettings|[accessPackageAssignmentReviewSettings](../resources/accesspackageassignmentreviewsettings.md)|Settings for access reviews of assignments through this policy. Required.|
+|questions|[accessPackageQuestion](../resources/accesspackagequestion.md) collection|Questions that are posed to the requestor. Required.|
## Response If successful, this method returns a `200 OK` response code and an updated [accessPackageAssignmentPolicy](../resources/accesspackageassignmentpolicy.md) object in the response body.
v1.0 Appmanagementpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appManagementPolicy-list-appliesTo.md
List application and service principal objects that are assigned an [appManageme
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | :-- | | Delegated (work or school account) | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
v1.0 Application Addkey https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-addkey.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Application Delete Tokenissuancepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-delete-tokenissuancepolicies.md
Remove a [tokenIssuancePolicy](../resources/tokenissuancepolicy.md) from an [app
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application Delete Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-delete-tokenlifetimepolicies.md
Remove a [tokenLifetimePolicy](../resources/tokenlifetimepolicy.md) from an [app
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application List Tokenissuancepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-list-tokenissuancepolicies.md
List the [tokenIssuancePolicy](../resources/tokenissuancepolicy.md) objects that
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
GET https://graph.microsoft.com/v1.0/applications/acc848e9-e8ec-4feb-a521-8d58b5
[!INCLUDE [sample-code](../includes/snippets/php/list-tokenissuancepolicies-on-application-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Application List Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-list-tokenlifetimepolicies.md
List the [tokenLifetimePolicy](../resources/tokenlifetimepolicy.md) objects that
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-list.md
Get the list of [applications](../resources/application.md) in this organization
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.Read.All, Application.ReadWrite.All, Directory.Read.All |
v1.0 Application Post Calls https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-post-calls.md
One of the following permissions is required to call this API. To learn more, in
| Delegated (personal Microsoft account) | Not supported. | | Application | Calls.JoinGroupCalls.Chat*, Calls.JoinGroupCallAsGuest.All, Calls.JoinGroupCall.All, Calls.Initiate.All, Calls.InitiateGroupCall.All |
-> **Note:** For a call with app-hosted media, you need the Calls.AccessMedia.All permission in addition to one of the permissions listed in the table above.
->
-> Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+> **Notes:**
+> - For a call with app-hosted media, you need the Calls.AccessMedia.All permission in addition to one of the permissions listed in the previous table.
+> - Cloud Video Interop solutions that are [Certified for Microsoft Teams](/MicrosoftTeams/cloud-video-interop) have permission to call this API to join meetings for which they have meeting join links, similar to external users joining through a browser.
+> - Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Application Post Owners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-post-owners.md
Add an owner to an [application](../resources/application.md) by posting to the
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All |
v1.0 Application Post Tokenissuancepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-post-tokenissuancepolicies.md
Assign a [tokenIssuancePolicy](../resources/tokenissuancepolicy.md) to an [appli
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Application Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-post-tokenlifetimepolicies.md
Assign a [tokenLifetimePolicy](../resources/tokenlifetimepolicy.md) to an [appli
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Appmanagementpolicy Delete Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-delete-appliesto.md
Remove an [appManagementPolicy](../resources/appManagementPolicy.md) policy obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | :-- | | Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-DELETE /applications/{id}/appManagementPolicies/$ref
+DELETE /applications/{applicationObjectId}/appManagementPolicies/{appManagementPolicyId}/$ref
+DELETE /servicePrincipals/{servicePrincipalObjectId}/appManagementPolicies/{appManagementPolicyId}/$ref
``` ## Request headers
DELETE /applications/{id}/appManagementPolicies/$ref
## Request body
-In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+Do not supply a request body for this method.
## Response
The following is an example of the request to remove an appManagementPolicy from
}--> ```http
-DELETE https://graph.microsoft.com/v1.0/applications/{id}/appManagementPolicies/$ref
-Content-type: application/json
-
-{
- "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
-}
+DELETE https://graph.microsoft.com/v1.0/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/appManagementPolicies/15942288-d19b-458c-9be4-20377d0a2435/$ref
``` # [C#](#tab/csharp)
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/remove-appliesto-e1-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
The following is an example of the request to remove an appManagementPolicy from
}--> ``` http
-DELETE https://graph.microsoft.com/v1.0/servicePrincipals/{id}/appManagementPolicies/$ref
-
-{
- "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
-}
+DELETE https://graph.microsoft.com/v1.0/servicePrincipals/f284860e-368c-4a1f-8894-77f0a9676fb3/appManagementPolicies/15942288-d19b-458c-9be4-20377d0a2435/$ref
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java)
DELETE https://graph.microsoft.com/v1.0/servicePrincipals/{id}/appManagementPoli
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php)+
+# [PowerShell](#tab/powershell)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Appmanagementpolicy Post Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-post-appliesto.md
Assign an [appManagementPolicy](../resources/appManagementPolicy.md) policy obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | :-- | | Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
v1.0 Authenticationcombinationconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationcombinationconfiguration-get.md
If successful, this method returns a `200 OK` response code and an [authenticati
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_authenticationcombinationconfiguration"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/identity/conditionalAccess/authenticationStrength/policies/0e371351-6419-4c8a-8047-61eef0212ffb/combinationConfigurations/133b68c4-503b-4e87-839a-6c286a27381b ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response
v1.0 Authenticationcombinationconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationcombinationconfiguration-update.md
If successful, this method returns a `204 No Content` response code.
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_authenticationcombinationconfiguration"
Content-length: 130
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response <!-- {
v1.0 Authenticationmethodmodedetail Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethodmodedetail-get.md
If successful, this method returns a `200 OK` response code and an [authenticati
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_authenticationmethodmodedetail"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/identity/conditionalAccess/authenticationStrength/authenticationMethodModes/windowsHelloForBusiness ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authenticationstrengthpolicy Delete Combinationconfigurations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthpolicy-delete-combinationconfigurations.md
If successful, this method returns a `204 No Content` response code.
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_authenticationcombinationconfiguration"
The following is an example of a request.
DELETE https://graph.microsoft.com/v1.0/identity/conditionalAccess/authenticationStrength/policies/0e371351-6419-4c8a-8047-61eef0212ffb/combinationConfigurations/6cbbcfd0-5054-4a59-a10e-2d21fe09305d/$ref ```
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+++ ### Response The following is an example of the response <!-- {
v1.0 Authenticationstrengthpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthpolicy-get.md
If successful, this method returns a `200 OK` response code and an [authenticati
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_authenticationstrengthpolicy"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/policies/authenticationStrengthPolicies/00000000-0000-0000-0000-000000000004 ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authenticationstrengthpolicy List Combinationconfigurations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthpolicy-list-combinationconfigurations.md
If successful, this method returns a `200 OK` response code and a collection of
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_authenticationcombinationconfiguration"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/identity/conditionalAccess/authenticationStrength/policies/0e371351-6419-4c8a-8047-61eef0212ffb/combinationConfigurations ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authenticationstrengthpolicy Post Combinationconfigurations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthpolicy-post-combinationconfigurations.md
If successful, this method returns a `201 Created` response code and a [fido2Com
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_authenticationcombinationconfiguration_from_"
Content-length: 130
"appliesToCombinations": ["fido2"] } ```+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authenticationstrengthpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthpolicy-update.md
If successful, this method returns a `204 No Content` response code.
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_authenticationstrengthpolicy"
Content-length: 239
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ ### Response The following is an example of the response <!-- {
v1.0 Authenticationstrengthpolicy Updateallowedcombinations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthpolicy-updateallowedcombinations.md
If successful, this action returns a `200 OK` response code and a [updateAllowed
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "authenticationstrengthpolicythis.updateallowedcombinations"
Content-length: 51
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authenticationstrengthpolicy Usage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthpolicy-usage.md
If successful, this function returns a `200 OK` response code and an [authentica
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "authenticationstrengthpolicythis.usage"
The following is an example of a request.
``` http GET https://graph.microsoft.com/v1.0/policies/authenticationStrengthPolicies/{authenticationStrengthPolicyId}/usage ```+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authenticationstrengthroot Delete Policies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthroot-delete-policies.md
If successful, this method returns a `204 No Content` response code.
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_authenticationstrengthpolicy"
The following is an example of a request.
DELETE https://graph.microsoft.com/v1.0/policies/authenticationStrengthPolicies/6e7d7469-07c5-4bb2-a801-5eaef8fb7c1e/$ref ```
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+++ ### Response The following is an example of the response <!-- {
v1.0 Authenticationstrengthroot List Authenticationmethodmodes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthroot-list-authenticationmethodmodes.md
If successful, this method returns a `200 OK` response code and a collection of
#### Request The following is an example of a request to retrieve the collection of **authenticationMethodModes** objects and their descriptions.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_authenticationmethodmodedetail"
The following is an example of a request to retrieve the collection of **authent
GET https://graph.microsoft.com/v1.0/identity/conditionalAccess/authenticationStrength/authenticationMethodModes ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ #### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
Content-Type: application/json
#### Request The following is an example of a request to retrieve the flat collection of authenticationCombinations objects, representing all the possible allowed combinations (allowedCombinations) that may be used in an authenticationStrengthPolicy object.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_authenticationcombinations"
The following is an example of a request to retrieve the flat collection of auth
``` http GET https://graph.microsoft.com/v1.0/identity/conditionalAccess/authenticationStrength/combinations ```+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++ #### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authenticationstrengthroot List Policies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthroot-list-policies.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_authenticationstrengthpolicy"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/policies/authenticationStrengthPolicies ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ #### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
Content-Type: application/json
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_authenticationstrengthpolicy_filter_allowedCombinations"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/policies/authenticationStrengthPolicies?$filter=allowedCombinations/any(x:x has 'sms, password') ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ #### Response The following is an example of the response
Content-Type: application/json
} ] }
-```
+```
v1.0 Authenticationstrengthroot Post Policies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationstrengthroot-post-policies.md
If successful, this method returns a `201 Created` response code and an [authent
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_authenticationstrengthpolicy_from_"
Content-length: 239
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ ### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Authorizationpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authorizationpolicy-get.md
Content-type: application/json
"allowedToSignUpEmailBasedSubscriptions": true, "allowedToUseSSPR": true, "allowEmailVerifiedUsersToJoinOrganization": true,
+ "allowUserConsentForRiskyApps": false,
"blockMsolPowerShell": null, "displayName": "Authorization Policy", "description": "Used to manage authorization related settings across the company.",
v1.0 Authorizationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authorizationpolicy-update.md
In the request body, supply the values for relevant fields that should be update
| Property | Type | Description | |:-|:|:|
-|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
-|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowEmailVerifiedUsersToJoinOrganization|Boolean| Indicates whether a user can join the tenant by email validation. |
-|allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. See more on the allowed values in this [table](../resources/authorizationpolicy.md#allowinvitesfrom-values). |
-|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to `true`. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
+|allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. For more details, see [allowInvitesFrom values](../resources/authorizationpolicy.md#allowinvitesfrom-values). |
+|allowUserConsentForRiskyApps|Boolean| Indicates whether [user consent for risky apps](/azure/active-directory/manage-apps/configure-risk-based-step-up-consent) is allowed. Default value is `false`. We recommend that you keep the value set to `false`. |
+|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email-based subscriptions. |
+|allowedToUseSSPR|Boolean| Indicates whether users can use the Self-Serve Password Reset feature on the tenant. |
+|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell, set this property to `true`. This also disables user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure Active Directory Connect or Microsoft Graph. |
|defaultUserRolePermissions|[defaultUserRolePermissions](../resources/defaultuserrolepermissions.md)| Specifies certain customizable permissions for default user role. | |description|String| Description of this policy.| |displayName|String| Display name for this policy. | |guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Currently following roles are supported: User (`a0b1b346-4d3e-4e8b-98f8-753987be4970`), Guest User (`10dae51f-b6af-4016-8d66-8c2a99b929b3`), and Restricted Guest User (`2af84b1e-32c8-42b7-82bc-daa82404023b`). | - ## Response If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
v1.0 B2xidentityuserflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/b2xidentityuserflow-get.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [b2xIdentityUserFlow](../resources/b2xidentityuserflow.md) in the response body.
+If successful, this method returns a `200 OK` response code and a [b2xIdentityUserFlow](../resources/b2xidentityuserflow.md) object in the response body.
## Example
v1.0 B2xidentityuserflow List Identityproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/b2xidentityuserflow-list-identityproviders.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityProviders](../resources/identityprovider.md) in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [identityProvider](../resources/identityprovider.md) objects in the response body.
## Example
v1.0 Browsersitelist Delete Sites https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/browsersitelist-delete-sites.md
DELETE https://graph.microsoft.com/v1.0/admin/edge/internetExplorerMode/siteList
- #### Response The following is an example of the response where the status has changed to `pendingDelete` but the site is still published. You must publish the site to fully remove it from the site list. >**Note:** The response object shown here might be shortened for readability.
v1.0 Browsersitelist Publish https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/browsersitelist-publish.md
Content-Type: application/json
- #### Response The following is an example of the response. The **status** will show `pending` if the request contains sites or shared cookies that you have not published yet. >**Note:** The response object shown here might be shortened for readability.
v1.0 Certificatebasedauthconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/certificatebasedauthconfiguration-delete.md
DELETE https://graph.microsoft.com/v1.0/organization/{id}/certificateBasedAuthCo
[!INCLUDE [sample-code](../includes/snippets/php/delete-certificatebasedauthconfiguration-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Certificatebasedauthconfiguration Post Certificatebasedauthconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/certificatebasedauthconfiguration-post-certificatebasedauthconfiguration.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/create-certificatebasedauthconfiguration-from-certificatebasedauthconfiguration-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Channel List Messages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/channel-list-messages.md
Content-type: application/json
} } ],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616963377068",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616883610266",
Content-type: application/json
"attachments": [], "mentions": [], "reactions": [],
+ "messageHistory": [],
"eventDetail": { "@odata.type": "#microsoft.graph.teamDescriptionUpdatedEventMessageDetail", "teamId": "fbe2bf47-16c8-47cf-b4a5-4b9b187c508b",
Content-type: application/json
} } ],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616963377068",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616883610266",
Content-type: application/json
"attachments": [], "mentions": [], "reactions": [],
+ "messageHistory": [],
"eventDetail": { "@odata.type": "#microsoft.graph.teamDescriptionUpdatedEventMessageDetail", "teamId": "fbe2bf47-16c8-47cf-b4a5-4b9b187c508b",
Content-type: application/json
"attachments": [], "mentions": [], "reactions": [],
+ "messageHistory": [],
"replies@odata.count": 3, "replies@odata.nextLink": "https://graph.microsoft.com/v1.0/teams/fbe2bf47-16c8-47cf-b4a5-4b9b187c508b/channels/19:4a95f7d8db4c4e7fae857bcebe0623e6@thread.tacv2/messages/1616963377068/replies?$skiptoken=MSwwLDE2NDQ0MzkzODAxNDU", "replies": [
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616989750004",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616989747416",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
v1.0 Chat List Messages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-list-messages.md
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1615971548136",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1615943825123",
Content-type: application/json
"attachments": [], "mentions": [], "reactions": [],
+ "messageHistory": [],
"eventDetail": { "@odata.type": "#microsoft.graph.chatRenamedEventMessageDetail", "chatId": "19:2da4c29f6d7041eca70b638b43d45437@thread.v2",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1615971548136",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1615943825123",
Content-type: application/json
"attachments": [], "mentions": [], "reactions": [],
+ "messageHistory": [],
"eventDetail": { "@odata.type": "#microsoft.graph.chatRenamedEventMessageDetail", "chatId": "19:2da4c29f6d7041eca70b638b43d45437@thread.v2",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1615971548136",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1615971548136",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
v1.0 Chat List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-list.md
GET https://graph.microsoft.com/v1.0/chats?$expand=lastMessagePreview
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Chat Post Messages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-post-messages.md
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
v1.0 Chatmessage Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-delta.md
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "@odata.type": "#microsoft.graph.chatMessage",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "@odata.type": "#microsoft.graph.chatMessage",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "@odata.type": "#microsoft.graph.chatMessage",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
v1.0 Chatmessage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-get.md
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
v1.0 Chatmessage List Replies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-list-replies.md
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616989750004",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
}, { "id": "1616989747416",
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ] }
v1.0 Chatmessage Post Replies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-post-replies.md
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
HTTP/1.1 200 OK
"contentType":"html", "content":"Hello World" },
- "attachments":[ ],
- "mentions":[ ],
- "reactions":[ ]
+ "attachments":[],
+ "mentions":[],
+ "reactions":[],
+ "messageHistory": []
} ```
v1.0 Chatmessage Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-post.md
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} } ],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} ], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} ], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} ], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} } ],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} } ],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} } ],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
], "onBehalfOf": null, "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-type: application/json
} ], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
v1.0 Chatmessage Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-update.md
Content-Type: application/json
}, "attachments": [], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-Type: application/json
} } ],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-Type: application/json
} ], "mentions": [],
- "reactions": []
+ "reactions": [],
+ "messageHistory": []
} ```
Content-Type: application/json
} } }
+ ],
+ "messageHistory": [
+ {
+ "modifiedDateTime": "2018-10-21T08:10:30.489Z",
+ "actions": "reactionAdded",
+ "reaction": {
+ "reactionType": "angry",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "f1b66449-b46d-49b0-9c3c-53c10a5c818e",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ },
+ {
+ "modifiedDateTime": "2018-10-21T08:10:32.489Z",
+ "actions": "reactionAdded",
+ "reaction": {
+ "reactionType": "laugh",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "03a02232-d8f5-4970-a77e-6e8c76ce7a4e",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ },
+ {
+ "modifiedDateTime": "2018-10-21T02:17:14.67Z",
+ "actions": "reactionAdded",
+ "reaction": {
+ "reactionType": "like",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "f1b66449-b46d-49b0-9c3c-53c10a5c818e",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ },
+ {
+ "modifiedDateTime": "2018-10-21T02:34:40.3Z",
+ "actions": "reactionAdded",
+ "reaction": {
+ "reactionType": "like",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "4c9041b7-449a-40f7-8855-56da239b9fd1",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ },
+ {
+ "modifiedDateTime": "2018-10-21T08:10:25.489Z",
+ "actions": "reactionAdded",
+ "reaction": {
+ "reactionType": "like",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "03a02232-d8f5-4970-a77e-6e8c76ce7a4e",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ },
+ {
+ "modifiedDateTime": "2018-10-21T08:10:31.489Z",
+ "actions": "reactionAdded",
+ "reaction": {
+ "reactionType": "heart",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "03a02232-d8f5-4970-a77e-6e8c76ce7a4e",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ },
+ {
+ "modifiedDateTime": "2018-10-21T08:10:33.489Z",
+ "actions": "reactionAdded",
+ "reaction": {
+ "reactionType": "sad",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "03a02232-d8f5-4970-a77e-6e8c76ce7a4e",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ },
+ {
+ "modifiedDateTime": "2018-10-21T08:10:34.489Z",
+ "actions": "surprised",
+ "reaction": {
+ "reactionType": "sad",
+ "user": {
+ "application": null,
+ "device": null,
+ "user": {
+ "id": "03a02232-d8f5-4970-a77e-6e8c76ce7a4e",
+ "displayName": null,
+ "userIdentityType": "aadUser"
+ }
+ }
+ }
+ }
] } ```
v1.0 Checklistitem Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/checklistitem-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-checklistitem-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Claimsmappingpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/claimsmappingpolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/v1.0/policies/claimsMappingPolicies/{id}/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/policies/claimsMappingPolicies/{id}/applies
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-1-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Conditionalaccesspolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/conditionalaccesspolicy-delete.md
Delete a [conditionalAccessPolicy](../resources/conditionalaccesspolicy.md) obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Conditionalaccesspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/conditionalaccesspolicy-update.md
Update the properties of a [conditionalAccessPolicy](../resources/conditionalacc
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ConditionalAccess and Application.Read.All |
v1.0 Conditionalaccessroot List Namedlocations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/conditionalaccessroot-list-namedlocations.md
GET https://graph.microsoft.com/v1.0/identity/conditionalAccess/namedLocations?$
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Conditionalaccessroot Post Namedlocations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/conditionalaccessroot-post-namedlocations.md
Create a new [namedLocation](../resources/namedlocation.md) object. Named locati
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Conditionalaccessroot Post Policies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/conditionalaccessroot-post-policies.md
Create a new [conditionalAccessPolicy](../resources/conditionalaccesspolicy.md).
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ConditionalAccess and Application.Read.All |
v1.0 Contactfolder List Contacts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/contactfolder-list-contacts.md
GET https://graph.microsoft.com/v1.0/me/contactFolders/{id}/contacts
[!INCLUDE [sample-code](../includes/snippets/php/contactfolder-get-contacts-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ##### Response
v1.0 Countrynamedlocation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/countrynamedlocation-delete.md
Delete a [countryNamedLocation](../resources/countryNamedLocation.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Countrynamedlocation Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/countrynamedlocation-update.md
Update the properties of a [countryNamedLocation](../resources/countryNamedLocat
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Crosstenantaccesspolicy List Partners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicy-list-partners.md
doc_type: apiPageType
Namespace: microsoft.graph
-Get a list of all partner configurations within a cross-tenant access policy.
+Get a list of all partner configurations within a cross-tenant access policy. You can also use the `$expand` parameter to list the user synchronization policy for all partner configurations.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess| ## HTTP request
One of the following permissions is required to call this API. To learn more, in
GET /policies/crossTenantAccessPolicy/partners ```
+## Optional query parameters
+
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+ ## Request headers |Name|Description|
If successful, this method returns a `200 OK` response code and a collection of
## Examples
-### Request
+### Example 1: List all partner configurations within a cross-tenant access policy
+
+The following example shows how to list all partner configurations within a cross-tenant access policy.
+
+#### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners
-### Response
+#### Response
+
+The following is an example of the response.
>**Note:** The response object shown here might be shortened for readability. <!-- {
Content-Type: application/json
{ "tenantId": "123f4846-ba00-4fd7-ba43-dac1f8f63013", "inboundTrust": null,
+ "automaticUserConsentSettings": {
+ "inboundAllowed": null,
+ "outboundAllowed": null
+ },
"b2bCollaborationInbound": null, "b2bCollaborationOutbound": null, "b2bDirectConnectOutbound": null,
- "b2bDirectConnectInbound":
- {
- "usersAndGroups":
- {
+ "b2bDirectConnectInbound": {
+ "usersAndGroups": {
"accessType": "allowed", "targets": [ {
Content-Type: application/json
} ] },
- "applications":
- {
+ "applications": {
"accessType": "allowed", "targets": [ {
Content-Type: application/json
] } ```+
+### Example 2: List the user synchronization policy for all partner configurations
+
+The following example uses the `$expand` parameter to list the user synchronization policy for all partner configurations.
+
+#### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_crosstenantidentitysyncpolicypartner"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners?$select=tenantId&$expand=identitySynchronization
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.crossTenantIdentitySyncPolicyPartner)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "tenantId": "9c5d131d-b1c3-4fc4-9e3f-c6557947d551",
+ "identitySynchronization": {
+ "tenantId": "9c5d131d-b1c3-4fc4-9e3f-c6557947d551",
+ "displayName": "Fabrikam",
+ "userSyncInbound": {
+ "isSyncAllowed": true
+ }
+ }
+ }
+ ]
+}
+```
v1.0 Crosstenantaccesspolicy Post Partners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicy-post-partners.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.ReadWrite.CrossTenantAccess| ## HTTP request
The following table shows the properties that are required when you create the [
|Property|Type|Description| |:|:|:|
+| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the partner-specific configuration for automatic user consent settings. Unless specifically configured, the **inboundAllowed** and **outboundAllowed** properties are `null` and inherit from the default settings, which is always `false`. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B direct connect. | | b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B direct connect. | | inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the partner-specific configuration for trusting other Conditional Access claims from external Azure AD organizations. |
-| tenantId | String | The tenant identifier for the partner Azure Active Directory (Azure AD) organization. |
+| isServiceProvider | Boolean | Identifies whether the partner-specific configuration is a cloud service provider for your organization. |
+| tenantId | String | The tenant identifier for the partner Azure AD organization. Read-only. Key.|
## Response
v1.0 Crosstenantaccesspolicyconfigurationdefault Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicyconfigurationdefault-get.md
If successful, this method returns a `200 OK` response code and a [crossTenantAc
### Request - # [HTTP](#tab/http) <!-- { "blockType": "request",
Content-Type: application/json
"isCompliantDeviceAccepted": false, "isHybridAzureADJoinedDeviceAccepted": false, },
+ "automaticUserConsentSettings":
+ {
+ "inboundAllowed": false,
+ "outboundAllowed": false
+ },
"b2bCollaborationOutbound": { "usersAndGroups":
v1.0 Crosstenantaccesspolicyconfigurationdefault Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicyconfigurationdefault-update.md
PATCH /policies/crossTenantAccessPolicy/default
|Property|Type|Description| |:|:|:|
-| inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the default configuration for trusting other Conditional Access claims from external Azure AD organizations. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users from other organizations accessing your resources via Azure AD B2B direct connect. | | b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B direct connect. |
+| inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the default configuration for trusting other Conditional Access claims from external Azure AD organizations. |
## Response
v1.0 Crosstenantaccesspolicyconfigurationpartner Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicyconfigurationpartner-delete.md
doc_type: apiPageType
Namespace: microsoft.graph
-Delete a [partner-specific configuration](../resources/crosstenantaccesspolicyconfigurationpartner.md) in a cross-tenant access policy.
+Delete a [partner-specific configuration](../resources/crosstenantaccesspolicyconfigurationpartner.md) in a cross-tenant access policy. If a configuration includes a [user synchronization policy](../resources/crosstenantidentitysyncpolicypartner.md), you must first [delete the user synchronization policy](./crosstenantidentitysyncpolicypartner-delete.md) before you can delete the partner-specific configuration.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:| |Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
-|Delegated (personal Microsoft account)|Not applicable|
+|Delegated (personal Microsoft account)|Not supported.|
|Application|Policy.ReadWrite.CrossTenantAccess| ## HTTP request
If successful, this method returns a `204 No Content` response code.
### Request
+The following is an example of a request. If a configuration includes a [user synchronization policy](../resources/crosstenantidentitysyncpolicypartner.md), you must first [delete the user synchronization policy](./crosstenantidentitysyncpolicypartner-delete.md) before you can delete the partner-specific configuration.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partner
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
v1.0 Crosstenantaccesspolicyconfigurationpartner Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicyconfigurationpartner-get.md
If successful, this method returns a `200 OK` response code and a [crossTenantAc
### Request - # [HTTP](#tab/http) <!-- { "blockType": "request",
Content-Type: application/json
{ "tenantId": "9c5d131d-b1c3-4fc4-9e3f-c6557947d551", "inboundTrust": null,
+ "automaticUserConsentSettings":
+ {
+ "inboundAllowed": null,
+ "outboundAllowed": null
+ },
"b2bCollaborationInbound": null, "b2bCollaborationOutbound": null, "b2bDirectConnectOutbound": null,
v1.0 Crosstenantaccesspolicyconfigurationpartner Put Identitysynchronization https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicyconfigurationpartner-put-identitysynchronization.md
+
+ Title: "Create identitySynchronization"
+description: "Create a cross-tenant user synchronization policy for a partner-specific configuration."
+
+ms.localizationpriority: medium
++
+# Create identitySynchronization
+
+Namespace: microsoft.graph
+
+Create a cross-tenant user synchronization policy for a partner-specific configuration.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.CrossTenantAccess|
+
+The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
+
+* Security Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PUT /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+In the request body, supply a JSON representation of the [crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md) object.
+
+You can specify the following properties when you create a **crossTenantIdentitySyncPolicyPartner**.
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Display name for the cross-tenant user synchronization policy. Use the name of the partner Azure Active Directory tenant to easily identify the policy. Optional.|
+|userSyncInbound|[crossTenantUserSyncInbound](../resources/crosstenantusersyncinbound.md)|Determines whether users are synchronized from the partner tenant.|
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_crosstenantidentitysyncpolicypartner_from_"
+}
+-->
+``` http
+PUT https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners/90e29127-71ad-49c7-9ce8-db3f41ea06f1/identitySynchronization
+Content-Type: application/json
+
+{
+ "displayName": "Fabrikam",
+ "userSyncInbound": {
+ "isSyncAllowed": true
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Crosstenantaccesspolicyconfigurationpartner Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantaccesspolicyconfigurationpartner-update.md
PATCH /policies/crossTenantAccessPolicy/partners/{id}
|Property|Type|Description| |:|:|:|
+| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the partner-specific configuration for automatic user consent settings. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B direct connect. |
If successful, this method returns a `204 No Content` response code.
## Examples
-### Request
+### Example 1: Configure inbound trust settings
+The following example configures the partner-specific policy by setting the inbound trust settings to accept MFA, compliant, and Hybrid Azure AD Joined devices from the partner tenant.
+
+#### Request
+
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
PATCH https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners
Content-Type: application/json {
- "inboundTrust":
- {
+ "inboundTrust": {
"isMfaAccepted": true, "isCompliantDeviceAccepted": true,
- "isHybridAzureADJoinedDeviceAccepted" : true
+ "isHybridAzureADJoinedDeviceAccepted": true
} } ```
Content-Type: application/json
-### Response
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+
+``` http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Configure automaticUserConsent settings
+
+The following example configures the partner-specific policy by consenting for B2B collaboration on behalf of your users and accepting admin consent for the users of the partner.
+
+#### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_crosstenantaccesspolicyconfigurationpartner_automaticuserconsentsettings"
+}
+-->
+
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners/90e29127-71ad-49c7-9ce8-db3f41ea06f1
+Content-Type: application/json
+
+{
+ "automaticUserConsentSettings": {
+ "inboundAllowed": true,
+ "outboundAllowed": true
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+
+The following is an example of the response.
<!-- { "blockType": "response",
v1.0 Crosstenantidentitysyncpolicypartner Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantidentitysyncpolicypartner-delete.md
+
+ Title: "Delete crossTenantIdentitySyncPolicyPartner"
+description: "Delete the user synchronization policy for a partner-specific configuration."
+
+ms.localizationpriority: medium
++
+# Delete crossTenantIdentitySyncPolicyPartner
+
+Namespace: microsoft.graph
+
+Delete the user synchronization policy for a partner-specific configuration.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.CrossTenantAccess|
+
+The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
+
+* Security Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_crosstenantidentitysyncpolicypartner"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners/9c5d131d-b1c3-4fc4-9e3f-c6557947d551/identitySynchronization
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Crosstenantidentitysyncpolicypartner Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantidentitysyncpolicypartner-get.md
+
+ Title: "Get crossTenantIdentitySyncPolicyPartner"
+description: "Get the user synchronization policy of a partner-specific configuration."
+
+ms.localizationpriority: medium
++
+# Get crossTenantIdentitySyncPolicyPartner
+
+Namespace: microsoft.graph
+
+Get the user synchronization policy of a partner-specific configuration.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.Read.All, Policy.ReadWrite.CrossTenantAccess|
+
+The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
+
+* Security Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization
+```
+
+## Optional query parameters
+
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_crosstenantidentitysyncpolicypartner"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners/9c5d131d-b1c3-4fc4-9e3f-c6557947d551/identitySynchronization
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.crossTenantIdentitySyncPolicyPartner"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "tenantId": "9c5d131d-b1c3-4fc4-9e3f-c6557947d551",
+ "displayName": "Fabrikam",
+ "userSyncInbound": {
+ "isSyncAllowed": true
+ }
+}
+```
v1.0 Crosstenantidentitysyncpolicypartner Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/crosstenantidentitysyncpolicypartner-update.md
+
+ Title: "Update crossTenantIdentitySyncPolicyPartner"
+description: "Update the user synchronization policy of a partner-specific configuration."
+
+ms.localizationpriority: medium
++
+# Update crossTenantIdentitySyncPolicyPartner
+
+Namespace: microsoft.graph
+
+Update the user synchronization policy of a partner-specific configuration.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.CrossTenantAccess|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.CrossTenantAccess|
+
+The signed-in user must also be assigned the following minimum [directory role](/azure/active-directory/roles/permissions-reference):
+
+* Security Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /policies/crossTenantAccessPolicy/partners/{id}/identitySynchronization
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Display name for the cross-tenant user synchronization policy. Generally, this should be the tenant name of the partner Azure Active Directory organization. Optional.|
+|userSyncInbound|[crossTenantUserSyncInbound](../resources/crosstenantusersyncinbound.md)|Determines whether users can be synchronized from the partner tenant. `false` causes any current user synchronization from the source tenant to the target tenant to stop. This property has no impact on existing users who have already been synchronized.|
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_crosstenantidentitysyncpolicypartner"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/partners/90e29127-71ad-49c7-9ce8-db3f41ea06f1/identitySynchronization
+Content-Type: application/json
+
+{
+ "userSyncInbound": {
+ "isSyncAllowed": true
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
v1.0 Directory Deleteditems Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-deleteditems-get.md
The following table shows the least privileged permission or permissions require
## HTTP request <!-- { "blockType": "ignored" } --> ```http
-GET /directory/deletedItems/{id}
+GET /directory/deletedItems/{object-id}
``` ## Optional query parameters
v1.0 Directoryaudit Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryaudit-get.md
Get a specific Azure Active Directory audit log item. This includes an audit log
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Directoryaudit List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryaudit-list.md
Get the list of audit logs generated by Azure Active Directory (Azure AD). This
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | : | | Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Directoryobject Checkmembergroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-checkmembergroups.md
You can check up to a maximum of 20 groups per request. This function supports a
### Group memberships for a directory object
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.ReadBasic.All and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read.All and Group.Read.All, Directory.Read.All |
You can check up to a maximum of 20 groups per request. This function supports a
### Group memberships for a user
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.ReadBasic.All and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read.All and Group.Read.All, Directory.Read.All |
You can check up to a maximum of 20 groups per request. This function supports a
### Group memberships for a group
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | : | | Delegated (work or school account) | GroupMember.Read.All, Group.Read.All, Directory.Read.All, Group.ReadWrite.All, Directory.ReadWrite.All |
You can check up to a maximum of 20 groups per request. This function supports a
### Group memberships for a service principal
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.Read.All, Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All |
You can check up to a maximum of 20 groups per request. This function supports a
### Group memberships for an organizational contact
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All |
You can check up to a maximum of 20 groups per request. This function supports a
### Group memberships for a device
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Device.Read.All, Directory.Read.All, Directory.ReadWrite.All |
v1.0 Directoryobject Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-delete.md
Title: "Delete directoryObject"
-description: "Deletes a directoryObject."
+description: "Delete a directory object, for example, a group, user, application, or service principal."
ms.localizationpriority: medium ms.prod: "directory-management"
The following table shows the least privileged permission or permissions require
<!-- { "blockType": "ignored" } --> ```http DELETE /directoryObjects/{id}- ``` ## Request headers
Do not supply a request body for this method.
## Response
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Example ### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/v1.0/directoryObjects/ffab4dce-9b82-49a6-b7c7
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "truncated": true
HTTP/1.1 204 No Content
"suppressions": [ ] }-->-
v1.0 Directoryobject Getavailableextensionproperties https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-getavailableextensionproperties.md
POST https://graph.microsoft.com/v1.0/directoryObjects/getAvailableExtensionProp
[!INCLUDE [sample-code](../includes/snippets/php/directoryobject-getavailableextensionproperties-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Directoryobject Getmembergroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-getmembergroups.md
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a directory object
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.ReadBasic.All and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read.All and Group.Read.All, Directory.Read.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a user
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.ReadBasic.All and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read.All and Group.Read.All, Directory.Read.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a group
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | | :- | : | | Delegated (work or school account) | GroupMember.Read.All, Group.Read.All, Directory.Read.All, Group.ReadWrite.All, Directory.ReadWrite.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a service principal
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.Read.All, Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for an organizational contact
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All |
One of the following permissions is required to call this API. To learn more, in
### Group memberships for a device
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Device.Read.All, Directory.Read.All, Directory.ReadWrite.All |
v1.0 Domain Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/domain-update.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-domain-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ##### Response
v1.0 Drive List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/drive-list.md
To list the document libraries for a group, your app requests the **drives** rel
<!-- {"blockType": "ignored" } --> ```http
-GET https://graph.microsoft.com/v1.0/groups/{groupId}/drives
+GET /groups/{groupId}/drives
``` ### List a site's drives
GET /sites/{siteId}/drives
<!-- {"blockType": "ignored" } --> ```http
-GET https://graph.microsoft.com/v1.0/users/{userId}/drives
+GET /users/{userId}/drives
``` ### List the current user's drives
v1.0 Drive Sharedwithme https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/drive-sharedwithme.md
- Previously updated : 09/10/2017 Title: List Files Shared With Me+
+description: "Get a list of driveItem objects shared with the owner of a drive."
+ Title: "drive: sharedWithMe"
+ms.localizationpriority: medium
ms.prod: "sharepoint"
-description: "Retrieve a collection of DriveItem resources that have been shared with the owner of the Drive."
doc_type: apiPageType
-# List items shared with the signed-in user
+
+# drive: sharedWithMe
Namespace: microsoft.graph
-Retrieve a collection of [DriveItem](../resources/driveitem.md) resources that have been shared with the owner of the [Drive](../resources/drive.md).
+Get a list of [driveItem](../resources/driveitem.md) objects shared with the owner of a [drive](../resources/drive.md).
+
+The **driveItems** returned from the **sharedWithMe** method always include the [**remoteItem**](../resources/remoteitem.md) facet that indicates they are items from a different drive.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
-|Delegated (personal Microsoft account) | Files.Read.All, Files.ReadWrite.All |
-|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
+| Permission type | Permissions (from least to most privileged) |
+|:|:-|
+| Delegated (work or school account) | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
+| Delegated (personal Microsoft account) | Files.Read.All, Files.ReadWrite.All |
+| Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
-**Note:** while the /sharedWithMe request will succeed with Files.Read or Files.ReadWrite permissions, some properties may be missing.
-Additionally, without one of the **All** permissions, shared items returned from this API will not be accessible.
+> **Note:**
+>
+> * A `/sharedWithMe` request succeeds with `Files.Read` or `Files.ReadWrite` permissions; however, some properties might be missing.
+> * You can't access shared items returned from this API if the request doesn't contain one of the `*.All` permissions.
## HTTP request
-<!-- { "blockType": "ignored" } -->
-
-```http
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
GET /me/drive/sharedWithMe ```
+## Request headers
+
+| Name | Description |
+|:--|:--|
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+ ## Response
-If successful, this method returns a collection of [DriveItem](../resources/driveitem.md) resources which contain the DriveItem resources shared with the owner of the drive.
+If successful, this method returns a `200 OK` response code and a collection of [driveItem](../resources/driveitem.md) objects in the response body.
+
+By default, this method returns items shared within your own tenant. To include items shared from external tenants, append `?allowexternal=true` to a GET request.
## Examples
-### Request
+### Example 1: Get driveItems shared with me
-# [HTTP](#tab/http)
-<!-- { "blockType": "request", "name": "shared-with-me" } -->
+The following example gets a collection of [driveItem](../resources/driveitem.md) resources that are shared with the owner of the drive.
+
+#### Request
+
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_driveItems_shared_with_me"
+}
+-->
```msgraph-interactive
-GET /me/drive/sharedWithMe
+GET https://graph.microsoft.com/v1.0/me/drive/sharedWithMe
```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript)+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-## Response
+#### Response
-In this example, since the drive is the user's default drive, this returns items shared with the signed in user.
+The following is an example of the response that returns items shared with the signed-in user, because the drive is the user's default drive.
-<!-- {"blockType": "response", "@odata.type": "Collection(microsoft.graph.driveItem)", "truncated": true} -->
+<!-- {
+ "blockType": "response",
+ "@odata.type": "Collection(microsoft.graph.driveItem)",
+ "truncated": true
+}
+-->
```http HTTP/1.1 200 OK
Content-Type: application/json
"id": "1991210caf!104" } }
+ },
+ {
+ "id": "1312ghi",
+ "remoteItem": {
+ "id": "987def!654",
+ "name": "January Service Review.pptx",
+ "file": { },
+ "size": 145362,
+ "parentReference": {
+ "driveId": "987def",
+ "id": "987def!321"
+ }
+ }
} ] } ```
-## Remarks
+### Example 2: Get metadata about a shared driveItem object
-DriveItems returned from the **sharedWithMe** action will always include the [**remoteItem**](../resources/remoteitem.md) facet which indicates they are items from a different drive.
-To access the shared DriveItem resource, you will need to make a request using the information provided in **remoteItem** in the following format:
+The following example shows how to access metadata about the shared **driveItem** with the name `January Service Review.pptx` that requires a request using the **driveId** of the **parentReference** within the **remoteItem** object.
-<!-- { "blockType": "ignored", "name": "drives-get-remoteitem" } -->
+#### Request
-```http
-GET /drives/{remoteItem-driveId}/items/{remoteItem-id}
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "drives-get-remoteitem-metadata",
+ "sampleKeys": ["987def", "987def!654"]
+}
+-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/drives/987def/items/987def!654
```
-By default, **sharedWithMe** return items shared within your own tenant. To include items shared from external tenants, append `?allowexternal=true` to the GET request.
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+# [Java](#tab/java)
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++
+#### Response
+
+The following is an example of the response.
<!-- {
+ "blockType": "response",
+ "@odata.type": "microsoft.graph.driveItem",
+ "truncated": true
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "987def!654",
+ "name": "January Service Review.pptx",
+ "file": { },
+ "size": 145362,
+ "parentReference": {
+ "driveId": "987def",
+ "id": "987def!321"
+ }
+}
+```
+
+<!--
+{
"type": "#page.annotation", "description": "List the items shared with the owner of a drive.", "keywords": "drive,onedrive.drive,default drive",
By default, **sharedWithMe** return items shared within your own tenant. To incl
"tocPath": "Sharing/Shared with me", "suppressions": [ ]
-} -->
+}
+-->
v1.0 Driveitem Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitem-delta.md
GET /me/drive/root/delta?token=2021-09-29T20%3A00%3A00Z
- #### Response <!-- { "blockType": "response", "truncated": true, "@odata.type": "Collection(microsoft.graph.driveItem)", "scope": "file.read" } -->
v1.0 Driveitem List Children https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitem-list-children.md
GET /me/drive/root/children
- ### List children of a DriveItem with a known ID To retrieve files in the root of the drive, use the `root` relationship on the drive, then access the children relationship.
v1.0 Driveitemversion Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitemversion-get.md
GET /me/drive/items/{item-id}/versions/current
- #### Response This returns a version:
v1.0 Educationassignment Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/educationassignment-delta.md
GET /education/classes/72a7baec-c3e9-4213-a850-f62de0adad5f/assignments/delta?$s
- #### Response The following is an example of the response.
v1.0 Educationuser Get User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/educationuser-get-user.md
Retrieve the simple directory **user** that corresponds to this **educationUser*
## Permissions A combination of permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | One from EduRoster.ReadBasic, EduRoster.Read, EduRoster.Write plus either Directory.Read.All or User.Read|
v1.0 Employeeexperience List Learningproviders https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/employeeexperience-list-learningproviders.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|LearningProvider.Read|
+|Delegated (work or school account)|LearningProvider.Read, LearningProvider.ReadWrite|
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
v1.0 Entitlementmanagement Post Assignmentrequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/entitlementmanagement-post-assignmentrequests.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Externalconnectors Externalitem Addactivities https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalitem-addactivities.md
+
+ Title: "externalItem: addActivities"
+description: "Append additional instances of externalActivity on an externalitem."
+
+ms.localizationpriority: medium
++
+# externalItem: addActivities
+
+Namespace: microsoft.graph.externalConnectors
+
+Append additional instances of [externalActivity](../resources/externalconnectors-externalactivity.md) objects on an [externalItem](../resources/externalconnectors-externalitem.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | ExternalItem.ReadWrite.OwnedBy, ExternalItem.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /connections/{connectionsId}/items/{externalItemId}/addActivities
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+In the request body, supply a JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|activities|[microsoft.graph.externalConnectors.externalActivity](../resources/externalconnectors-externalactivity.md) collection|Collection of activities that involve an **externalItem**.|
+
+## Response
+
+If successful, this action returns a `200 OK` response code and a collection of [microsoft.graph.externalConnectors.externalActivityResult](../resources/externalconnectors-externalactivityresult.md) objects in the response body.
+
+A `207 Multi-Status` response code indicates that only some of the added **externalActivity** instances were successfully processed. The caller should inspect the response payload, looking at the error field for each **externalActivityResult** to determine why the **externalActivity** instance was not processed and what action can be taken. A `null` **error** property indicates a successful **externalActivityResult**.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "externalitemthis.addactivities",
+ "sampleKeys": ["contosohr", "TSP228082938"]
+}
+-->
+``` http
+POST https://graph.microsoft.com/v1.0/connections/contosohr/items/TSP228082938/addActivities
+Content-Type: application/json
+Content-length: 190
+
+{
+ "activities": [
+ {
+ "@odata.type": "#microsoft.graph.externalConnectors.externalActivity",
+ "type": "created",
+ "startDateTime": "2021-04-06T18:04:31.033Z",
+ "performedBy": {
+ "type": "user",
+ "id": "1f0c997e-99f7-43f1-8cca-086f8d42be8d"
+ }
+ }
+ ]
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following example shows the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.externalConnectors.externalActivityResult)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.externalConnectors.externalActivityResult",
+ "type": "created",
+ "startDateTime": "2021-04-06T18:04:31.033Z",
+ "error": null
+ }
+ ]
+}
+```
v1.0 Group List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-list-members.md
Content-type: application/json
The following is an example of the request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_count_only"
GET https://graph.microsoft.com/v1.0/groups/02bd9fd6-8f93-4758-87c3-1fb73740a315
ConsistencyLevel: eventual ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ #### Response The following is an example of the response.
Content-type: text/plain
The following is an example of the request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_count_user_only" }-->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/v1.0/groups/{id}/members/microsoft.graph.user/$count ConsistencyLevel: eventual ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
+++ #### Response The following is an example of the response.
v1.0 Group List Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-list-settings.md
GET https://graph.microsoft.com/v1.0/groupSettings
[!INCLUDE [sample-code](../includes/snippets/php/get-groupsettings-tenant-level-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
GET https://graph.microsoft.com/v1.0/groups/05aa6a98-956a-45c0-b13b-88076a23f2cd
[!INCLUDE [sample-code](../includes/snippets/php/get-groupsettings-for-a-group-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Group Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-post-members.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Group Post Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-post-settings.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/create-groupsetting-from-groupsettings-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/create-groupsetting-from-groupsettings-for-guests-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ In the request body, supply a JSON representation of [groupSetting](../resources/groupsetting.md) object.
v1.0 Groupsetting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsetting-get.md
GET https://graph.microsoft.com/v1.0/groups/05aa6a98-956a-45c0-b13b-88076a23f2cd
[!INCLUDE [sample-code](../includes/snippets/php/get-groupsettings-specific-group-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
GET https://graph.microsoft.com/v1.0/groupSettings/84af2ca5-c274-41bf-86e4-6e374
[!INCLUDE [sample-code](../includes/snippets/php/get-groupsettings-tenantwide-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Groupsetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsetting-update.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-tenant-groupsetting-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-groupsetting-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Groupsettingtemplate Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsettingtemplate-get.md
GET https://graph.microsoft.com/v1.0/groupSettingTemplates/08d542b9-071f-4e16-94
[!INCLUDE [sample-code](../includes/snippets/php/get-groupsettingtemplate-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Groupsettingtemplate List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsettingtemplate-list.md
GET https://graph.microsoft.com/v1.0/groupSettingTemplates
[!INCLUDE [sample-code](../includes/snippets/php/get-groupsettingtemplates-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ##### Response
v1.0 Homerealmdiscoverypolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/homerealmdiscoverypolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/v1.0/policies/homeRealmDiscoveryPolicies/6c6f154f-cb39-4ff9-bf5b-62d5ad585cde/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/policies/homeRealmDiscoveryPolicies/6c6f154
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-2-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Identityprovider Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/identityprovider-get.md
Do not supply a request body for this method.
## Response
-If successful, this method returns `200 OK` response code and a JSON representation of the [identityProvider](../resources/identityprovider.md) in the response body.
+If successful, this method returns `200 OK` response code and a [identityProvider](../resources/identityprovider.md) object in the response body.
## Example
v1.0 Identitysecuritydefaultsenforcementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/identitysecuritydefaultsenforcementpolicy-update.md
Update the properties of an [identitySecurityDefaultsEnforcementPolicy](../resou
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Identityuserflowattribute Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/identityuserflowattribute-get.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a JSON representation of the [identityUserFlowAttribute](../resources/identityuserflowattribute.md) in the response body.
+If successful, this method returns a `200 OK` response code and a [identityUserFlowAttribute](../resources/identityuserflowattribute.md) object in the response body.
## Examples
v1.0 Ipnamedlocation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/ipnamedlocation-delete.md
Delete an [ipNamedLocation](../resources/ipNamedLocation.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Ipnamedlocation Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/ipnamedlocation-update.md
Update the properties of an [ipNamedLocation](../resources/ipNamedLocation.md) o
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Learningcontent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/learningcontent-get.md
One of the following permissions is required to call this API. To learn more, in
|:|:| |Delegated (work or school account)|Not supported.| |Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningContent.Read.All|
+|Application|LearningContent.Read.All, LearningContent.ReadWrite.All|
## HTTP request
v1.0 Learningprovider Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/learningprovider-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|LearningProvider.Read|
+|Delegated (work or school account)|LearningProvider.Read, LearningProvider.ReadWrite|
|Delegated (personal Microsoft account)|Not supported.| |Application|Not supported.|
v1.0 Learningprovider List Learningcontents https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/learningprovider-list-learningcontents.md
One of the following permissions is required to call this API. To learn more, in
|:|:| |Delegated (work or school account)|Not supported.| |Delegated (personal Microsoft account)|Not supported.|
-|Application|LearningContent.Read.All|
+|Application|LearningContent.Read.All, LearningContent.ReadWrite.All|
## HTTP request
v1.0 Namedlocation Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/namedlocation-delete.md
Delete a [namedLocation](../resources/namedlocation.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Policy.ReadWrite.ConditionalAccess |
v1.0 Onenote Post Notebooks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/onenote-post-notebooks.md
One of the following permissions is required to call this API. To learn more, in
|Application | Notes.ReadWrite.All | ## HTTP request+ <!-- { "blockType": "ignored" } --> ```http POST /me/onenote/notebooks
POST /groups/{id}/onenote/notebooks
POST /sites/{id}/onenote/notebooks ``` ## Request headers+ | Name | Type | Description| |:|:--|:-| | Authorization | string | Bearer {token}. Required. | | Content-Type | string | `application/json` | ## Request body+ In the request body, supply a name for the notebook. Notebook names must be unique. The name cannot contain more than 128 characters or contain the following characters: ?*\/:<>|'"
Notebook names must be unique. The name cannot contain more than 128 characters
If successful, this method returns a `201 Created` response code and the new [notebook](../resources/notebook.md) object in the response body. ## Example+ ### Request
-Here is an example of the request.
+
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
Content-type: application/json
### Response
-Here is an example of the response. Note: The response object shown here is truncated for brevity. All of the properties will be returned from an actual call.
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
"suppressions": [ ] }-->-
v1.0 Onlinemeeting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/onlinemeeting-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:|
-| Delegated (work or school account) | OnlineMeetingArtifact.Read.All, OnlineMeetings.Read, OnlineMeetings.ReadWrite |
+| Delegated (work or school account) | OnlineMeetings.Read, OnlineMeetings.ReadWrite |
| Delegated (personal Microsoft account) | Not Supported. |
-| Application | OnlineMeetingArtifact.Read.All, OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
+| Application | OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
To use application permission for this API, tenant administrators must create an [application access policy](/graph/cloud-communication-online-meeting-application-access-policy) and grant it to a user to authorize the app configured in the policy to fetch online meetings and/or online meeting artifacts on behalf of that user (with user ID specified in the request path).
v1.0 Orgcontact Get Manager https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/orgcontact-get-manager.md
Get this organizational contact's manager.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | OrgContact.Read.All and Group.Read.All, Directory.Read.All |
v1.0 Orgcontact List Directreports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/orgcontact-list-directreports.md
Get the direct reports for this [organizational contact](../resources/orgcontact
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | OrgContact.Read.All and Group.Read.All, Directory.Read.All |
v1.0 Orgcontact List Memberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/orgcontact-list-memberof.md
List the groups that this [organizational contact](../resources/orgcontact.md) i
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | OrgContact.Read.All and Group.Read.All, Directory.Read.All |
v1.0 Orgcontact List Transitivememberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/orgcontact-list-transitivememberof.md
Get groups that this [organizational contact](../resources/orgcontact.md) is a m
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | OrgContact.Read.All and Group.Read.All, Directory.Read.All |
v1.0 Planner List Plans https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/planner-list-plans.md
Title: "List plans"
-description: "Retrieve a list of **plannerplan** objects."
+description: "Get a list of plannerPlan objects."
ms.localizationpriority: medium ms.prod: "planner"
doc_type: apiPageType
Namespace: microsoft.graph
-Retrieve a list of **plannerplan** objects.
+Get a list of [plannerPlan](../resources/plannerplan.md) objects.
+ ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type | Permissions (from least to most privileged) |
One of the following permissions is required to call this API. To learn more, in
|Application | Tasks.Read.All, Tasks.ReadWrite.All | ## HTTP request+ <!-- { "blockType": "ignored" } --> ```http GET /planner/plans ```+ ## Optional query parameters+ This method requires owner [filter](/graph/query-parameters) to be specified. ## Request headers+ | Name |Description| |:-|:-| | Authorization | Bearer {token}. Required. | ## Request body+ Do not supply a request body for this method. ## Response
If successful, this method returns a `200 OK` response code and collection of [p
This method can return any of the [HTTP status codes](/graph/errors). The most common errors that apps should handle for this method are the 403 and 404 responses. For more information about these errors, see [Common Planner error conditions](../resources/planner-overview.md#common-planner-error-conditions). ## Example
-##### Request
-Here is an example of the request.
+
+### Request
+
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/v1.0/planner/plans
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
v1.0 Plannerplandetails Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/plannerplandetails-update.md
If-Match: W/"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBAWCc="
[!INCLUDE [sample-code](../includes/snippets/php/update-plannerplandetails-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ##### Response
v1.0 Print List Shares https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/print-list-shares.md
GET https://graph.microsoft.com/v1.0/print/shares
[!INCLUDE [sample-code](../includes/snippets/php/list-printershare-1-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Printdocument Createuploadsession https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printdocument-createuploadsession.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/printdocument-createuploadsession-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printdocument Get File https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printdocument-get-file.md
The following example shows how to call this API to acquire a pre-authenticated
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId}/documents/{printDocumentId}/$value ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId
[!INCLUDE [sample-code](../includes/snippets/javascript/get-document-value-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printer List Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printer-list-jobs.md
If successful, this method returns a `200 OK` response code and a collection of
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs
[!INCLUDE [sample-code](../includes/snippets/javascript/list-printjob-1-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printer Post Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printer-post-jobs.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/create-printjob-from--1-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printershare List Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printershare-list-jobs.md
If successful, this method returns a `200 OK` response code and a collection of
GET https://graph.microsoft.com/v1.0/print/shares/{printerShareId}/jobs ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/print/shares/{printerShareId}/jobs
[!INCLUDE [sample-code](../includes/snippets/javascript/list-printjob-2-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printershare Post Jobs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printershare-post-jobs.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/create-printjob-from--2-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printershare Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printershare-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/update-printershare-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Printjob Abort https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printjob-abort.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-abort-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printjob-cancel.md
The following is an example of a request.
POST https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId}/cancel ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobI
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-cancel-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printjob-get.md
The following is an example of a request to get metadata for a print job.
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId
[!INCLUDE [sample-code](../includes/snippets/javascript/get-printjob-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
The following is a request to get a print job and any [tasks](../resources/print
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId}?$expand=tasks ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId
[!INCLUDE [sample-code](../includes/snippets/javascript/get-printjob-withtasks-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
The following is an example of a request to get a print job and its associated d
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId}?$expand=documents ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs/{printJobId
[!INCLUDE [sample-code](../includes/snippets/javascript/get-printjob-withdocumentdata-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ #### Response
v1.0 Printjob Redirect https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printjob-redirect.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-redirect-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Start https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printjob-start.md
If successful, this method returns a `200 OK` response code and a [printJobStatu
POST https://graph.microsoft.com/v1.0/print/shares/{printerShareId}/jobs/{printJobId}/start ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/v1.0/print/shares/{printerShareId}/jobs/{printJ
[!INCLUDE [sample-code](../includes/snippets/javascript/printjob-start-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printjob Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printjob-update.md
Content-Type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/javascript/update-printjob-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Printtaskdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/printtaskdefinition-get.md
GET https://graph.microsoft.com/v1.0/print/taskDefinitions/{printTaskDefinitionI
[!INCLUDE [sample-code](../includes/snippets/php/get-printtaskdefinition-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Profilephoto Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/profilephoto-get.md
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a contact
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Contacts.Read | Contacts.ReadWrite |
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a group
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Group.Read.All | Group.ReadWrite.All |
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a team
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| | Delegated (work or school account) | Team.ReadBasic.All | TeamSettings.Read.All, TeamSettings.ReadWrite.All |
The following tables show the least privileged permission or permissions require
### To retrieve the profile photo of a user
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | User.Read | User.ReadBasic.All, User.Read.All, User.ReadWrite, User.ReadWrite.All |
v1.0 Profilephoto Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/profilephoto-update.md
The following tables show the least privileged permission or permissions require
### To update the profile photo of a contact
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Contacts.ReadWrite | Not supported. |
The following tables show the least privileged permission or permissions require
### To update the profile photo of a group
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | Group.ReadWrite.All | Not supported. |
The following tables show the least privileged permission or permissions require
### To update the profile photo of a team
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| | Delegated (work or school account) | TeamSettings.ReadWrite.All | Not supported. |
The following tables show the least privileged permission or permissions require
### To update the profile photo of the signed-in user
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Least privileged permissions | Higher privileged permissions | |:--|:--|:| |Delegated (work or school account) | User.ReadWrite | User.ReadWrite.All |
v1.0 Provisioningobjectsummary List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/provisioningobjectsummary-list.md
Get all provisioning events that occurred in your tenant, such as the deletion o
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Range Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/range-update.md
Content-type: application/json
} ```
-# [C#](#tab/csharp)
- # [Go](#tab/go) [!INCLUDE [sample-code](../includes/snippets/go/update-range-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Rbacapplication List Roledefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/rbacapplication-list-roledefinitions.md
GET /roleManagement/directory/roleDefinitions
To list role definitions for the entitlement management provider: <!-- { "blockType": "ignored" } --> ```http
-/roleManagement/entitlementManagement/roleDefinitions
+GET /roleManagement/entitlementManagement/roleDefinitions
``` ## Optional query parameters
GET https://graph.microsoft.com/v1.0/roleManagement/entitlementManagement/roleDe
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Rbacapplication Post Roleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/rbacapplication-post-roleassignments.md
Content-type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Reportroot Getteamsteamactivitycounts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/reportroot-getteamsteamactivitycounts.md
+
+ Title: "reportRoot: getTeamsTeamActivityCounts"
+description: "Get the number of team activities across Microsoft Teams. The activity types are related to meetings and messages."
+ms.localizationpriority: medium
+++
+# reportRoot: getTeamsTeamActivityCounts
+
+Namespace: microsoft.graph
+
+Get the number of team activities across Microsoft Teams. The activity types are related to meetings and messages.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Reports.Read.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Reports.Read.All |
+
+> **Note:** For delegated permissions to allow apps to read service usage reports on behalf of a user, the tenant administrator must have assigned the user the appropriate Azure Active Directory limited administrator role. For more details, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /reports/getTeamsTeamActivityCounts(period='{period_value}')
+```
+
+## Function parameters
+
+In the request URL, provide the following parameters with a valid value.
+
+| Parameter | Type | Description |
+| :-- | :-- | : |
+| period | string | Specifies the length of time over which the report is aggregated. The supported values for {period_value} are: `D7`, `D30`, `D90`, and `D180`. These values follow the format D*n* where *n* represents the number of days over which the report is aggregated. Required. |
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Response
+
+If successful, this method returns a `302 Found` response that redirects to a preauthenticated download URL for the report. That URL can be found in the `Location` header in the response.
+
+Preauthenticated download URLs are only valid for a short period of time (a few minutes) and do not require an `Authorization` header.
+
+The CSV file has the following headers for columns:
+
+- Report Refresh Date
+- Report Period
+- Report Date
+- Active users
+- Active Channels
+- Guests
+- Reactions
+- Meetings Organized
+- Post Messages
+- Channel Messages
+- Active Shared Channels
+- Active External Users
+- Reply Messages
+- Urgent Messages
+- Mentions
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsteamactivitycounts_csv"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/reports/getTeamsTeamActivityCounts(period='D7')
+```
++
+### Response
+
+The following is an example of the response.
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+HTTP/1.1 302 Found
+Content-Type: text/plain
+Location: https://reports.office.com/data/download/JDFKdf2_eJXKS034dbc7e0t__XDe
+```
+
+Follow the 302 redirection and the CSV file that downloads will have the following schema.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/octet-stream
+
+Report Refresh Date,Report Period,Report Date,Active Users,Active Channels,Guests,Reactions,Meetings Organized,Post Messages,Channel Messages,Active Shared Channels,Active External Users,Reply Messages,Urgent Messages,Mentions
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Example",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
v1.0 Reportroot Getteamsteamactivitydetail https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/reportroot-getteamsteamactivitydetail.md
+
+ Title: "reportRoot: getTeamsTeamActivityDetail"
+description: "Get details about Microsoft Teams activity by team. The numbers include activities for both licensed and non-licensed users."
+ms.localizationpriority: medium
+++
+# reportRoot: getTeamsTeamActivityDetail
+
+Namespace: microsoft.graph
+
+Get details about Microsoft Teams activity by team. The numbers include activities for both licensed and non-licensed users.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Reports.Read.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Reports.Read.All |
+
+> **Note:** For delegated permissions to allow apps to read service usage reports on behalf of a user, the tenant administrator must have assigned the user the appropriate Azure Active Directory limited administrator role. For more details, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /reports/getTeamsTeamActivityDetail(period='{period_value}')
+```
+
+## Function parameters
+
+In the request URL, provide the following parameters with a valid value.
+
+| Parameter | Type | Description |
+| :-- | :-- | : |
+| period | string | Specifies the length of time over which the report is aggregated. The supported values for {period_value} are: `D7`, `D30`, `D90`, and `D180`. These values follow the format D*n* where *n* represents the number of days over which the report is aggregated. Required. |
+| date | Date | Specifies the date for which you would like to view details about activities across one or more teams. {date_value} must have a format of YYYY-MM-DD. As this report is only available for the past 30 days, {date_value} should be a date from that range. |
+
+> **Note:** You need to set either **period** or **date** in the request URL.
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Response
+
+If successful, this method returns a `302 Found` response that redirects to a preauthenticated download URL for the report. That URL can be found in the `Location` header in the response.
+
+Preauthenticated download URLs are only valid for a short period of time (a few minutes) and do not require an `Authorization` header.
+
+The CSV file has the following headers for columns:
+
+- Report Refresh Date
+- Team Name
+- Team Id
+- Team type
+- Last Activity Date
+- Report Period
+- Active users
+- Active Channels
+- Guests
+- Reactions
+- Meetings Organized
+- Post Messages
+- Reply Messages
+- Channel Messages
+- Urgent Messages
+- Mentions
+- Active Shared Channels
+- Active External Users
+
+## Examples
+
+The following is an example that outputs CSV.
+
+### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsuseractivitytotalusercounts_csv"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/reports/getTeamsTeamActivityDetail(period='D7')
+```
+
+### Response
+
+The following is an example of the response.
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+HTTP/1.1 302 Found
+Content-Type: text/plain
+Location: https://reports.office.com/data/download/JDFKdf2_eJXKS034dbc7e0t__XDe
+```
+
+Follow the 302 redirection and the CSV file that downloads will have the following schema.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/octet-stream
+
+Report Refresh Date,Team Name,Team Id,Team Type,Last Activity Date,Report Period,Active Users,Active Channels,Guests,Reactions,Meetings Organized,Post Messages,Reply Messages,Channel Messages,Urgent Messages,Mentions,Active Shared Channels,Active External Users
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Example",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
v1.0 Reportroot Getteamsteamactivitydistributioncounts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/reportroot-getteamsteamactivitydistributioncounts.md
+
+ Title: "reportRoot: getTeamsTeamActivityDistributionCounts"
+description: "Get the number of team activities across Microsoft Teams over a selected period."
+ms.localizationpriority: medium
+++
+# reportRoot: getTeamsTeamActivityDistributionCounts
+
+Namespace: microsoft.graph
+
+Get the number of team activities across Microsoft Teams over a selected period.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Reports.Read.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Reports.Read.All |
+
+> **Note:** For delegated permissions to allow apps to read service usage reports on behalf of a user, the tenant administrator must have assigned the user the appropriate Azure Active Directory limited administrator role. For more details, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /reports/getTeamsTeamActivityDistributionCounts(period='{period_value}')
+```
+
+## Function parameters
+
+In the request URL, provide the following parameter with a valid value.
+
+| Parameter | Type | Description |
+| :-- | :-- | : |
+| period | string | Specifies the length of time over which the report is aggregated. The supported values for {period_value} are: `D7`, `D30`, `D90`, and `D180`. These values follow the format D*n* where *n* represents the number of days over which the report is aggregated. Required. |
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Response
+
+If successful, this method returns a `302 Found` response that redirects to a preauthenticated download URL for the report. That URL can be found in the `Location` header in the response.
+
+Preauthenticated download URLs are only valid for a short period of time (a few minutes) and do not require an `Authorization` header.
+
+The CSV file has the following headers for columns:
+
+- Report Refresh Date
+- Report Period
+- Active users
+- Active Channels
+- Guests
+- Reactions
+- Meetings Organized
+- Post Messages
+- Channel Messages
+- Active Shared Channels
+- Active External Users
+- Reply Messages
+- Urgent Messages
+- Mentions
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsteamactivitydistributioncounts_csv"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/reports/getTeamsTeamActivityDistributionCounts(period='D7')
+```
++
+### Response
+
+The following is an example of the response.
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+HTTP/1.1 302 Found
+Content-Type: text/plain
+Location: https://reports.office.com/data/download/JDFKdf2_eJXKS034dbc7e0t__XDe
+```
+
+Follow the 302 redirection and the CSV file that downloads will have the following schema.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/octet-stream
+
+Report Refresh Date,Report Period,Active Users,Active Channels,Guests,Reactions,Meetings Organized,Post Messages,Channel Messages,Active Shared Channels,Active External Users,Reply Messages,Urgent Messages,Mentions
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Example",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
v1.0 Reportroot Getteamsteamcounts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/reportroot-getteamsteamcounts.md
+
+ Title: "reportRoot: getTeamsTeamCounts"
+description: "Get the number of teams of a particular type in an instance of Microsoft Teams."
+ms.localizationpriority: medium
+++
+# reportRoot: getTeamsTeamCounts
+
+Namespace: microsoft.graph
+
+Get the number of teams of a particular type in an instance of Microsoft Teams.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Reports.Read.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Reports.Read.All |
+
+> **Note:** For delegated permissions to allow apps to read service usage reports on behalf of a user, the tenant administrator must have assigned the user the appropriate Azure Active Directory limited administrator role. For more details, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /reports/getTeamsTeamCounts(period='{period_value}')
+```
+
+## Function parameters
+
+In the request URL, provide the following parameters with a valid value.
+
+| Parameter | Type | Description |
+| :-- | :-- | : |
+| period | string | Specifies the length of time over which the report is aggregated. The supported values for {period_value} are: `D7`, `D30`, `D90`, and `D180`. These values follow the format D*n*, where *n* represents the number of days over which the report is aggregated. Required. |
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `302 Found` response that redirects to a pre-authenticated download URL for the report. That URL can be found in the `Location` header in the response.
+
+Pre-authenticated download URLs are only valid for a short period (a few minutes) and do not require an `Authorization` header.
+
+The CSV file has the following headers for columns:
+
+- Report Refresh Date
+- Report Date
+- Public Teams
+- Active Public Teams
+- Private Teams
+- Active Private Teams
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsteamcounts_csv"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/reports/getTeamsTeamCounts(period='D7')?$format=text/csv
+```
+
+### Response
+
+The following is an example of the response.
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+HTTP/1.1 302 Found
+Content-Type: text/plain
+Location: https://reports.office.com/data/download/JDFKdf2_eJXKS034dbc7e0t__XDe
+```
+
+Follow the 302 redirection and the CSV file that downloads will have the following schema.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/octet-stream
+Report Refresh Date,Report Date,Public Teams,Active Public Teams,Private Teams,Active Private Teams,
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Example",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
v1.0 Schemaextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/schemaextension-delete.md
Delete the definition of a [schema extension](../resources/schemaextension.md).
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All |
v1.0 Schemaextension Post Schemaextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/schemaextension-post-schemaextensions.md
use the schema extension definition to [create a new group with training course
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All |
v1.0 Schemaextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/schemaextension-update.md
This criteria for the **owner** property allows a signed-in user to make updates
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All |
v1.0 Section Copytonotebook https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/section-copytonotebook.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/section-copytonotebook-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ##### Response
v1.0 Security Ediscoverycase Close https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycase-close.md
POST https://graph.microsoft.com/security/cases/ediscoveryCases/061b9a92-8926-4b
[!INCLUDE [sample-code](../includes/snippets/php/close-ediscoverycase-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycase Reopen https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycase-reopen.md
POST https://graph.microsoft.com/security/cases/ediscoveryCases/061b9a92-8926-4b
[!INCLUDE [sample-code](../includes/snippets/php/reopen-ediscoverycase-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycasesettings Resettodefault https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycasesettings-resettodefault.md
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/settings-resettodefault-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycustodian Activate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycustodian-activate.md
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/{ediscovery
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisactivate-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycustodian Applyhold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycustodian-applyhold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisapplyhold-id-custodians-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisapplyhold-singlecustodian-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverycustodian Post Unifiedgroupsources https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycustodian-post-unifiedgroupsources.md
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Security Ediscoverycustodian Release https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycustodian-release.md
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisrelease-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverycustodian Removehold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycustodian-removehold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisremovehold-caseid-custodians-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisremovehold-single-custodian-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverycustodian Updateindex https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverycustodian-updateindex.md
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisupdateindex-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverynoncustodialdatasource Applyhold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverynoncustodialdatasource-applyhold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverynoncustialdatasourceapplyhold-caseid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverynoncustialdatasource-applyhold-single-noncustodial-datasource-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverynoncustodialdatasource Release https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverynoncustodialdatasource-release.md
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/{ediscovery
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverynoncustodialdatasourcethisrelease-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverynoncustodialdatasource Removehold https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverynoncustodialdatasource-removehold.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisremovehold-caseid-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverycustodianthisremovehold-single-datasource-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ #### Response
v1.0 Security Ediscoverynoncustodialdatasource Updateindex https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverynoncustodialdatasource-updateindex.md
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverynoncustodialdatasourcethisupdateindex-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoveryreviewset Addtoreviewset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoveryreviewset-addtoreviewset.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoveryreviewsetthisaddtoreviewset-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoveryreviewsetquery Applytags https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoveryreviewsetquery-applytags.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/ediscoveryreviewsetquerythisapplytags-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Security Ediscoverysearch Estimatestatistics https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/security-ediscoverysearch-estimatestatistics.md
POST https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/b0073e4e-41
[!INCLUDE [sample-code](../includes/snippets/php/ediscoverysearchthisestimatestatistics-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
v1.0 Serviceprincipal Delete Claimsmappingpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-delete-claimsmappingpolicies.md
Remove a [claimsMappingPolicy](../resources/claimsmappingpolicy.md) from a [serv
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Delete Homerealmdiscoverypolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-delete-homerealmdiscoverypolicies.md
Remove a [homeRealmDiscoveryPolicy](../resources/homerealmdiscoverypolicy.md) fr
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal List Claimsmappingpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-list-claimsmappingpolicies.md
List the [claimsMappingPolicy](../resources/claimsmappingpolicy.md) objects that
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
GET https://graph.microsoft.com/v1.0/servicePrincipals/00063ffc-54e9-405d-b8f3-5
[!INCLUDE [sample-code](../includes/snippets/php/list-claimsmappingpolicies-on-application-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Serviceprincipal List Homerealmdiscoverypolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-list-homerealmdiscoverypolicies.md
List the [homeRealmDiscoveryPolicy](../resources/homerealmdiscoverypolicy.md) ob
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Post Approleassignedto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-post-approleassignedto.md
To grant an app role assignment, you need three identifiers:
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All |
v1.0 Serviceprincipal Post Approleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-post-approleassignments.md
To grant an app role assignment to a client service principal, you need three id
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AppRoleAssignment.ReadWrite.All and Application.Read.All, AppRoleAssignment.ReadWrite.All and Directory.Read.All |
v1.0 Serviceprincipal Post Claimsmappingpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-post-claimsmappingpolicies.md
Assign a [claimsMappingPolicy](../resources/claimsmappingpolicy.md) to a [servic
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Post Homerealmdiscoverypolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-post-homerealmdiscoverypolicies.md
Assign a [homeRealmDiscoveryPolicy](../resources/homerealmdiscoverypolicy.md) to
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
v1.0 Serviceprincipal Post Owners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-post-owners.md
Use this API to add an owner for the [servicePrincipal](../resources/serviceprin
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Application.ReadWrite.All and Directory.Read.All |
v1.0 Sharepointsettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/sharepointsettings-get.md
+
+ Title: "Get sharepointSettings"
+description: "Get the tenant-level settings for SharePoint and OneDrive."
+
+ms.localizationpriority: medium
++
+# Get settings
+Namespace: microsoft.graph
+
+Get the tenant-level [settings](../resources/sharepointsettings.md) for SharePoint and OneDrive.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|SharePointTenantSettings.Read.All, SharePointTenantSettings.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|SharePointTenantSettings.Read.All, SharePointTenantSettings.ReadWrite.All|
+
+When calling on behalf of a user, the user needs to belong to one of the following admin roles. To learn more about admin roles, see [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles):
+* Global Administrator
+* Global Reader
+* SharePoint Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /admin/sharepoint/settings
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [settings](../resources/sharepointsettings.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_settings_at_tenant_level"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/admin/sharepoint/settings
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.sharepointSettings"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.sharepointSettings",
+ "allowedDomainGuidsForSyncApp": [
+ "bdd1ab9b-3fd0-4def-a761-ec8d7471732c",
+ "ad31vb6b-5zd0-7tyg-m231-kj8d6578432c"
+ ],
+ "availableManagedPathsForSiteCreation": [
+ "/sites/",
+ "/teams/"
+ ],
+ "deletedUserPersonalSiteRetentionPeriodInDays": 344,
+ "excludedFileExtensionsForSyncApp": [
+ ".md",
+ ".git"
+ ],
+ "idleSessionSignOut": {
+ "isEnabled": true,
+ "warnAfterInSeconds": 120,
+ "signOutAfterInSeconds": 300
+ },
+ "imageTaggingOption": "basic",
+ "isCommentingOnSitePagesEnabled": true,
+ "isFileActivityNotificationEnabled": true,
+ "isLegacyAuthProtocolsEnabled": false,
+ "isLoopEnabled": true,
+ "isMacSyncAppEnabled": false,
+ "isRequireAcceptingUserToMatchInvitedUserEnabled": true,
+ "isResharingByExternalUsersEnabled": true,
+ "isSharePointMobileNotificationEnabled": true,
+ "isSharePointNewsfeedEnabled": true,
+ "isSiteCreationEnabled": true,
+ "isSiteCreationUIEnabled": true,
+ "isSitePagesCreationEnabled": true,
+ "isSitesStorageLimitAutomatic": true,
+ "isSyncButtonHiddenOnPersonalSite": true,
+ "isUnmanagedSyncAppForTenantRestricted": true,
+ "personalSiteDefaultStorageLimitInMB": 113664,
+ "sharingAllowedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingBlockedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingCapability": "externalUserAndGuestSharing",
+ "sharingDomainRestrictionMode": "allowList",
+ "siteCreationDefaultManagedPath": "/sites/",
+ "siteCreationDefaultStorageLimitInMB": 808034,
+ "tenantDefaultTimezone": "(UTC-05:00) Eastern Time (US and Canada)"
+ }
+}
+```
v1.0 Sharepointsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/sharepointsettings-update.md
+
+ Title: "Update sharepointSettings"
+description: "Update one or more tenant-level settings for SharePoint and OneDrive."
+
+ms.localizationpriority: medium
++
+# Update settings
+Namespace: microsoft.graph
+
+Update one or more tenant-level [settings](../resources/sharepointsettings.md) for SharePoint and OneDrive.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|SharePointTenantSettings.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|SharePointTenantSettings.ReadWrite.All|
+
+When calling on behalf of a user, the user needs to belong to one of the following admin roles. To learn more about admin roles, see [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles):
+* Global Administrator
+* SharePoint Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /admin/sharepoint/settings
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+|Property|Type|Description|
+|:|:|:|
+| allowedDomainGuidsForSyncApp | GUID collection | Collection of trusted domain GUIDs for the OneDrive sync app. |
+| deletedUserPersonalSiteRetentionPeriodInDays | Int32 | The number of days for preserving a deleted user's OneDrive. |
+| excludedFileExtensionsForSyncApp | String collection | Collection of file extensions not uploaded by the OneDrive sync app. |
+| idleSessionSignOut | [microsoft.graph.idleSessionSignOut](../resources/idlesessionsignout.md) | Specifies the idle session sign-out policies for the tenant. |
+| imageTaggingOption | imageTaggingChoice | Specifies the image tagging option for the tenant. Possible values are: `disabled`, `basic`, `enhanced`. |
+| isCommentingOnSitePagesEnabled | Boolean | Indicates whether comments are allowed on modern site pages in SharePoint. |
+| isFileActivityNotificationEnabled | Boolean | Indicates whether push notifications are enabled for OneDrive events. |
+| isLegacyAuthProtocolsEnabled | Boolean | Indicates whether legacy authentication protocols are enabled for the tenant. |
+| isLoopEnabled | Boolean | Indicates whether Fluid Framework is allowed on SharePoint sites. |
+| isMacSyncAppEnabled | Boolean | Indicates whether files can be synced using the OneDrive sync app for Mac. |
+| isRequireAcceptingUserToMatchInvitedUserEnabled | Boolean | Indicates whether guests must sign in using the same account to which sharing invitations are sent. |
+| isResharingByExternalUsersEnabled | Boolean | Indicates whether guests are allowed to reshare files, folders, and sites they don't own. |
+| isSharePointMobileNotificationEnabled | Boolean | Indicates whether mobile push notifications are enabled for SharePoint. |
+| isSharePointNewsfeedEnabled | Boolean | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. |
+| isSiteCreationEnabled | Boolean | Indicates whether users are allowed to create sites. |
+| isSiteCreationUIEnabled | Boolean | Indicates whether the UI commands for creating sites are shown. |
+| isSitePagesCreationEnabled | Boolean | Indicates whether creating new modern pages is allowed on SharePoint sites. |
+| isSitesStorageLimitAutomatic | Boolean | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. |
+| isSyncButtonHiddenOnPersonalSite | Boolean | Indicates whether the sync button in OneDrive is hidden. |
+| isUnmanagedSyncAppForTenantRestricted | Boolean | Indicates whether users are allowed to sync files only on PCs joined to specific domains. |
+| personalSiteDefaultStorageLimitInMB | Int64 | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). |
+| sharingAllowedDomainList | String collection | Collection of email domains that are allowed for sharing outside the organization. |
+| sharingBlockedDomainList | String collection | Collection of email domains that are blocked for sharing outside the organization. |
+| sharingCapability | sharingCapabilities | Sharing capability for the tenant. Possible values are: `disabled`, `externalUserSharingOnly`, `externalUserAndGuestSharing`, `existingExternalUserSharingOnly`. |
+| sharingDomainRestrictionMode | sharingDomainRestrictionMode | Specifies the external sharing mode for domains. Possible values are: `none`, `allowList`, `blockList`. |
+| siteCreationDefaultManagedPath | String | The value of the team site managed path. This is the path under which new team sites will be created. |
+| siteCreationDefaultStorageLimitInMB | Int32 | The default storage quota for a new site upon creation. Measured in megabytes (MB). |
+| tenantDefaultTimezone | String | The default timezone of a tenant for newly created sites. For a list of possible values, see [SPRegionalSettings.TimeZones property](/sharepoint/dev/schema/regional-settings-schema). |
++
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [settings](../resources/sharepointsettings.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_tenant_settings"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/admin/sharepoint/settings
+Content-Type: application/json
+Content-length: 1323
+
+{
+ "deletedUserPersonalSiteRetentionPeriodInDays": 365,
+ "excludedFileExtensionsForSyncApp": [".mp3"],
+ "imageTaggingOption": "enhanced",
+ "isLegacyAuthProtocolsEnabled": true,
+ "isSitesStorageLimitAutomatic": false,
+ "isSyncButtonHiddenOnPersonalSite": false,
+ "isUnmanagedSyncAppForTenantRestricted": false,
+ "personalSiteDefaultStorageLimitInMB": 120000
+}
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following is an example of the response.
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.sharepointSettings"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.sharepointSettings",
+ "allowedDomainGuidsForSyncApp": [
+ "bdd1ab9b-3fd0-4def-a761-ec8d7471732c",
+ "ad31vb6b-5zd0-7tyg-m231-kj8d6578432c"
+ ],
+ "availableManagedPathsForSiteCreation": [
+ "/sites/",
+ "/teams/"
+ ],
+ "deletedUserPersonalSiteRetentionPeriodInDays": 365,
+ "excludedFileExtensionsForSyncApp": [
+ ".mp3"
+ ],
+ "idleSessionSignOut": {
+ "isEnabled": true,
+ "warnAfterInSeconds": 120,
+ "signOutAfterInSeconds": 300
+ },
+ "imageTaggingOption": "basic",
+ "isCommentingOnSitePagesEnabled": true,
+ "isFileActivityNotificationEnabled": true,
+ "isLegacyAuthProtocolsEnabled": true,
+ "isLoopEnabled": true,
+ "isMacSyncAppEnabled": false,
+ "isRequireAcceptingUserToMatchInvitedUserEnabled": true,
+ "isResharingByExternalUsersEnabled": true,
+ "isSharePointMobileNotificationEnabled": true,
+ "isSharePointNewsfeedEnabled": true,
+ "isSiteCreationEnabled": true,
+ "isSiteCreationUIEnabled": true,
+ "isSitePagesCreationEnabled": true,
+ "isSitesStorageLimitAutomatic": false,
+ "isSyncButtonHiddenOnPersonalSite": false,
+ "isUnmanagedSyncAppForTenantRestricted": false,
+ "personalSiteDefaultStorageLimitInMB": 120000,
+ "sharingAllowedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingBlockedDomainList" : [
+ "contoso.com",
+ "fabrikam.com"
+ ],
+ "sharingCapability": "externalUserAndGuestSharing",
+ "sharingDomainRestrictionMode": "allowList",
+ "siteCreationDefaultManagedPath": "/sites/",
+ "siteCreationDefaultStorageLimitInMB": 808034,
+ "tenantDefaultTimezone": "(UTC-05:00) Eastern Time (US and Canada)"
+}
+```
v1.0 Signin Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/signin-get.md
Retrieve a specific Azure AD user sign-in event for your tenant. Sign-ins that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Signin List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/signin-list.md
The maximum and default page size is 1,000 objects and by default, the most rece
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | AuditLog.Read.All and Directory.Read.All |
v1.0 Subscription Reauthorize https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/subscription-reauthorize.md
If successful, this action returns a `204 No Content` response code.
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "subscriptionthis.reauthorize"
The following is an example of a request.
POST https://graph.microsoft.com/v1.0/subscriptions/{subscriptionsId}/reauthorize ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+
+# [PowerShell](#tab/powershell)
++ ### Response The following is an example of the response
v1.0 Swapshiftschangerequest List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/swapshiftschangerequest-list.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/teams/{teamId}/schedule/swapShiftsChangeRequests
+GET https://graph.microsoft.com/v1.0/teams/00d4ce58-658a-4d53-a0ad-99aa318bed28/schedule/swapShiftsChangeRequests
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "id": "0b87dd20-d5ed-4764-9c3e-cfc8516def09",
- "senderShiftId": "5ad10161-6524-4c7c-9beb-4e8677ba2f6d",
- "recipientShiftId": "e73408ca-3ea5-4bbf-96a8-2e06c95f7a2c",
- "assignedTo": "manager",
- "state": "approved",
- "senderUserId": "3fe0bc21-1398-4fd9-9713-52511b434c1e",
- "senderDateTime": "2019-05-01T10:00:00Z",
- "senderMessage": "I can't make my shift, any chance we can swap?",
- "recipientUserId": "567c8ea5-9e32-422a-a663-8270201699cd",
- "recipientActionDateTime": "2019-05-01T11:00:00Z",
- "recipientActionMessage": "Sure!",
- "managerUserId": "fdcc8d43-7f83-438a-9ab1-098e8f2a95ff",
- "managerActionDateTime": "2019-05-01T12:00:00Z",
- "managerActionMessage": "Approved!"
- }
- ]
+ "value": [
+ {
+ "id": "0b87dd20-d5ed-4764-9c3e-cfc8516def09",
+ "senderShiftId": "5ad10161-6524-4c7c-9beb-4e8677ba2f6d",
+ "recipientShiftId": "e73408ca-3ea5-4bbf-96a8-2e06c95f7a2c",
+ "assignedTo": "manager",
+ "state": "approved",
+ "senderUserId": "3fe0bc21-1398-4fd9-9713-52511b434c1e",
+ "senderDateTime": "2019-05-01T10:00:00Z",
+ "senderMessage": "I cannot make my shift, any chance we can swap?",
+ "recipientUserId": "567c8ea5-9e32-422a-a663-8270201699cd",
+ "recipientActionDateTime": "2019-05-01T11:00:00Z",
+ "recipientActionMessage": "Sure!",
+ "managerUserId": "fdcc8d43-7f83-438a-9ab1-098e8f2a95ff",
+ "managerActionDateTime": "2019-05-01T12:00:00Z",
+ "managerActionMessage": "Approved!"
+ }
+ ]
}- ``` <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
Content-type: application/json
"section": "documentation", "tocPath": "" }-->-
v1.0 Team Post Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-post-installedapps.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/php/add-app-in-team-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- ### Response
v1.0 Termstore Group Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-group-delete.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-DELETE sites/{site-id}/termStore/groups/{group-id}
+DELETE /sites/{site-id}/termStore/groups/{group-id}
``` ## Request headers
v1.0 Termstore Group Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-group-get.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-GET sites/{site-id}/termStore/groups/{group-id}
+GET /sites/{site-id}/termStore/groups/{group-id}
``` ## Request headers
v1.0 Termstore Group Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-group-post.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-POST sites/{site-id}/termStore/groups
+POST /sites/{site-id}/termStore/groups
``` ## Request headers
v1.0 Termstore List Groups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-list-groups.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-GET sites/{site-id}/termStore/groups
+GET /sites/{site-id}/termStore/groups
``` ## Optional query parameters
v1.0 Termstore Relation Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-relation-post.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-POST sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/relations
+POST /sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/relations
``` ## Request headers
v1.0 Termstore Set Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-set-get.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-GET sites/{site-id}/termStore/sets/{set-id}
+GET /sites/{site-id}/termStore/sets/{set-id}
``` ## Optional query parameters
v1.0 Termstore Set Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-set-post.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-POST sites/{site-id}/termStore/sets
+POST /sites/{site-id}/termStore/sets
``` ## Request headers
v1.0 Termstore Set Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-set-update.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-PATCH sites/{site-id}/termStore/sets/{set-id}
+PATCH /sites/{site-id}/termStore/sets/{set-id}
``` ## Request headers
v1.0 Termstore Store Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-store-get.md
One of the following permissions is required to call this API. To learn more, in
--> ``` http
-GET sites/{site-id}/termStore
+GET /sites/{site-id}/termStore
``` ## Request headers
v1.0 Termstore Term Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-term-delete.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-DELETE sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}
+DELETE /sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}
``` ## Request headers
v1.0 Termstore Term Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-term-get.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-GET sites/{site-id}/termStore/groups/{group-id}/sets/{set-id}/terms/{term-id}
-GET sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}
+GET /sites/{site-id}/termStore/groups/{group-id}/sets/{set-id}/terms/{term-id}
+GET /sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}
``` ## Optional query parameters
v1.0 Termstore Term List Children https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-term-list-children.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-GET sites/{site-id}/termStore/sets/{set-id}/children
-GET sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/children
+GET /sites/{site-id}/termStore/sets/{set-id}/children
+GET /sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/children
``` ## Optional query parameters
v1.0 Termstore Term List Relations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-term-list-relations.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-GET sites/{site-id}/termStore/sets/{set-id}/relations
-GET sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/relations
+GET /sites/{site-id}/termStore/sets/{set-id}/relations
+GET /sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/relations
``` ## Optional query parameters
v1.0 Termstore Term Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-term-post.md
One of the following permissions is required to call this API. To learn more, in
} --> ``` http
-POST sites/{site-id}/termStore/sets/{set-id}/children
-POST sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/children
+POST /sites/{site-id}/termStore/sets/{set-id}/children
+POST /sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}/children
``` ## Request headers
v1.0 Termstore Term Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-term-update.md
One of the following permissions is required to call this API. To learn more, in
}--> ``` http
-PATCH sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}
+PATCH /sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}
``` ## Request headers
v1.0 Tokenissuancepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenissuancepolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/v1.0/policies/tokenIssuancePolicies/{id}/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/policies/tokenIssuancePolicies/{id}/applies
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-3-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 Tokenlifetimepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-list-appliesto.md
Get a list of [directoryObject](../resources/directoryObject.md) objects that a
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
| Permission type | Permissions (from least to most privileged) | |:|:--| | Delegated (work or school account) | Policy.Read.All and Application.Read.All, Policy.ReadWrite.ApplicationConfiguration and Application.Read.All, Directory.Read.All |
The following is an example of the request.
GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/appliesTo ```
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+ # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a
[!INCLUDE [sample-code](../includes/snippets/javascript/get-appliesto-4-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PHP](#tab/php)
+ ### Response
v1.0 User Assignlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-assignlicense.md
Title: "assignLicense"
+ Title: "user: assignLicense"
description: "Add or remove subscriptions for the user. You can also enable and disable specific plans associated with a subscription." ms.localizationpriority: high
doc_type: apiPageType
# user: assignLicense Namespace: microsoft.graph+ Add or remove subscriptions for the user. You can also enable and disable specific plans associated with a subscription. ## Permissions
v1.0 User Findmeetingtimes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-findmeetingtimes.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | Calendars.Read.Shared, Calendars.ReadWrite.Shared |
+|Delegated (work or school account) | Calendars.Read, Calendars.ReadWrite |
|Delegated (personal Microsoft account) | Not supported. | |Application | Not supported. |
v1.0 User List Directreports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-directreports.md
Get a user's direct reports.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->
|Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | User.Read and User.ReadBasic.All, User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
v1.0 User List Manager https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-manager.md
ConsistencyLevel: eventual
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 User List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list.md
GET /users
## Optional query parameters
-This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. The default and maximum page sizes are 100 and 999 user objects respectively, except when you specify `$select=signInActivity` or `$filter=signInActivity`. When `signInActivity` is selected or filtered on, the maximum page size is 120.
+This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. `$skip` isn't supported. You must specify `$select=signInActivity` or `$filter=signInActivity` while [listing users](../api/user-list.md), as the signInActivity property is not returned by default.
Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). The `$count` and `$search` parameters are currently not available in Azure AD B2C tenants.
v1.0 Virtualappointment Getvirtualappointmentjoinweburl https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/virtualappointment-getvirtualappointmentjoinweburl.md
+
+ Title: "virtualAppointment: getVirtualAppointmentJoinWebUrl"
+description: "Get a virtual appointment join link."
+
+ms.localizationpriority: medium
++
+# virtualAppointment: getVirtualAppointmentJoinWebUrl
+
+Namespace: microsoft.graph
+
+Get a join web URL for a [Microsoft Virtual Appointments](/microsoft-365/frontline/virtual-appointments). This web URL includes enhanced business-to-customer experiences such as mobile browser join and virtual lobby rooms. With [Teams Premium](/microsoftteams/teams-add-on-licensing/licensing-enhance-teams), you can configure a [custom lobby room](/microsoft-365/frontline/browser-join#customize-the-waiting-room-with-your-company-logo) experience for attendees by adding your company logo and access the [Virtual Appointments usage report](/microsoft-365/frontline/virtual-appointments-usage-report) for organizational analytics.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | VirtualAppointment.Read, VirtualAppointment.ReadWrite |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | VirtualAppointment.Read.All, VirtualAppointment.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/onlineMeetings/{onlineMeetingId}/getVirtualAppointmentJoinWebUrl
+GET /users/{userId}/onlineMeetings/{onlineMeetingId}/getVirtualAppointmentJoinWebUrl
+```
+
+## Request headers
+
+| Name | Description |
+| :-- | : |
+| Authorization | Bearer {token}. Required. |
+| Accept-Language | Language. Optional. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a String in the response body. The **value** property represents the join web URL for [Microsoft Virtual Appointments](/microsoft-365/frontline/virtual-appointments).
+
+## Examples
+
+### Request
+
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_virtualappointment",
+ "sampleKeys": ["MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZi"]
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/me/onlineMeetings/MSpkYzE3Njc0Yy04MWQ5LTRhZGItYmZi/getVirtualAppointmentJoinWebUrl
+```
+
+# [C#](#tab/csharp)
+
+# [Go](#tab/go)
+
+# [Java](#tab/java)
+
+# [JavaScript](#tab/javascript)
+
+# [PHP](#tab/php)
+++
+### Response
+
+The following example shows the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Edm.String"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Edm.String",
+ "value": "https://visit.teams.microsoft.com/webrtc-svc/api/route?tid=a796be92-&convId=19:meeting_=True"
+}
+```
v1.0 Worksheet Usedrange https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/worksheet-usedrange.md
GET https://graph.microsoft.com/v1.0/me/drive/items/{id}/workbook/worksheets/{id
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go)
v1.0 Worksheetcollection Add https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/worksheetcollection-add.md
One of the following permissions is required to call this API. To learn more, in
## HTTP request <!-- { "blockType": "ignored" } --> ```http
-POST /me/drive/items/{id}/workbook/worksheets/
-POST /me/drive/root:/{item-path}:/workbook/worksheets/
+POST /me/drive/items/{id}/workbook/worksheets
+POST /me/drive/root:/{item-path}:/workbook/worksheets
``` ## Request headers
v1.0 Link Validation Config.Json https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/config/link-validation-config.json a/api-reference/v1.0/config/link-validation-config.json
{ "pathsToIgnore": [
+ "/adaptive-cards",
"/aspnet", "/azure", "/compliance",
v1.0 Missing Request Examples https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/missing-request-examples.md
GET https://graph.microsoft.com/v1.0/users/{user-id}
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Accesspackageassignmentrequestorsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accesspackageassignmentrequestorsettings.md
Title: "accessPackageAssignmentRequestorSettings resource type"
-description: "Used for the requestorSettings property of an access package assignment policy. Provides additional settings to select who can create a request."
+description: "Provides additional settings to select who can create a request for an access package on that policy, and what they can include in their request."
ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
-# accessPackageAssignmentRequestorSettings complex type
+# accessPackageAssignmentRequestorSettings resource type
Namespace: microsoft.graph
-Used for the requestor settings of an [access package assignment policy](accesspackageassignmentpolicy.md). Provides additional settings to select who can create a request for an access package on that policy, and what they can include in their request.
+Provides additional settings to select who can create a request for an access package on that policy, and what they can include in their request. The requestor settings of an [access package assignment policy](accesspackageassignmentpolicy.md) uses this resource.
## Properties |Property|Type|Description| |:|:|:|
-|allowCustomAssignmentSchedule|Boolean|If `false`, the requestor is not permitted to include a schedule in their request.|
-|enableOnBehalfRequestorsToAddAccess|Boolean|If `true`, allows on-behalf-of requestors to create a request to add access for another principal.|
-|enableOnBehalfRequestorsToRemoveAccess|Boolean|If `true`, allows on-behalf-of requestors to create a request to remove access for another principal.|
-|enableOnBehalfRequestorsToUpdateAccess|Boolean|If `true`, allows on-behalf-of requestors to create a request to update access for another principal.|
-|enableTargetsToSelfAddAccess|Boolean|If `true`, allows requestors to create a request to add access for themselves.|
-|enableTargetsToSelfRemoveAccess|Boolean|If `true`, allows requestors to create a request to remove their access.|
-|enableTargetsToSelfUpdateAccess|Boolean|If `true`, allows requestors to create a request to update their access.|
+|allowCustomAssignmentSchedule|Boolean|`False` indicates that the requestor is not permitted to include a schedule in their request.|
+|enableOnBehalfRequestorsToAddAccess|Boolean|`True` allows on-behalf-of requestors to create a request to add access for another principal.|
+|enableOnBehalfRequestorsToRemoveAccess|Boolean|`True` allows on-behalf-of requestors to create a request to remove access for another principal.|
+|enableOnBehalfRequestorsToUpdateAccess|Boolean|`True` allows on-behalf-of requestors to create a request to update access for another principal.|
+|enableTargetsToSelfAddAccess|Boolean|`True` allows requestors to create a request to add access for themselves.|
+|enableTargetsToSelfRemoveAccess|Boolean|`True` allows requestors to create a request to remove their access.|
+|enableTargetsToSelfUpdateAccess|Boolean|`True` allows requestors to create a request to update their access.|
|onBehalfRequestors|[subjectSet](../resources/subjectset.md) collection|The principals who can request on-behalf-of others.| ## Relationships
The following is a JSON representation of the resource.
{ "@odata.type": "microsoft.graph.singleUser" }
- ],
+ ]
} ```
v1.0 Admin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/admin.md
None.
|:|:|:| | edge | [edge](edge.md) | A container for Microsoft Edge resources. Read-only. | | serviceAnnouncement | [serviceAnnouncement](serviceannouncement.md) | A container for service communications resources. Read-only. |
+| sharepointSettings | [sharepointSettings](../resources/sharepointSettings.md) | A container for administrative resources to manage tenant-level settings for SharePoint and OneDrive. |
## JSON representation
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.admin" }
-```
+```
v1.0 Attendancerecord https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/attendancerecord.md
Contains information associated with an attendance record in a [meetingAttendanc
| Property | Type | Description| |:--|:--|:--| | attendanceIntervals | [attendanceInterval](attendanceinterval.md) collection | List of time periods between joining and leaving a meeting. |
-| emailAddress | String | Email address of the user associated with this atttendance record. |
-| identity | [identity](identity.md) | Identity of the user associated with this atttendance record. |
+| emailAddress | String | Email address of the user associated with this attendance record. |
+| identity | [identity](identity.md) | Identity of the user associated with this attendance record. |
| role | String | Role of the attendee. Possible values are: `None`, `Attendee`, `Presenter`, and `Organizer`. | | totalAttendanceInSeconds | Int32 | Total duration of the attendances in seconds. |
v1.0 Authenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethodtarget.md
A collection of groups that are enabled to use an authentication method as part
|id|String|Object Id of an Azure AD user or group.| |isRegistrationRequired|Boolean|Determines if the user is enforced to register the authentication method.| |targetType|authenticationMethodTargetType|Possible values are: `user`, `group`.|
-|useForSignIn|Boolean|Determines if the authentication method can be used to sign in to Azure AD.|
## Relationships None.
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.authenticationMethodTarget", "id": "String (identifier)", "isRegistrationRequired": "Boolean",
- "targetType": "String",
- "useForSignIn": "Boolean"
+ "targetType": "String"
} ```
v1.0 Authorizationpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authorizationpolicy.md
Represents a policy that can control Azure Active Directory authorization settin
## Properties | Property | Type | Description | |-|-|-|
-|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
-|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowEmailVerifiedUsersToJoinOrganization|Boolean| Indicates whether a user can join the tenant by email validation. |
-|allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. See more in the [table below](#allowinvitesfrom-values). |
-|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to `true`. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
+|allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. For more details, see [allowInvitesFrom values](../resources/authorizationpolicy.md#allowinvitesfrom-values). |
+|allowUserConsentForRiskyApps|Boolean| Indicates whether [user consent for risky apps](/azure/active-directory/manage-apps/configure-risk-based-step-up-consent) is allowed. We recommend to keep this as `false`. Default value is `false`. |
+|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
+|allowedToUseSSPR|Boolean| Indicates whether users can use the Self-Serve Password Reset feature on the tenant. |
+|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell, set this property to `true`. This also disables user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure Active Directory Connect or Microsoft Graph. |
|defaultUserRolePermissions|[defaultUserRolePermissions](defaultuserrolepermissions.md)| Specifies certain customizable permissions for default user role. | |description|String| Description of this policy.| |displayName|String| Display name for this policy. |
The following is a JSON representation of the resource.
```json {
- "allowedToSignUpEmailBasedSubscriptions": true,
- "allowedToUseSSPR": true,
- "allowEmailVerifiedUsersToJoinOrganization": true,
+ "allowEmailVerifiedUsersToJoinOrganization": "Boolean",
"allowInvitesFrom": "String",
- "blockMsolPowerShell": true,
- "description": "String",
+ "allowUserConsentForRiskyApps": "Boolean",
+ "allowedToSignUpEmailBasedSubscriptions": "Boolean",
+ "allowedToUseSSPR": "Boolean",
+ "blockMsolPowerShell": "Boolean",
"defaultUserRolePermissions": {"@odata.type": "microsoft.graph.defaultUserRolePermissions"},
+ "description": "String",
"displayName": "String",
- "id": "String (identifier)",
- "guestUserRoleId": "Guid"
+ "guestUserRoleId": "Guid",
+ "id": "String (identifier)"
} ```
v1.0 Chatmessage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/chatmessage.md
Represents an individual chat message within a [channel](channel.md) or [chat](c
|[Create subscription for new channel messages](../api/subscription-post-subscriptions.md) | [subscription](subscription.md) | Listen for new, edited, and deleted messages, and reactions to them. | |[Get message in channel](../api/chatmessage-get.md) | [chatMessage](chatmessage.md) | Get a single root message in a channel.| |[Send message in channel](../api/chatmessage-post.md) | [chatMessage](chatmessage.md)| Create a new root message in a channel.|
-|[Update message in channel](../api/chatmessage-update.md)|[chatMessage](chatmessage.md)| Update the **policyViolation** property of a chat message.|
-|[Delete message in channel](../api/chatmessage-softdelete.md)|[chatMessage](chatmessage.md)| Delete the message in a channel.|
-|[Undo the deletion of a message in channel](../api/chatmessage-undoSoftdelete.md)|[chatMessage](chatmessage.md)| Undelete the message in a channel.|
+|[Update message in channel](../api/chatmessage-update.md)|None| Update the **policyViolation** property of a chat message.|
+|[Delete message in channel](../api/chatmessage-softdelete.md)|None| Delete the message in a channel.|
+|[Undo the deletion of a message in channel](../api/chatmessage-undoSoftdelete.md)|None| Undelete the message in a channel.|
|**Channel message replies**| | | |[List replies to message](../api/chatmessage-list-replies.md) | [chatMessage](chatmessage.md) collection| List of all replies to a chat message in channel.| |[Get reply message in channel](../api/chatmessage-get.md) | [chatMessage](chatmessage.md) | Get a single reply message in a channel.|
Represents an individual chat message within a [channel](channel.md) or [chat](c
|lastEditedDateTime|dateTimeOffset|Read only. Timestamp when edits to the chat message were made. Triggers an "Edited" flag in the Teams UI. If no edits are made the value is `null`.| |locale|string|Locale of the chat message set by the client. Always set to `en-us`.| |mentions|[chatMessageMention](chatmessagemention.md) collection| List of entities mentioned in the chat message. Supported entities are: user, bot, team, and channel.|
+|messageHistory|[chatMessageHistoryItem](../resources/chatmessagehistoryitem.md) collection|List of activity history of a message item, including modification time and actions, such as reactionAdded, reactionRemoved, or reaction changes, on the message.
|messageType|chatMessageType|The type of chat message. The possible values are: `message`, `chatEvent`, `typing`, `unknownFutureValue`, `systemEventMessage`. Note that you must use the `Prefer: include-unknown-enum-members` request header to get the following value in this [evolvable enum](/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): `systemEventMessage`.| |policyViolation | [chatMessagePolicyViolation](chatmessagepolicyviolation.md) |Defines the properties of a policy violation set by a data loss prevention (DLP) application.| |reactions| [chatMessageReaction](chatmessagereaction.md) collection | Reactions for this chat message (for example, Like).|
The following is a JSON representation of the resource.
"messageType": "string", "policyViolation": {"@odata.type": "microsoft.graph.chatMessagePolicyViolation"}, "reactions": [{"@odata.type": "microsoft.graph.chatMessageReaction"}],
+ "messageHistory": [
+ {
+ "@odata.type": "microsoft.graph.chatMessageHistoryItem"
+ }
+ ],
"replyToId": "string (identifier)", "subject": "string", "summary": "string",
v1.0 Chatmessagehistoryitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/chatmessagehistoryitem.md
+
+ Title: "chatMessageHistoryItem resource type"
+description: "Represents the edition history of a message in a chat or a channel."
+
+ms.localizationpriority: high
++
+# chatMessageHistoryItem resource type
+
+Namespace: microsoft.graph
+
+Represents activity history information for a message in a chat or a channel.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|actions|chatMessageActions |The modification actions of a message item.The possible values are: `reactionAdded`, `reactionRemoved`, `actionUndefined`, `unknownFutureValue`. |
+|modifiedDateTime|DateTimeOffset |The date and time when the message was modified. |
+|reaction|[chatMessageReaction](../resources/chatmessagereaction.md) |The reaction in the modified message. |
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.chatMessageHistoryItem"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.chatMessageHistoryItem",
+ "modifiedDateTime": "String (timestamp)",
+ "actions": "String",
+ "reaction": {
+ "@odata.type": "microsoft.graph.chatMessageReaction"
+ }
+}
+```
+
v1.0 Communications Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/communications-api-overview.md
This API provides calling functionality as well as the ability to create and ret
One of the following [permissions](/graph/permissions-reference#calls-permissions) is required to access the cloud communications API. These permissions need to be granted by the administrator.
-| Scenario | Permissions |
-|:|:|
-| Call records | CallRecords.Read.All |
-| Calling | Calls.JoinGroupCallsasGuest.All, Calls.JoinGroupCalls.All, Calls.Initiate.All, Calls.InitiateGroupCalls.All, Calls.AccessMedia.All |
-| Meetings | OnlineMeetings.ReadWrite.All, OnlineMeetings.Read.All |
-| Presences | Presence.Read, Presence.Read.All |
+| Scenario | Permissions |
+|:-|:--|
+| Call records | CallRecords.Read.All |
+| Calling | Calls.JoinGroupCallAsGuest.All, Calls.JoinGroupCall.All, Calls.Initiate.All, Calls.InitiateGroupCall.All, Calls.AccessMedia.All |
+| Meetings | OnlineMeetings.ReadWrite.All, OnlineMeetings.Read.All |
+| Presences | Presence.Read, Presence.Read.All |
## Common use cases
v1.0 Conditionalaccessallexternaltenants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/conditionalaccessallexternaltenants.md
+
+ Title: "conditionalAccessAllExternalTenants resource type"
+description: "Represents all external tenants in a policy scope."
+ms.localizationpriority: medium
+++
+# conditionalAccessAllExternalTenants resource type
+
+Namespace: microsoft.graph
+
+Represents all external tenants in a policy scope.
+
+Inherits from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md).
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+| membershipKind |conditionalAccessExternalTenantsMembershipKind | The membership kind. Possible values are: `all`, `enumerated`, `unknownFutureValue`. The `enumerated` member references an [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md) object. Inherited from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md). |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.conditionalAccessAllExternalTenants"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.conditionalAccessAllExternalTenants",
+ "membershipKind": "String"
+}
+```
v1.0 Conditionalaccessenumeratedexternaltenants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/conditionalaccessenumeratedexternaltenants.md
+
+ Title: "conditionalAccessEnumeratedExternalTenants resource type"
+description: "Represents a list of external tenants in a policy scope."
+ms.localizationpriority: medium
+++
+# conditionalAccessEnumeratedExternalTenants resource type
+
+Namespace: microsoft.graph
+
+Represents a list of external tenants in a policy scope.
+
+Inherits from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md).
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+| members | String collection | A collection of tenant IDs that define the scope of a policy targeting conditional access for guests and external users. |
+| membershipKind |conditionalAccessExternalTenantsMembershipKind | The membership kind. Possible values are: `all`, `enumerated`, `unknownFutureValue`. The `enumerated` member references an [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md) object. Inherited from [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md). |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+ "members"
+ ],
+ "@odata.type": "microsoft.graph.conditionalAccessEnumeratedExternalTenants",
+ "baseType": "microsoft.graph.conditionalAccessExternalTenants"
+}-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.conditionalAccessEnumeratedExternalTenants",
+ "members": ["String"],
+ "membershipKind": "String"
+}
+```
v1.0 Conditionalaccessexternaltenants https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/conditionalaccessexternaltenants.md
+
+ Title: "conditionalAccessExternalTenants resource type"
+description: "An abstract type that represents external tenants in a policy scope."
+ms.localizationpriority: medium
+++
+# conditionalAccessExternalTenants resource type
+
+Namespace: microsoft.graph
+
+An abstract type that represents external tenants in a policy scope.
+
+Base type of [conditionalAccessAllExternalTenants](../resources/conditionalaccessallexternaltenants.md) and [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md).
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+| membershipKind |conditionalAccessExternalTenantsMembershipKind | The membership kind. Possible values are: `all`, `enumerated`, `unknownFutureValue`. The `enumerated` member references an [conditionalAccessEnumeratedExternalTenants](conditionalaccessenumeratedexternaltenants.md) object.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.conditionalAccessExternalTenants"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.conditionalAccessExternalTenants",
+ "membershipKind": "String"
+}
+```
v1.0 Conditionalaccessguestsorexternalusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/conditionalaccessguestsorexternalusers.md
+
+ Title: "conditionalAccessGuestsOrExternalUsers resource type"
+description: "Represents internal guests and external users in a policy scope."
+ms.localizationpriority: medium
+++
+# conditionalAccessGuestsOrExternalUsers resource type
+
+Namespace: microsoft.graph
+
+Represents internal guests and external users in a policy scope.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+| externalTenants | [conditionalAccessExternalTenants](conditionalaccessexternaltenants.md) | The tenant IDs of the selected types of external users. Either all B2B tenant or a collection of tenant IDs. External tenants can be specified only when the property **guestOrExternalUserTypes** is not `null` or an empty String. |
+| guestOrExternalUserTypes | conditionalAccessGuestOrExternalUserTypes | Indicates internal guests or external user types. This is a multi-valued property. Possible values are: `none`, `internalGuest`, `b2bCollaborationGuest`, `b2bCollaborationMember`, `b2bDirectConnectUser`, `otherExternalUser`, `serviceProvider`, `unknownFutureValue`. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.conditionalAccessGuestsOrExternalUsers"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.conditionalAccessGuestsOrExternalUsers",
+ "externalTenants": {
+ "@odata.type": "microsoft.graph.conditionalAccessExternalTenants"
+ },
+ "guestOrExternalUserTypes": "String"
+}
+```
v1.0 Conditionalaccessusers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/conditionalaccessusers.md
Represents users, groups, and roles included in and excluded from the policy sco
| Property | Type | Description | |:-|:|:| | excludeGroups | String collection | Group IDs excluded from scope of policy. |
+| excludeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users excluded from the policy scope. Optionally populated. |
| excludeRoles | String collection | Role IDs excluded from scope of policy. | | excludeUsers | String collection | User IDs excluded from scope of policy and/or `GuestsOrExternalUsers`. | | includeGroups | String collection | Group IDs in scope of policy unless explicitly excluded. |
+| includeGuestsOrExternalUsers | [conditionalAccessGuestsOrExternalUsers](conditionalaccessguestsorexternalusers.md) | Internal guests or external users included in the policy scope. Optionally populated. |
| includeRoles | String collection | Role IDs in scope of policy unless explicitly excluded. | | includeUsers | String collection | User IDs in scope of policy unless explicitly excluded, `None`, `All`, or `GuestsOrExternalUsers`. |
The following is a JSON representation of the resource.
"optionalProperties": [ "includeUsers", "excludeUsers",
+ "includeGuestsOrExternalUsers",
+ "excludeGuestsOrExternalUsers",
"includeGroups", "excludeGroups", "includeRoles",
The following is a JSON representation of the resource.
```json { "excludeGroups": ["String"],
+ "excludeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"},
"excludeRoles": ["String"], "excludeUsers": ["String"], "includeGroups": ["String"],
+ "includeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"},
"includeRoles": ["String"],
- "includeUsers": ["String"]
+ "includeUsers": ["String"]
} ```
v1.0 Crosstenantaccesspolicy Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/crosstenantaccesspolicy-overview.md
doc_type: resourcePageType
Namespace: microsoft.graph
-In the traditional Azure AD B2B collaboration, any invited user from an organization could use their identity to access resources in external organizations. Administrators didn't have control over the user identities in their tenant that are allowed to sign in to external organizations. These limited controls made it difficult to prevent identities from your organization from being used in unauthorized ways.
+In the traditional Azure AD (Azure Active Directory) B2B collaboration, any invited user from an organization could use their identity to access resources in external organizations. Administrators didn't have control over the user identities in their tenant that are allowed to sign in to external organizations. These limited controls made it difficult to prevent identities from your organization from being used in unauthorized ways.
**Cross-tenant access settings** let you control and manage collaboration between users in your organization and other organizations. The control can be on either **outbound access** (how your users collaborate with other organizations), **inbound access** (how other organizations collaborate with you), or both.
For example, when you configure your trust settings to trust MFA, your MFA polic
Inbound trust settings also enable you to trust devices that are compliant, or hybrid Azure AD joined in their home directories. With inbound trust settings in cross-tenant access settings, you can now protect access to your apps and resources by requiring that external users use compliant, or hybrid Azure AD joined devices.
+## Inbound cross-tenant sync in cross-tenant access settings
+
+You can enable cross-tenant synchronization to synchronize users from a partner tenant. Cross-tenant synchronization is a one-way synchronization service in Azure AD that automates the creation, update, and deletion of B2B collaboration users across tenants in an organization. You create a user synchronization policy to streamline collaboration between users in multi-tenant organizations. Partner user synchronization settings are defined using the [crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md) resource type.
+ ## Collaborate with organizations using Azure Active Directory in different Microsoft clouds Cross-tenant access settings is used to enable collaboration with Azure AD organizations in separate Microsoft clouds. The `allowedCloudEndpoints` property enables you to specify which Microsoft clouds you'd like to extend your collaboration to. B2B collaboration is supported between the following Microsoft clouds:
v1.0 Crosstenantaccesspolicyconfigurationdefault https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/crosstenantaccesspolicyconfigurationdefault.md
The default configuration defined for inbound and outbound settings of Azure AD
|Property|Type|Description| |:|:|:|
+| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the default configuration for automatic user consent settings. The **inboundAllowed** and **outboundAllowed** properties are always `false` and cannot be updated in the default configuration. Read-only. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) |Defines your default configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) |Defines your default configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound |[crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users from other organizations accessing your resources via Azure AD B2B direct connect. |
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.crossTenantAccessPolicyConfigurationDefault",
- "b2bCollaborationInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bCollaborationOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "inboundTrust": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"
- },
+ "automaticUserConsentSettings": {"@odata.type": "microsoft.graph.inboundOutboundPolicyConfiguration"},
+ "b2bCollaborationInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bCollaborationOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "inboundTrust": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"},
"isServiceDefault": "Boolean" } ```
v1.0 Crosstenantaccesspolicyconfigurationpartner https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/crosstenantaccesspolicyconfigurationpartner.md
For any partner-specific property that is `null`, these settings will inherit th
|Property|Type|Description| |:|:|:|
+| automaticUserConsentSettings | [inboundOutboundPolicyConfiguration](../resources/inboundoutboundpolicyconfiguration.md) | Determines the partner-specific configuration for automatic user consent settings. Unless specifically configured, the **inboundAllowed** and **outboundAllowed** properties are `null` and inherit from the default settings, which is always `false`. |
| b2bCollaborationInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B collaboration. | | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration. | | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure B2B direct connect. |
For any partner-specific property that is `null`, these settings will inherit th
## Relationships
-None.
+|Relationship|Type|Description|
+|:|:|:|
+|identitySynchronization|[crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md)|Defines the cross-tenant policy for the synchronization of users from a partner tenant. Use this user synchronization policy to streamline collaboration between users in a multi-tenant organization by automating the creation, update, and deletion of users from one tenant to another.|
## JSON representation
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.crossTenantAccessPolicyConfigurationPartner",
- "b2bCollaborationInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bCollaborationOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectInbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "b2bDirectConnectOutbound": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"
- },
- "inboundTrust": {
- "@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"
- },
+ "automaticUserConsentSettings": {"@odata.type": "microsoft.graph.inboundOutboundPolicyConfiguration"},
+ "b2bCollaborationInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bCollaborationOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectInbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "b2bDirectConnectOutbound": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyB2BSetting"},
+ "inboundTrust": {"@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust"},
"isServiceProvider": "Boolean", "tenantId": "String (identifier)" }
v1.0 Crosstenantidentitysyncpolicypartner https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/crosstenantidentitysyncpolicypartner.md
+
+ Title: "crossTenantIdentitySyncPolicyPartner resource type"
+description: "Defines the cross-tenant policy for synchronization of users from a partner tenant."
+
+ms.localizationpriority: medium
++
+# crossTenantIdentitySyncPolicyPartner resource type
+
+Namespace: microsoft.graph
+
+Defines the cross-tenant policy for synchronization of users from a partner tenant. Use this user synchronization policy to streamline collaboration between users in a multi-tenant organization by automating the creation, update, and deletion of users from one tenant to another.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[Create crossTenantIdentitySyncPolicyPartner](../api/crosstenantaccesspolicyconfigurationpartner-put-identitysynchronization.md)|None|Create a cross-tenant user synchronization policy for a partner-specific configuration.|
+|[Get crossTenantIdentitySyncPolicyPartner](../api/crosstenantidentitysyncpolicypartner-get.md)|[crossTenantIdentitySyncPolicyPartner](../resources/crosstenantidentitysyncpolicypartner.md)|Get the user synchronization policy of a partner-specific configuration.|
+|[Update crossTenantIdentitySyncPolicyPartner](../api/crosstenantidentitysyncpolicypartner-update.md)|None|Update the user synchronization policy of a partner-specific configuration.|
+|[Delete crossTenantIdentitySyncPolicyPartner](../api/crosstenantidentitysyncpolicypartner-delete.md)|None|Delete the user synchronization policy for a partner-specific configuration.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Display name for the cross-tenant user synchronization policy. Use the name of the partner Azure AD (Azure Active Directory) tenant to easily identify the policy. Optional.|
+|tenantId|String|Tenant identifier for the partner Azure AD organization. Read-only.|
+|userSyncInbound|[crossTenantUserSyncInbound](../resources/crosstenantusersyncinbound.md)|Defines whether users can be synchronized from the partner tenant. Key. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "tenantId",
+ "@odata.type": "microsoft.graph.crossTenantIdentitySyncPolicyPartner",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.crossTenantIdentitySyncPolicyPartner",
+ "displayName": "String",
+ "tenantId": "String (identifier)",
+ "userSyncInbound": {
+ "@odata.type": "microsoft.graph.crossTenantUserSyncInbound"
+ }
+}
+```
v1.0 Crosstenantusersyncinbound https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/crosstenantusersyncinbound.md
+
+ Title: "crossTenantUserSyncInbound resource type"
+description: "Defines whether users can be synchronized from the partner tenant."
+
+ms.localizationpriority: medium
++
+# crossTenantUserSyncInbound resource type
+
+Namespace: microsoft.graph
+
+Defines whether users can be synchronized from the partner tenant.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|isSyncAllowed|Boolean|Defines whether user objects should be synchronized from the partner tenant. `false` causes any current user synchronization from the source tenant to the target tenant to stop. This property has no impact on existing users who have already been synchronized.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.crossTenantUserSyncInbound"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.crossTenantUserSyncInbound",
+ "isSyncAllowed": "Boolean"
+}
+```
v1.0 Defaultuserrolepermissions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/defaultuserrolepermissions.md
Contains certain customizable permissions of default user role in Azure Active D
| Property | Type | Description | |:-- |:- |:-- | | allowedToCreateApps | Boolean | Indicates whether the default user role can create applications. |
-| allowedToCreateSecurityGroups | Boolean | Indicates whether the default user role can create security groups. |
+| allowedToCreateSecurityGroups | Boolean | Indicates whether the default user role can create security groups. This setting corresponds to the _The Users can create security groups in Azure portals, API or PowerShell_ setting in the [group settings menu in the Azure portal](/azure/active-directory/enterprise-users/groups-self-service-management). |
| allowedToReadBitlockerKeysForOwnedDevice | Boolean | Indicates whether the registered owners of a device can read their own BitLocker recovery keys with default user role. | | allowedToReadOtherUsers | Boolean | Indicates whether the default user role can read other users. |
+| allowedToCreateTenants | Boolean | Indicates whether the default user role can create tenants. |
|permissionGrantPoliciesAssigned|String collection|Indicates if user consent to apps is allowed, and if it is, which permission to grant consent and which app consent policy (permissionGrantPolicy) govern the permission for users to grant consent. Value should be in the format `managePermissionGrantsForSelf.{id}`, where `{id}` is the **id** of a built-in or custom [app consent policy](/azure/active-directory/manage-apps/manage-app-consent-policies). An empty list indicates user consent to apps is disabled. | ## Relationships
The following is a JSON representation of the resource.
"allowedToCreateSecurityGroups": true, "allowedToReadBitlockerKeysForOwnedDevice": true, "allowedToReadOtherUsers": true,
+ "allowedToCreateTenants": true,
"permissionGrantPoliciesAssigned": ["String"] } ```
v1.0 Delegatedadminrelationship https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/delegatedadminrelationship.md
Represents a delegated admin relationship between a partner and customer.
## Properties |Property|Type|Description| |:|:|:|
-|accessDetails|[delegatedAdminAccessDetails](../resources/delegatedadminaccessdetails.md)|The access details containing the identifiers of the administrative roles that the partner admin is requesting in the customer tenant.|
+|accessDetails|[delegatedAdminAccessDetails](../resources/delegatedadminaccessdetails.md)|The access details that contain the identifiers of the administrative roles that the partner admin is requesting in the customer tenant.|
|activatedDateTime|DateTimeOffset|The date and time in ISO 8601 format and in UTC time when the relationship became active. Read-only.| |createdDateTime|DateTimeOffset|The date and time in ISO 8601 format and in UTC time when the relationship was created. Read-only.| |customer|[delegatedAdminRelationshipCustomerParticipant](../resources/delegatedadminrelationshipcustomerparticipant.md)|The display name and unique identifier of the customer of the relationship. This is configured either by the partner at the time the relationship is created or by the system after the customer approves the relationship. Cannot be changed by the customer.|
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.delegatedAdminRelationship",
- "id": "String (identifier)",
+ "accessDetails": {"@odata.type": "microsoft.graph.delegatedAdminAccessDetails"},
+ "activatedDateTime": "String (timestamp)",
+ "createdDateTime": "String (timestamp)",
+ "customer": {"@odata.type": "microsoft.graph.delegatedAdminRelationshipCustomerParticipant"},
"displayName": "String", "duration": "String",
- "customer": {
- "@odata.type": "microsoft.graph.delegatedAdminRelationshipCustomerParticipant"
- },
- "accessDetails": {
- "@odata.type": "microsoft.graph.delegatedAdminAccessDetails"
- },
- "status": "String",
- "createdDateTime": "String (timestamp)",
+ "endDateTime": "String (timestamp)",
+ "id": "String (identifier)",
"lastModifiedDateTime": "String (timestamp)",
- "activatedDateTime": "String (timestamp)",
- "endDateTime": "String (timestamp)"
+ "status": "String"
} ```-
v1.0 Device https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/device.md
This resource is an open type that allows other properties to be passed in. You
|alternativeSecurityIds|[alternativeSecurityId](alternativeSecurityId.md) collection| For internal use only. Not nullable. Supports `$filter` (`eq`, `not`, `ge`, `le`).| |approximateLastSignInDateTime|DateTimeOffset| The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, and `eq` on `null` values) and `$orderBy`. | |complianceExpirationDateTime|DateTimeOffset| The timestamp when the device is no longer deemed compliant. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. |
+|deviceCategory|String|User-defined property set by Intune to automatically add devices to groups and simplify managing devices.|
|deviceId|String| Unique identifier set by Azure Device Registration Service at the time of registration. This is an alternate key that can be used to reference the device object. Supports `$filter` (`eq`, `ne`, `not`, `startsWith`).| |deviceMetadata|String| For internal use only. Set to `null`. |
+|deviceOwnership|String|Ownership of the device. This property is set by Intune. Possible values are: `unknown`, `company`, `personal`.|
|deviceVersion|Int32| For internal use only. | |displayName|String|The display name for the device. Required. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values), `$search`, and `$orderBy`. |
+|enrollmentProfileName|String|Enrollment profile applied to the device. For example, `Apple Device Enrollment Profile`, `Device enrollment - Corporate device identifiers`, or `Windows Autopilot profile name`. This property is set by Intune.|
| extensionAttributes | [onPremisesExtensionAttributes](onpremisesextensionattributes.md) | Contains extension attributes 1-15 for the device. The individual extension attributes are not selectable. These properties are mastered in cloud and can be set during creation or update of a device object in Azure AD. <br><br>Supports `$filter` (`eq`, `not`, `startsWith`, and `eq` on `null` values). | |id|String|The unique identifier for the device. Inherited from [directoryObject](directoryobject.md). Key, Not nullable. Read-only. Supports `$filter` (`eq`, `ne`, `not`, `in`). | |isCompliant|Boolean|`true` if the device complies with Mobile Device Management (MDM) policies; otherwise, `false`. Read-only. This can only be updated by Intune for any device OS type or by an [approved MDM app](/windows/client-management/mdm/azure-active-directory-integration-with-mdm) for Windows OS devices. Supports `$filter` (`eq`, `ne`, `not`).|
This resource is an open type that allows other properties to be passed in. You
|operatingSystemVersion|String|The version of the operating system on the device. Required. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `startsWith`, and `eq` on `null` values). | |physicalIds|String collection| For internal use only. Not nullable. Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`,`/$count eq 0`, `/$count ne 0`). | |profileType|deviceProfileType|The profile type of the device. Possible values: `RegisteredDevice` (default), `SecureVM`, `Printer`, `Shared`, `IoT`.|
+|registrationDateTime|DateTimeOffset|Date and time of when the device was registered. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
|systemLabels|String collection| List of labels applied to the device by the system. Supports `$filter` (`/$count eq 0`, `/$count ne 0`). | |trustType|String| Type of trust for the joined device. Read-only. Possible values: `Workplace` (indicates *bring your own personal devices*), `AzureAd` (Cloud only joined devices), `ServerAd` (on-premises domain joined devices joined to Azure AD). For more details, see [Introduction to device management in Azure Active Directory](/azure/active-directory/device-management-introduction) |
Here is a JSON representation of the resource
"alternativeSecurityIds": [{"@odata.type": "microsoft.graph.alternativeSecurityId"}], "approximateLastSignInDateTime": "String (timestamp)", "complianceExpirationDateTime": "String (timestamp)",
+ "deviceCategory": "string",
"deviceId": "string", "deviceMetadata": "string",
+ "deviceOwnership": "string",
"deviceVersion": 1024, "displayName": "string",
+ "enrollmentProfileName": "string",
"extensionAttributes": {"@odata.type": "microsoft.graph.onPremisesExtensionAttributes"}, "id": "string (identifier)", "isCompliant": true,
Here is a JSON representation of the resource
"operatingSystemVersion": "string", "physicalIds": ["string"], "profileType": "string",
+ "registrationDateTime": "String (timestamp)",
"systemLabels": ["string"], "trustType": "string" }
v1.0 Enums Externalconnectors https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/enums-externalconnectors.md
Namespace: microsoft.graph.externalConnectors
| externalGroup | unknownFutureValue - ### connectionOperationStatus values | Member
Namespace: microsoft.graph.externalConnectors
| limitExceeded | unknownFutureValue
+### externalActivityType values
+
+| Member |
+|:-|
+| viewed |
+| modified |
+| created |
+| commented |
+| unknownFutureValue |
+ ### externalItemContentType values | Member
Namespace: microsoft.graph.externalConnectors
| dateTimeCollection | unknownFutureValue
+### ruleOperation values
+
+|Member|
+|:|
+|null|
+|equals|
+|notEquals|
+|contains|
+|notContains|
+|lessThan|
+|greaterThan|
+|startsWith|
+|unknownFutureValue|
+ <!-- { "type": "#page.annotation",
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/enums.md
doc_type: enumPageType
Namespace: microsoft.graph
+### binaryOperator values
+
+|Member|
+|:|
+|or|
+|and|
+
+### conditionalAccessExternalTenantsMembershipKind values
+
+| Member |
+|:-|
+| all |
+| enumerated |
+| unknownFutureValue |
+
+### conditionalAccessGuestOrExternalUserTypes values
+
+| Member |
+|:--|
+| none |
+| internalGuest |
+| b2bCollaborationGuest |
+| b2bCollaborationMember |
+| b2bDirectConnectUser |
+| otherExternalUser |
+| serviceProvider |
+| unknownFutureValue |
+ ### appCredentialRestrictionType values | Member |
Possible values for user account types (group membership), per Windows definitio
|published| |pending| |unknownFutureValue|+
+### chatMessageActions values
+
+|Member|
+|:|
+|reactionAdded|
+|reactionRemoved|
+|actionUndefined|
+|unknownFutureValue|
v1.0 Externalconnectors Activitysettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-activitysettings.md
+
+ Title: "activitySettings resource type"
+description: "Collects configurable settings related to activities involving connector content."
+
+ms.localizationpriority: medium
++
+# activitySettings resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Collects configurable settings related to activities involving connector content.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|urlToItemResolvers|[microsoft.graph.externalConnectors.urlToItemResolverBase](../resources/externalconnectors-urltoitemresolverbase.md) collection|Specifies configurations to identify an **externalItem** based on a shared URL.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.activitySettings"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.externalConnectors.activitySettings",
+ "urlToItemResolvers": [
+ {
+ "@odata.type": "microsoft.graph.externalConnectors.urlToItemResolverBase"
+ }
+ ]
+}
+```
v1.0 Externalconnectors Displaytemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-displaytemplate.md
+
+ Title: "displayTemplate resource type"
+description: "Defines the appearance of the content and the conditions that dictate when the template should be displayed."
+
+ms.localizationpriority: normal
++
+# displayTemplate resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Defines the appearance of the content and the conditions that dictate when the template should be displayed.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|The text identifier for the display template; for example, `contosoTickets`. Maximum 16 characters. Only alphanumeric characters allowed. |
+|layout|[microsoft.graph.Json](../resources/intune-mam-json.md)|The definition of the content's appearance, represented by an [Adaptive Card](/adaptive-cards/authoring-cards/getting-started), which is a JSON-serialized card object model.|
+|priority|Int32|Defines the priority of a display template. A display template with priority 1 is evaluated before a template with priority 4. Gaps in priority values are supported. Must be positive value.|
+|rules|[microsoft.graph.externalConnectors.propertyRule](../resources/externalconnectors-propertyrule.md) collection|Specifies additional rules for selecting this display template based on the item schema. Optional.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.displayTemplate"
+}
+-->
+``` json
+ {
+ "id": "String",
+ "layout": {"type": "AdaptiveCard","version": "1.0","body": [{"type": "TextBlock","text": "String"}]},
+ "priority": 0,
+ "rules": [
+ {
+ "property": "String",
+ "operation": "String",
+ "valuesJoinedBy": "String",
+ "values": [
+ "String",
+ "String"
+ ]
+ }
+ ]
+ }
+```
v1.0 Externalconnectors Externalactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-externalactivity.md
+
+ Title: "externalActivity resource type"
+description: "Represents a record of a user interaction with an externalItem object."
+
+ms.localizationpriority: medium
++
+# externalActivity resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Represents a record of a user interaction with an [externalItem](externalconnectors-externalitem.md) object.
+
+Base type of [externalActivityResult](../resources/externalconnectors-externalactivityresult.md).
+
+## Methods
+
+None.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|startDateTime|DateTimeOffset|The date and time when the particular activity occurred. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|type|microsoft.graph.externalConnectors.externalActivityType|The type of activity performed. The possible values are: `viewed`, `modified`, `created`, `commented`, `unknownFutureValue`.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|performedBy|[microsoft.graph.externalConnectors.identity](../resources/externalconnectors-identity.md)|Represents an identity used to identify who is responsible for the activity.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.externalActivity"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.externalConnectors.externalActivity",
+ "startDateTime": "String (timestamp)",
+ "type": "String"
+}
+```
v1.0 Externalconnectors Externalactivityresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-externalactivityresult.md
+
+ Title: "externalActivityResult resource type"
+description: "Represents the result of processing an externalActivity."
+
+ms.localizationpriority: medium
++
+# externalActivityResult resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Represents the result of processing an [externalActivity](../resources/externalconnectors-externalactivity.md). A `null` **error** property in the response object indicates a successful request.
+
+Inherits from [externalActivity](../resources/externalconnectors-externalactivity.md).
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|error|[microsoft.graph.publicError](../resources/publicerror.md)|Error information that explains the failure to process an external activity.|
+|startDateTime|DateTimeOffset|The date and time when the particular activity occurred. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
+|type|microsoft.graph.externalConnectors.externalActivityType|The type of activity performed. The possible values are: `viewed`, `modified`, `created`, `commented`, `unknownFutureValue`. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|performedBy|[microsoft.graph.externalConnectors.identity](../resources/externalconnectors-identity.md)|Represents an identity used to identify who is responsible for the activity. Inherited from [externalActivity](../resources/externalconnectors-externalactivity.md).|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.externalActivityResult",
+ "baseType": "microsoft.graph.externalConnectors.externalActivity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.externalConnectors.externalActivityResult",
+ "error": {
+ "@odata.type": "microsoft.graph.publicError"
+ },
+ "startDateTime": "String (timestamp)",
+ "type": "String"
+}
+```
v1.0 Externalconnectors Externalconnection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-externalconnection.md
A logical container to add content from an external source into Microsoft Graph.
## Properties |Property|Type|Description| |:|:|:|
-|configuration|[microsoft.graph.externalConnectors.configuration](../resources/externalconnectors-configuration.md)|Specifies additional application IDs that are allowed to manage the connection and to index content in the connection. Optional.|
-|description|String|Description of the connection displayed in the Microsoft 365 admin center. Optional.|
-|id|String| Developer-provided unique ID of the connection within the Azure Active Directory tenant. Must be between 3 and 32 characters in length. Must only contain alphanumeric characters. Cannot begin with `Microsoft` or be one of the following values: `None`, `Directory`, `Exchange`, `ExchangeArchive`, `LinkedIn`, `Mailbox`, `OneDriveBusiness`, `SharePoint`, `Teams`, `Yammer`, `Connectors`, `TaskFabric`, `PowerBI`, `Assistant`, `TopicEngine`, `MSFT_All_Connectors`. Required. |
-|name|String|The display name of the connection to be displayed in the Microsoft 365 admin center. Maximum length of 128 characters. Required.|
-|state|microsoft.graph.externalConnectors.connectionState|Indicates the current state of the connection. Possible values are: `draft`, `ready`, `obsolete`, `limitExceeded`, `unknownFutureValue`.|
+| activitySettings |[microsoft.graph.externalConnectors.activitySettings](../resources/externalconnectors-activitysettings.md)| Collects configurable settings related to activities involving connector content.|
+| configuration |[microsoft.graph.externalConnectors.configuration](../resources/externalconnectors-configuration.md)|Specifies additional application IDs that are allowed to manage the connection and to index content in the connection. Optional.|
+| description |String|Description of the connection displayed in the Microsoft 365 admin center. Optional.|
+| id |String| Developer-provided unique ID of the connection within the Azure Active Directory tenant. Must be between 3 and 32 characters in length. Must only contain alphanumeric characters. Cannot begin with `Microsoft` or be one of the following values: `None`, `Directory`, `Exchange`, `ExchangeArchive`, `LinkedIn`, `Mailbox`, `OneDriveBusiness`, `SharePoint`, `Teams`, `Yammer`, `Connectors`, `TaskFabric`, `PowerBI`, `Assistant`, `TopicEngine`, `MSFT_All_Connectors`. Required. |
+| name |String|The display name of the connection to be displayed in the Microsoft 365 admin center. Maximum length of 128 characters. Required.|
+| searchSettings |[microsoft.graph.externalConnectors.searchSettings](../resources/externalconnectors-searchsettings.md)|The settings configuring the search experience for content in this connection, such as the display templates for search results.|
+| state |microsoft.graph.externalConnectors.connectionState|Indicates the current state of the connection. Possible values are: `draft`, `ready`, `obsolete`, `limitExceeded`, `unknownFutureValue`.|
## Relationships |Relationship|Type|Description|
The following is a JSON representation of the resource.
--> ``` json {
+ "activitySettings": {
+ "@odata.type": "microsoft.graph.externalConnectors.activitySettings"
+ },
"description": "String", "id": "String (identifier)", "name": "String",
+ "searchSettings": {
+ "@odata.type": "microsoft.graph.externalConnectors.searchSettings"
+ },
"state": "String"
+
} ```
v1.0 Externalconnectors Externalitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-externalitem.md
An item added to a Microsoft Graph [connection](externalconnectors-externalconne
## Methods |Method|Return type|Description| |:|:|:|
-|[Create externalItem](../api/externalconnectors-externalitem-create.md)|[externalItem](../resources/externalconnectors-externalitem.md)|Create a new [externalItem](../resources/externalconnectors-externalitem.md) object.|
-|[Get externalItem](../api/externalconnectors-externalitem-get.md)|[externalItem](../resources/externalconnectors-externalitem.md)|Read the properties and relationships of an [externalItem](../resources/externalconnectors-externalitem.md) object.|
-|[Update externalItem](../api/externalconnectors-externalitem-update.md)|[externalItem](../resources/externalconnectors-externalitem.md)|Update the properties of an [externalItem](../resources/externalconnectors-externalitem.md) object.|
-|[Delete externalItem](../api/externalconnectors-externalitem-delete.md)|None|Deletes an [externalItem](../resources/externalconnectors-externalitem.md) object.|
+| [Create externalItem](../api/externalconnectors-externalitem-create.md) | [externalItem](../resources/externalconnectors-externalitem.md) | Create a new [externalItem](../resources/externalconnectors-externalitem.md) object.|
+| [Get externalItem](../api/externalconnectors-externalitem-get.md) | [externalItem](../resources/externalconnectors-externalitem.md)|Read the properties and relationships of an [externalItem](../resources/externalconnectors-externalitem.md) object.|
+| [Update externalItem](../api/externalconnectors-externalitem-update.md) | [externalItem](../resources/externalconnectors-externalitem.md)|Update the properties of an [externalItem](../resources/externalconnectors-externalitem.md) object.|
+| [Delete externalItem](../api/externalconnectors-externalitem-delete.md) | None |Delete an [externalItem](../resources/externalconnectors-externalitem.md) object.|
+| [Add activities](../api/externalconnectors-externalitem-addactivities.md) | [microsoft.graph.externalConnectors.externalActivityResult](../resources/externalconnectors-externalactivity.md) collection | Append additional instances of [externalActivity](../resources/externalconnectors-externalactivity.md) objects on an **externalItem**.|
## Properties |Property|Type|Description|
An item added to a Microsoft Graph [connection](externalconnectors-externalconne
|properties|[microsoft.graph.externalConnectors.properties](../resources/externalconnectors-properties.md)|A property bag with the properties of the item. The properties MUST conform to the [schema](externalconnectors-schema.md) defined for the [externalConnection](externalconnectors-externalconnection.md). Required.| ## Relationships
-None.
+
+| Relationship | Type | Description |
+|:-|:|:|
+| activities | [microsoft.graph.externalConnectors.externalActivity](externalconnectors-externalactivity.md) collection | Returns a list of activities performed on the item. Write-only. |
## JSON representation The following is a JSON representation of the resource.
v1.0 Externalconnectors Itemidresolver https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-itemidresolver.md
+
+ Title: "itemIdResolver resource type"
+description: Defines the rules for resolving a given URL to a connector item's ID."
+
+ms.localizationpriority: medium
++
+# itemIdResolver resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Defines the rules for resolving a URL to the ID of an [externalItem](externalconnectors-externalitem.md).
+
+Inherits from [urlToItemResolverBase](../resources/externalconnectors-urltoitemresolverbase.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|itemId|String|Pattern that specifies how to form the ID of the external item that the URL represents. The named groups from the regular expression in **urlPattern** within the [urlMatchInfo](../resources/externalconnectors-urlmatchinfo.md) can be referenced by inserting the group name inside curly brackets.|
+|priority|Int32|Priority of each urlToItemResolverBase instance. Inherited from [urlToItemResolverBase](../resources/externalconnectors-urltoitemresolverbase.md).|
+|urlMatchInfo|[microsoft.graph.externalConnectors.urlMatchInfo](../resources/externalconnectors-urlmatchinfo.md)|Configurations to match and resolve URL.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.itemIdResolver"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.externalConnectors.itemIdResolver",
+ "itemId": "String",
+ "priority": "Integer",
+ "urlMatchInfo": {
+ "@odata.type": "microsoft.graph.externalConnectors.urlMatchInfo"
+ }
+}
+```
v1.0 Externalconnectors Propertyrule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-propertyrule.md
+
+ Title: "propertyRule resource type"
+description: "Defines the set of conditions to display a displayTemplate"
+
+ms.localizationpriority: normal
++
+# propertyRule resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Defines the set of conditions to display a [displayTemplate](../resources/externalconnectors-displaytemplate.md). Rules use the format: (property from the item schema) + (operation) + (value). For example, a **propertyRule** can specify that "itemTitle" "contains" "contoso". Therefore, the **displayTemplate** will not be displayed unless itemTitle contains the value "contoso".
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|operation|microsoft.graph.externalConnectors.ruleOperation|Specifies the operations to be performed during evaluation of a single **propertyRule**, where `property` and a string from the `values` collection are the respective operands. Possible values are: `null`, `equals`, `notEquals`, `contains`, `notContains`, `lessThan`, `greaterThan`, `startsWith`. Required.|
+|property|String|The property from the [externalItem](../resources/externalconnectors-externalitem.md) schema. Required.|
+|values|String collection|A collection with one or many strings. The specified string(s) will be matched with the specified property using the specified operation. Required.|
+|valuesJoinedBy|binaryOperator|The join operator for evaluating multiple **propertyRules**. For example, if `and` is specified, then all **propertyRules** must be true for the **propertyRule** to be true. Possible values are: `or`, `and`. Required.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.propertyRule"
+}
+-->
+``` json
+{
+ "operation": "String",
+ "property": "String",
+ "values": [
+ "String"
+ ],
+ "valuesJoinedBy": "String"
+}
+```
+
v1.0 Externalconnectors Searchsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-searchsettings.md
+
+ Title: "searchSettings resource type"
+description: "Collects all configurable settings related to search over connector content."
+
+ms.localizationpriority: normal
++
+# searchSettings resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Collects all configurable settings related to search over connector content.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|searchResultTemplates|[microsoft.graph.externalConnectors.displayTemplate](../resources/externalconnectors-displaytemplate.md) collection|Enables the developer to define the appearance of the content and configure conditions that dictate when the template should be displayed. Maximum of 2 search result templates per connection.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.searchSettings"
+}
+-->
+``` json
+{
+ "searchResultTemplates": [
+ {
+ "id": "String (identifier)",
+ "rules": [
+ {
+ "property": "itemTitle",
+ "operation": "contains",
+ "valuesJoinedBy": "or",
+ "values": [
+ "contoso",
+ "smart"
+ ]
+ }
+ ],
+ "layout": {"type": "AdaptiveCard","version": "1.0","body": [{"type": "TextBlock","text": "A contoso ticket."}]},
+ "priority": 0
+ },
+ {
+ "id": "String (identifier)",
+ "rules": [
+ {
+ "property": "itemDescription",
+ "operation": "contains",
+ "valuesJoinedBy": "and",
+ "values": [
+ "contoso",
+ "ticket"
+ ]
+ }
+ ],
+ "layout": {"type": "AdaptiveCard","version": "1.0","body": [{"type": "TextBlock","text": "A contoso ticket."}]},
+ "priority": 1
+ }
+ ]
+}
+```
+
v1.0 Externalconnectors Urlmatchinfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-urlmatchinfo.md
+
+ Title: "urlMatchInfo resource type"
+description: Collects the settings for the pattern that a URL must follow to be processed by an instance of urlToItemResolverBase.
+
+ms.localizationpriority: medium
++
+# urlMatchInfo resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Collects the settings for the pattern that a URL must follow to be processed by an instance of [urlToItemResolverBase](../resources/externalconnectors-urltoitemresolverbase.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|baseUrls|String collection|A list of the URL prefixes that must match URLs to be processed by this URL-to-item-resolver.|
+|urlPattern|String|A regular expression that will be matched towards the URL that is processed by this URL-to-item-resolver. The ECMAScript specification for regular expressions (ECMA-262) is used for the evaluation. The named groups defined by the regular expression will be used later to extract values from the URL.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.urlMatchInfo"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.externalConnectors.urlMatchInfo",
+ "baseUrls": [
+ "String"
+ ],
+ "urlPattern": "String"
+}
+```
v1.0 Externalconnectors Urltoitemresolverbase https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/externalconnectors-urltoitemresolverbase.md
+
+ Title: "urlToItemResolverBase resource type"
+description: "Defines the rules for resolving a given URL to a connector item."
+
+ms.localizationpriority: medium
++
+# urlToItemResolverBase resource type
+
+Namespace: microsoft.graph.externalConnectors
+
+Defines the rules for resolving a URL to the ID of an [externalItem](externalconnectors-externalitem.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|priority|Int32|The priority which defines the sequence in which the urlToItemResolverBase instances are evaluated. |
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.externalConnectors.urlToItemResolverBase"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.externalConnectors.urlToItemResolverBase",
+ "priority": "Integer"
+}
+```
+
+## See also
+
+Types that inherit from the [urlToItemResolverBase](externalconnectors-urlToItemResolverBase.md) abstract base type.
+- [itemIdResolver](externalconnectors-itemidresolver.md)
v1.0 Group https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/group.md
This resource supports:
| Value | Description | | : | -- | | Public | Anyone can join the group without needing owner permission.<br>Anyone can view the attributes of the group.<br>Anyone can see the members of the group. |
-| Private | Owner permission is needed to join the group.<br>Non-members cannot view the attributes of the group.<br>Anyone can see the members of the group. |
-| HiddenMembership | Owner permission is needed to join the group.<br>Non-members cannot view the attributes of the group.<br>Non-members cannot see the members of the group.<br>Administrators (global, company, user, and helpdesk) can view the membership of the group.<br>The group appears in the global address book (GAL). |
+| Private | Owner permission is needed to join the group.<br>Anyone can view the attributes of the group.<br>Anyone can see the members of the group. |
+| HiddenMembership | Owner permission is needed to join the group.<br>Guest users cannot view the attributes of the group.<br>Non-members cannot see the members of the group.<br>Administrators (global, company, user, and helpdesk) can view the membership of the group.<br>The group appears in the global address book (GAL). |
## Relationships
v1.0 Idlesessionsignout https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/idlesessionsignout.md
+
+ Title: "idleSessionSignOut resource type"
+description: "Represents the idle session sign-out policy settings for SharePoint."
+
+ms.localizationpriority: medium
++
+# idleSessionSignOut resource type
+
+Namespace: microsoft.graph
+
+Represents the idle session sign-out policy settings for SharePoint.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+| isEnabled | Boolean | Indicates whether the idle session sign-out policy is enabled. |
+| signOutAfterInSeconds | Int64 | Number of seconds of inactivity after which a user is signed out. |
+| warnAfterInSeconds | Int64 | Number of seconds of inactivity after which a user is notified that they'll be signed out.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- { "blockType": "resource", "@odata.type": "microsoft.graph.idleSessionSignOut" } -->
+
+```json
+{
+ "isEnabled": "Boolean",
+ "signOutAfterInSeconds": "Int64",
+ "warnAfterInSeconds": "Int64"
+}
+```
+
+<!-- {
+ "type": "#page.annotation",
+ "description": "Idle session sign out parameters",
+ "section": "documentation",
+ "tocPath": "Resources/idleSessionSignOut"
+} -->
v1.0 Inboundoutboundpolicyconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/inboundoutboundpolicyconfiguration.md
+
+ Title: "inboundOutboundPolicyConfiguration resource type"
+description: "Defines the inbound and outbound rulesets for particular configurations within cross-tenant access settings."
+
+ms.localizationpriority: medium
++
+# inboundOutboundPolicyConfiguration resource type
+
+Namespace: microsoft.graph
+
+Defines the inbound and outbound rulesets for particular configurations within cross-tenant access settings.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+| inboundAllowed | Boolean | Defines whether external users coming inbound are allowed. |
+| outboundAllowed | Boolean | Defines whether internal users are allowed to go outbound. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.inboundOutboundPolicyConfiguration"
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.inboundOutboundPolicyConfiguration",
+ "inboundAllowed": {"@odata.type": "Boolean"},
+ "outboundAllowed": {"@odata.type": "Boolean"}
+}
+```
v1.0 Listitemversion https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/listitemversion.md
The following tasks are available for listItemVersion resources.
| Common task | HTTP method | | : | :-- |
-| [List versions][version-list] | `GET /sites/{site-id}/items/{item-id}/versions` |
-| [Get version][version-get] | `GET /sites/{site-id}/items/{item-id}/versions/{version-id}` |
-| [Restore version][version-restore] | `POST /sites/{site-id}/items/{item-id}/versions/{version-id}/restore` |
+| [List versions][version-list] | `GET /sites/{site-id}/lists/{list-id}/items/{item-id}/versions` |
+| [Get version][version-get] | `GET /sites/{site-id}/lists/{list-id}/items/{item-id}/versions/{version-id}` |
+| [Restore version][version-restore] | `POST /sites/{site-id}/lists/{list-id}/items/{item-id}/versions/{version-id}/restore` |
[version-list]: ../api/listitem-list-versions.md [version-get]: ../api/listitemversion-get.md
v1.0 Microsoft Teams Team Usage Reports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/microsoft-teams-team-usage-reports.md
+
+ Title: "Microsoft Teams team usage reports"
+description: "Use the Microsoft Teams team usage reports to get insights into the usage of teams in your organization."
+ms.localizationpriority: medium
+++
+# Microsoft Teams team usage reports
+
+Namespace: microsoft.graph
++
+Use the Microsoft Teams team usage reports to get insights into the usage of teams in your organization.
+
+## Reports
+
+| Function | CSV return type | Description |
+| : | - | - |
+| [Get team detail](../api/reportroot-getteamsteamactivitydetail.md) | Stream | Get details about Teams activity by team. The numbers include activities for both licensed and non-licensed users. |
+| [Get team counts](../api/reportroot-getteamsteamactivitycounts.md) | Stream | Get the number of team activities across Microsoft Teams. The activity types are related to meetings and messages. |
+| [Get team counts](../api/reportroot-getteamsteamcounts.md) | Stream | Get the number of teams by type across Microsoft Teams. |
+| [Get distribution team counts](../api/reportroot-getteamsteamactivitydistributioncounts.md) | Stream | Get the number of team activities across Microsoft Teams over a selected period. |
v1.0 Onlinemeeting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/onlinemeeting.md
Contains information about a meeting, including the URL used to join a meeting,
| allowedPresenters | [onlineMeetingPresenters](#onlinemeetingpresenters-values) | Specifies who can be a presenter in a meeting. Possible values are listed in the following table. | | allowMeetingChat | [meetingChatMode](#meetingchatmode-values) | Specifies the mode of meeting chat. | | allowTeamworkReactions | Boolean | Indicates whether Teams reactions are enabled for the meeting. |
-| allowedPresenters | [onlineMeetingPresenters](#onlinemeetingpresenters-values) | Specifies who can be a presenter in a meeting. Possible values are listed in the following table. |
| attendeeReport | Stream | The content stream of the attendee report of a [Microsoft Teams live event](/microsoftteams/teams-live-events/what-are-teams-live-events). Read-only. | | audioConferencing | [audioConferencing](audioconferencing.md) | The phone access (dial-in) information for an online meeting. Read-only. | | broadcastSettings | [broadcastMeetingSettings](broadcastMeetingSettings.md) | Settings related to a live event. |
v1.0 Onlinemeetingrestricted https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/onlinemeetingrestricted.md
+
+ Title: "onlineMeetingRestricted resource type"
+description: "Indicates the reason or reasons media content from a participant is restricted."
+
+ms.localizationpriority: medium
++
+# onlineMeetingRestricted resource type
+
+Namespace: microsoft.graph
+
+Indicates the reason or reasons media content from a participant is restricted.
+
+## Properties
+
+| Property | Type | Description |
+|:--|:--|:|
+| contentSharingDisabled | [onlineMeetingContentSharingDisabledReason](#onlinemeetingcontentsharingdisabledreason-values) | Specifies the reason shared content from this participant is disabled. Possible values are: `watermarkProtection`, `unknownFutureValue`. |
+| videoDisabled | [onlineMeetingVideoDisabledReason](#onlinemeetingvideodisabledreason-values) | Specifies the reason video from this participant is disabled. Possible values are: `watermarkProtection`, `unknownFutureValue`. |
+
+### onlineMeetingContentSharingDisabledReason values
+
+| Value | Description |
+|:--|:--|
+| watermarkProtection | The meeting content is marked _watermarked_ but the user joined from an unsupported client. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+### onlineMeetingVideoDisabledReason values
+
+| Value | Description |
+|:--|:--|
+| watermarkProtection | The meeting content is marked _watermarked_ but the user joined from an unsupported client. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [],
+ "@odata.type": "microsoft.graph.onlineMeetingRestricted"
+}-->
+```json
+{
+ "contentSharingDisabled": {"@odata.type": "microsoft.graph.onlineMeetingContentSharingDisabledReason"},
+ "videoDisabled": {"@odata.type": "microsoft.graph.onlineMeetingVideoDisabledReason"}
+}
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "onlineMeetingRestricted resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": []
+}
+-->
v1.0 Outlookcategory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/outlookcategory.md
Title: "outlookCategory resource type"
-description: "Represents a category by which a user can group Outlook items such as messages and events. The user defines categories in a master list, and can apply one or more of these user-defined"
+description: "Represents a category by which a user can group Outlook items such as messages and events."
ms.localizationpriority: medium ms.prod: "outlook"
doc_type: resourcePageType
Namespace: microsoft.graph
-Represents a category by which a user can group Outlook items such as messages and events. The user defines categories in a master list, and can apply one or more of these user-defined
-categories to an item.
+Represents a category by which a user can group Outlook items such as messages and events. The user defines categories in a master list, and can apply one or more of these user-defined categories to an item.
Using the REST API, you can [create](../api/outlookuser-post-mastercategories.md) and define categories in the master list of categories for a user. You can also [get this master list of categories](../api/outlookuser-list-mastercategories.md), [get a specific category](../api/outlookcategory-get.md),
Each category is attributed by 2 properties: **displayName** and **color**. The
The **color** however does not have to be unique; multiple categories in the master list can be mapped to the same color. You can map up to 25 different colors to categories in a user's master list.
+## Methods
+| Method | Return Type |Description|
+|:|:--|:-|
+|[List categories](../api/outlookuser-list-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) collection |Get all the categories that have been defined for the user.|
+|[Get category](../api/outlookcategory-get.md) | [outlookCategory](../resources/outlookcategory.md) |Get the properties and relationships of the specified **outlookCategory** object.|
+|[Create](../api/outlookuser-post-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) |Create an **outlookCategory** object in the user's master list of categories.|
+|[Update](../api/outlookcategory-update.md) | [outlookCategory](../resources/outlookcategory.md) |Update the writable property, **color**, of the specified **outlookCategory** object. |
+|[Delete](../api/outlookcategory-delete.md) | None |Delete the specified **outlookCategory** object. |
+ ## Properties | Property | Type |Description| |:|:--|:-|
+|color|categoryColor|A pre-set color constant that characterizes a category, and that is mapped to one of 25 predefined colors. For more details, see the following note. |
|displayName|String|A unique name that identifies a category in the user's mailbox. After a category is created, the name cannot be changed. Read-only.|
-|color|categoryColor|A pre-set color constant that characterizes a category, and that is mapped to one of 25 predefined colors. See the note below. |
> **Note** The possible values for **color** are pre-set constants such as `None`, `preset0` and `preset1`. Each pre-set constant is further mapped to a color; the actual color is dependent on the Outlook client that the categories are being displayed in. The following table shows the colors mapped to each pre-set constant for Outlook (desktop client).
color is dependent on the Outlook client that the categories are being displayed
| Preset24 | DarkCranberry | ## JSON representation
-Here is a JSON representation of the resource.
+The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
Here is a JSON representation of the resource.
"color": "String", "displayName": "String" }- ```
-## Methods
-| Method | Return Type |Description|
-|:|:--|:-|
-|[List categories](../api/outlookuser-list-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) collection |Get all the categories that have been defined for the user.|
-|[Get category](../api/outlookcategory-get.md) | [outlookCategory](../resources/outlookcategory.md) |Get the properties and relationships of the specified **outlookCategory** object.|
-|[Create](../api/outlookuser-post-mastercategories.md) | [outlookCategory](../resources/outlookcategory.md) |Create an **outlookCategory** object in the user's master list of categories.|
-|[Update](../api/outlookcategory-update.md) | [outlookCategory](../resources/outlookcategory.md) |Update the writable property, **color**, of the specified **outlookCategory** object. |
-|[Delete](../api/outlookcategory-delete.md) | None |Delete the specified **outlookCategory** object. |
-- <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 Participant https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/participant.md
Represents a participant in a call.
| mediaStreams | [mediaStream](mediastream.md) collection | The list of media streams. | | metadata | String | A blob of data provided by the participant in the roster. | | recordingInfo | [recordingInfo](recordinginfo.md) | Information about whether the participant has recording capability. |
+| restrictedExperience | [onlineMeetingRestricted](onlinemeetingrestricted.md) | Indicates the reason or reasons media content from this participant is restricted. |
## Relationships+ None. ## JSON representation
The following is a JSON representation of the resource.
{ "id": "String (identifier)", "info": {"@odata.type": "#microsoft.graph.participantInfo"},
- "isInLobby": true,
- "isMuted": true,
+ "isInLobby": "Boolean",
+ "isMuted": "Boolean",
"mediaStreams": [ { "@odata.type": "#microsoft.graph.mediaStream" } ], "metadata": "String",
- "recordingInfo": { "@odata.type": "#microsoft.graph.recordingInfo" }
+ "recordingInfo": { "@odata.type": "#microsoft.graph.recordingInfo" },
+ "restrictedExperience": { "@odata.type": "#microsoft.graph.onlineMeetingRestricted" }
} ```
v1.0 Phoneauthenticationmethod https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/phoneauthenticationmethod.md
Represents a phone number and type that's registered to a user, and whether it's
A phone has one of three types: mobile, alternate mobile, or office. A user can have one number registered for each type, and must have a mobile phone before an alternate mobile phone is added. When using a phone for multi-factor authentication (MFA) or self-service password reset (SSPR), the mobile phone is the default and the alternate mobile phone is the backup.
-Mobile phones can be used for both SMS and voice calls, depending on the tenant settings.
+Primary mobile phones can be used for both SMS and voice calls, depending on the tenant settings.
An office phone can only receive voice calls, not SMS messages.
Phones can be of three types, the following are the possible values.
|Value|Description| |--|--| |mobile|A primary mobile phone, usable for SMS and voice calls.|
-|alternateMobile|An alternate or backup mobile phone, usable for SMS and voice calls.|
+|alternateMobile|An alternate or backup mobile phone, usable only for voice calls.|
|office|An office phone or landline, usable only for voice calls.| ### authenticationMethodSignInState values
v1.0 Report https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/report.md
The following table shows the availability for each API across all cloud deploym
| [Microsoft 365 Apps usage](/graph/api/resources/microsoft-365-apps-usage-report?view=graph-rest-1.0&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | | [Microsoft 365 groups activity](/graph/api/resources/office-365-groups-activity-reports?view=graph-rest-1.0&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | | [Microsoft Teams device usage](/graph/api/resources/microsoft-teams-device-usage-reports?view=graph-rest-1.0&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û |
+| [Microsoft Teams team usage](/graph/api/resources/microsoft-teams-team-usage-reports?view=graph-rest-1.0&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | Γ£ö |
| [Microsoft Teams user activity](/graph/api/resources/microsoft-teams-user-activity-reports?view=graph-rest-1.0&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | | [Outlook activity](/graph/api/resources/email-activity-reports?view=graph-rest-1.0&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | | [Outlook app usage](/graph/api/resources/email-app-usage-reports?view=graph-rest-1.0&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û |
v1.0 Serviceprincipal https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/serviceprincipal.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|oauth2PermissionScopes|[permissionScope](permissionScope.md) collection|The delegated permissions exposed by the application. For more information see the **oauth2PermissionScopes** property on the [application](application.md) entity's **api** property. Not nullable.| | passwordCredentials | [passwordCredential](passwordcredential.md) collection|The collection of password credentials associated with the application. Not nullable.| |preferredSingleSignOnMode|string|Specifies the single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps. The supported values are `password`, `saml`, `notSupported`, and `oidc`.|
-|preferredTokenSigningKeyThumbprint|String|Reserved for internal use only. Do not write or otherwise rely on this property. May be removed in future versions.|
+|preferredTokenSigningKeyThumbprint|String|This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to `saml`) to control which certificate is used to sign the SAML responses. For applications that are not SAML, do not write or otherwise rely on this property.|
|replyUrls|String collection|The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable. | |resourceSpecificApplicationPermissions|[resourceSpecificPermission](../resources/resourcespecificpermission.md) collection|The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for [Teams apps accessing to specific chats and teams](/microsoftteams/platform/graph-api/rsc/resource-specific-consent) using Microsoft Graph. Read-only.| |samlSingleSignOnSettings|[samlSingleSignOnSettings](samlsinglesignonsettings.md)|The collection for settings related to saml single sign-on.|
-|servicePrincipalNames|String collection|Contains the list of **identifiersUris**, copied over from the associated [application](application.md). Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Azure AD. For example,<ul><li>Client apps can specify a resource URI which is based on the values of this property to acquire an access token, which is the URI returned in the ΓÇ£audΓÇ¥ claim.</li></ul><br>The any operator is required for filter expressions on multi-valued properties. Not nullable. <br><br> Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
+|servicePrincipalNames|String collection|Contains the list of **identifiersUris**, copied over from the associated [application](application.md). Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Azure AD. For example,<ul><li>Client apps can specify a resource URI which is based on the values of this property to acquire an access token, which is the URI returned in the "aud" claim.</li></ul><br>The any operator is required for filter expressions on multi-valued properties. Not nullable. <br><br> Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).|
|servicePrincipalType|String|Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Azure AD internally. The **servicePrincipalType** property can be set to three different values: <ul><li>__Application__ - A service principal that represents an application or service. The **appId** property identifies the associated app registration, and matches the **appId** of an [application](application.md), possibly from a different tenant. If the associated app registration is missing, tokens are not issued for the service principal.</li><li>__ManagedIdentity__ - A service principal that represents a [managed identity](/azure/active-directory/managed-identities-azure-resources/overview). Service principals representing managed identities can be granted access and permissions, but cannot be updated or modified directly.</li><li>__Legacy__ - A service principal that represents an app created before app registrations, or through legacy experiences. Legacy service principal can have credentials, service principal names, reply URLs, and other properties which are editable by an authorized user, but does not have an associated app registration. The **appId** value does not associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.</li><li>__SocialIdp__ - For internal use. </ul>|
-| signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. Read-only. <br><br>Supported values are:<ul><li>`AzureADMyOrg`: Users with a Microsoft work or school account in my organizationΓÇÖs Azure AD tenant (single-tenant).</li><li>`AzureADMultipleOrgs`: Users with a Microsoft work or school account in any organizationΓÇÖs Azure AD tenant (multi-tenant).</li><li>`AzureADandPersonalMicrosoftAccount`: Users with a personal Microsoft account, or a work or school account in any organizationΓÇÖs Azure AD tenant.</li><li>`PersonalMicrosoftAccount`: Users with a personal Microsoft account only.</li></ul> |
+| signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. Read-only. <br><br>Supported values are:<ul><li>`AzureADMyOrg`: Users with a Microsoft work or school account in my organization's Azure AD tenant (single-tenant).</li><li>`AzureADMultipleOrgs`: Users with a Microsoft work or school account in any organization's Azure AD tenant (multi-tenant).</li><li>`AzureADandPersonalMicrosoftAccount`: Users with a personal Microsoft account, or a work or school account in any organization's Azure AD tenant.</li><li>`PersonalMicrosoftAccount`: Users with a personal Microsoft account only.</li></ul> |
|tags|String collection| Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated [application](application.md) entity's **tags** property.<br><br>Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`). | | tokenEncryptionKeyId |String|Specifies the keyId of a public key from the keyCredentials collection. When configured, Azure AD issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user.| | verifiedPublisher | [verifiedPublisher](verifiedPublisher.md) | Specifies the verified publisher of the application which this service principal represents.
v1.0 Sharepoint https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/sharepoint.md
The SharePoint API in Microsoft Graph supports the following core scenarios:
* Access to SharePoint **sites**, **lists**, and **drives** (document libraries) * Read-only support for **site** resources (no ability to create new sites) * Read-write support for **lists**, **listItems**, and **driveItems**
+* Read-write support for tenant-level **SharePointSettings**
* Address resources by SharePoint ID, URL, or relative path The SharePoint API exposes three major resource types:
The following examples are relative to `https://graph.microsoft.com/v1.0`.
| /sites/{site-id}/lists | Enumerate the [lists](list.md) under the [site](site.md). | /sites/{site-id}/lists/{list-id}/items | Enumerate the [listItems](listitem.md) under the [list](list.md). | /groups/{group-id}/sites/root | Access a group's team [site][].
+| /admin/sharepoint/settings | Access the organization's admin level [settings](sharepointSettings.md).
Sites can also be addressed by path by using the SharePoint hostname, followed by a colon and the relative path to the site. You can optionally transition back to addressing the resource model by putting another colon at the end.
Find out about the [latest new features and updates](/graph/whats-new-overview)
[list]: list.md [drive]: drive.md [siteCollection]: sitecollection.md
+[settings]: sharepointSettings.md
<!-- { "type": "#page.annotation",
v1.0 Sharepointsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/sharepointsettings.md
+
+ Title: "sharepointSettings resource type"
+description: "Represents the tenant-level settings for SharePoint and OneDrive."
+
+ms.localizationpriority: medium
++
+# sharepointSettings resource type
+Namespace: microsoft.graph
+
+Represents the tenant-level settings for SharePoint and OneDrive.
+
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+|Method|Return type|Description
+|:|:|:
+|[Get settings](../api/sharepointsettings-get.md)|[microsoft.graph.sharepointSettings](../resources/sharepointsettings.md) | Get the tenant-level settings for SharePoint and OneDrive.|
+|[Update settings](../api/sharepointsettings-update.md) | [microsoft.graph.sharepointSettings](../resources/sharepointsettings.md) | Update one or more tenant-level settings for SharePoint and OneDrive.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+| allowedDomainGuidsForSyncApp | GUID collection | Collection of trusted domain GUIDs for the OneDrive sync app. |
+| availableManagedPathsForSiteCreation | String collection | Collection of managed paths available for site creation. Read-only. |
+| deletedUserPersonalSiteRetentionPeriodInDays | Int32 | The number of days for preserving a deleted user's OneDrive. |
+| excludedFileExtensionsForSyncApp | String collection | Collection of file extensions not uploaded by the OneDrive sync app. |
+| idleSessionSignOut | [microsoft.graph.idleSessionSignOut](../resources/idlesessionsignout.md) | Specifies the idle session sign-out policies for the tenant. |
+| imageTaggingOption | [microsoft.graph.imageTaggingChoice](../resources/sharepointsettings.md#imagetaggingchoice-values) | Specifies the image tagging option for the tenant. Possible values are: `disabled`, `basic`, `enhanced`. |
+| isCommentingOnSitePagesEnabled | Boolean | Indicates whether comments are allowed on modern site pages in SharePoint. |
+| isFileActivityNotificationEnabled | Boolean | Indicates whether push notifications are enabled for OneDrive events. |
+| isLegacyAuthProtocolsEnabled | Boolean | Indicates whether legacy authentication protocols are enabled for the tenant. |
+| isLoopEnabled | Boolean | Indicates whether if Fluid Framework is allowed on SharePoint sites. |
+| isMacSyncAppEnabled | Boolean | Indicates whether files can be synced using the OneDrive sync app for Mac. |
+| isRequireAcceptingUserToMatchInvitedUserEnabled | Boolean | Indicates whether guests must sign in using the same account to which sharing invitations are sent. |
+| isResharingByExternalUsersEnabled | Boolean | Indicates whether guests are allowed to reshare files, folders, and sites they don't own. |
+| isSharePointMobileNotificationEnabled | Boolean | Indicates whether mobile push notifications are enabled for SharePoint. |
+| isSharePointNewsfeedEnabled | Boolean | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. |
+| isSiteCreationEnabled | Boolean | Indicates whether users are allowed to create sites. |
+| isSiteCreationUIEnabled | Boolean | Indicates whether the UI commands for creating sites are shown. |
+| isSitePagesCreationEnabled | Boolean | Indicates whether creating new modern pages is allowed on SharePoint sites. |
+| isSitesStorageLimitAutomatic | Boolean | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. |
+| isSyncButtonHiddenOnPersonalSite | Boolean | Indicates whether the sync button in OneDrive is hidden. |
+| isUnmanagedSyncAppForTenantRestricted | Boolean | Indicates whether users are allowed to sync files only on PCs joined to specific domains. |
+| personalSiteDefaultStorageLimitInMB | Int64 | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). |
+| sharingAllowedDomainList | String collection | Collection of email domains that are allowed for sharing outside the organization. |
+| sharingBlockedDomainList | String collection | Collection of email domains that are blocked for sharing outside the organization. |
+| sharingCapability | [microsoft.graph.sharingCapabilities](../resources/sharepointsettings.md#sharingcapabilities-values) | Sharing capability for the tenant. Possible values are: `disabled`, `externalUserSharingOnly`, `externalUserAndGuestSharing`, `existingExternalUserSharingOnly`. |
+| sharingDomainRestrictionMode | [microsoft.graph.sharingDomainRestrictionMode](../resources/sharepointsettings.md#sharingdomainrestrictionmode-values) | Specifies the external sharing mode for domains. Possible values are: `none`, `allowList`, `blockList`. |
+| siteCreationDefaultManagedPath | String | The value of the team site managed path. This is the path under which new team sites will be created. |
+| siteCreationDefaultStorageLimitInMB | Int32 | The default storage quota for a new site upon creation. Measured in megabytes (MB). |
+| tenantDefaultTimezone | String | The default timezone of a tenant for newly created sites. For a list of possible values, see [SPRegionalSettings.TimeZones property](/sharepoint/dev/schema/regional-settings-schema). |
+
+### imageTaggingChoice values
+| Member | Description |
+| : | :|
+| disabled | The image tagging option for the tenant is disabled. |
+| basic | Allows users within the tenant to add basic tags to images to make them accessible through search. |
+| enhanced | Allows users to tag images with custom tags and enhanced features. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+### sharingCapabilities values
+| Member | Description |
+| : | :|
+| disabled | Users can share only with people in the organization. No external sharing is allowed. |
+| externalUserSharingOnly | Users can share with new and existing guests. Guests must sign in or provide a verification code. |
+| externalUserAndGuestSharing | Users can share with anyone by using links that don't require sign-in. |
+| existingExternalUserSharingOnly | Users can share with existing guests (those already in the directory of the organization). |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+### sharingDomainRestrictionMode values
+| Member | Description |
+||--|
+| none | No restrictions apply. |
+| allowList | Users will be able to share with external collaborators coming only from the list of allowed email domains. |
+| blockList | Users will be able to share with all external collaborators apart from the ones on the list of blocked email domains. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.sharepointSettings",
+ "openType": "false"
+}
+-->
+``` json
+{
+ "allowedDomainGuidsForSyncApp": ["string (identifier)"],
+ "availableManagedPathsForSiteCreation": ["string"],
+ "deletedUserPersonalSiteRetentionPeriodInDays": "Int32",
+ "excludedFileExtensionsForSyncApp": ["string"],
+ "idleSessionSignOut": "microsoft.graph.idleSessionSignOut",
+ "imageTaggingOption": "string",
+ "isCommentingOnSitePagesEnabled": "boolean",
+ "isFileActivityNotificationEnabled": "boolean",
+ "isLegacyAuthProtocolsEnabled": "boolean",
+ "isLoopEnabled": "boolean",
+ "isMacSyncAppEnabled": "boolean",
+ "isRequireAcceptingUserToMatchInvitedUserEnabled": "boolean",
+ "isResharingByExternalUsersEnabled": "boolean",
+ "isSharePointMobileNotificationEnabled": "boolean",
+ "isSharePointNewsfeedEnabled": "boolean",
+ "isSiteCreationEnabled": "boolean",
+ "isSiteCreationUIEnabled": "boolean",
+ "isSitePagesCreationEnabled": "boolean",
+ "isSitesStorageLimitAutomatic": "boolean",
+ "isSyncButtonHiddenOnPersonalSite": "boolean",
+ "isUnmanagedSyncAppForTenantRestricted": "boolean",
+ "personalSiteDefaultStorageLimitInMB": "Int64",
+ "sharingAllowedDomainList" : ["string"],
+ "sharingBlockedDomainList" : ["string"],
+ "sharingCapability": "string",
+ "sharingDomainRestrictionMode": "string",
+ "siteCreationDefaultManagedPath": "string",
+ "siteCreationDefaultStorageLimitInMB": "Int32",
+ "tenantDefaultTimezone": "string"
+}
+```
+
+<!--
+{
+ "type": "#page.annotation",
+ "description": "settings resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "namespace": "microsoft.graph"
+}
+-->
v1.0 Signinactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/signinactivity.md
Provides the last interactive or non-interactive sign-in time for a specific [us
| Property | Type | Description | |:-|:|:|
-|lastSignInDateTime|DateTimeOffset|The last interactive sign-in date and time for a specific user. You can use this field to calculate the last time a user signed in to the directory with an interactive authentication method. This field can be used to build reports, such as inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains interactive sign-ins going back to April 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
+|lastSignInDateTime|DateTimeOffset|The last interactive sign-in date and time for a specific user. You can use this field to calculate the last time a user attempted to sign into the directory with an interactive authentication method. This field can be used to build reports, such as inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains interactive sign-ins going back to April 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
|lastSignInRequestId|String|Request identifier of the last interactive sign-in performed by this user.|
-|lastNonInteractiveSignInDateTime|DateTimeOffset|The last non-interactive sign-in date for a specific user. You can use this field to calculate the last time a client signed in to the directory on behalf of a user. Because some users may use clients to access tenant resources rather than signing into your tenant directly, you can use the non-interactive sign-in date to along with lastSignInDateTime to identify inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains non-interactive sign-ins going back to May 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
+|lastNonInteractiveSignInDateTime|DateTimeOffset|The last non-interactive sign-in date for a specific user. You can use this field to calculate the last time a client attempted to sign into the directory on behalf of a user. Because some users may use clients to access tenant resources rather than signing into your tenant directly, you can use the non-interactive sign-in date to along with lastSignInDateTime to identify inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is: `'2014-01-01T00:00:00Z'`. Azure AD maintains non-interactive sign-ins going back to May 2020. For more information about using the value of this property, see [Manage inactive user accounts in Azure AD](/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts).|
|lastNonInteractiveSignInRequestId|String|Request identifier of the last non-interactive sign-in performed by this user.| ## JSON representation
v1.0 Subjectrightsrequest Subjectrightsrequestapioverview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/subjectrightsrequest-subjectrightsrequestapioverview.md
In accordance with certain privacy regulations around the world, individuals can
The Microsoft Graph APIs for subject rights request provide functionality for organizations to automate repetitive tasks and integrate with existing data subject request tools, to enable building repeatable workflows that can be incorporated to their business processes. You can use the subject rights request APIs to help you automate and scale your organization's ability to perform subject rights requests searches in Microsoft 365 and help meet industry regulations more efficiently. > [!IMPORTANT]
-> The Microsoft Graph APIs for subject rights request are intended to help meet the need to fulfill subject rights requests within Microsoft 365 services for Exchange Online, SharePoint Online, Teams chats, and OneDrive for Business. These APIs should not be used as a substitute for searching for data in any other Microsoft 365 system or any other area as those scenarios are not explicity supported.
+> The Microsoft Graph APIs for subject rights request are intended to help meet the need to fulfill subject rights requests within Microsoft 365 services for Exchange Online, SharePoint Online, Teams chats, and OneDrive for Business. These APIs should not be used as a substitute for searching for data in any other Microsoft 365 system or any other area as those scenarios are not explicitly supported.
The API includes the following key entities.
The API includes the following key entities.
| Subject rights request history | [microsoft.graph.subjectRightsRequesthistory](subjectRightsRequesthistory.md) | Represents the history for a subject rights request. | | Subject rights request detail | [microsoft.graph.subjectRightsRequestDetail](subjectRightsRequestDetail.md) | Represents the details of a subject rights request, including number of items found, number of items reviewed, and so on. | | Subject rights request stage detail | [microsoft.graph.subjectRightsRequestStageDetail](subjectRightsRequestStageDetail.md) | Represents the properties of the stages of a subject rights request. |--
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/user.md
This resource supports:
|schools|String collection|A list for the user to enumerate the schools they have attended. <br><br>Returned only on `$select`.| |securityIdentifier| String | Security identifier (SID) of the user, used in Windows scenarios. <br><br>Read-only. Returned by default. <br>Supports `$select` and `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`). | |showInAddressList|Boolean|**Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead.** Represents whether the user should be included in the Outlook global address list. See [Known issue](/graph/known-issues#showinaddresslist-property-is-out-of-sync-with-microsoft-exchange).|
-|signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties. <br><br>**Note:** <br/><li>Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<li>When you specify `$select=signInActivity` or `$filter=signInActivity` while [listing users](../api/user-list.md), the maximum page size is 120 users. Requests with `$top` set higher than 120 will return pages with up to 120 users. <li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
+|signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but not with any other filterable properties*. <br><br>**Note:** <br/><li>Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
|signInSessionsValidFromDateTime|DateTimeOffset| Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. Read-only. Use [revokeSignInSessions](../api/user-revokesigninsessions.md) to reset. <br><br>Returned only on `$select`.| |skills|String collection|A list for the user to enumerate their skills. <br><br>Returned only on `$select`.| |state|String|The state or province in the user's address. Maximum length is 128 characters. <br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values).|
v1.0 Watermarkprotectionvalues https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/watermarkprotectionvalues.md
Title: "watermarkProtectionValues resource type"
-description: "Represents the reasons for a participant's restricted media experience."
+description: "Indicates whether a watermark is enabled for different content types in a meeting."
ms.localizationpriority: medium ms.prod: "cloud-communications"
doc_type: resourcePageType
Namespace: microsoft.graph -
-Indicates whether a watermark should be applied to any content type. Please note this is not a security feature because it relies on the client application to implement the watermarking.
+Indicates that a watermark is enabled for this particular meeting. Any clients that don't support watermarks will have a restricted (audio-only) experience in the meeting.
## Properties
v1.0 Toc.Yml https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/toc.yml a/api-reference/v1.0/toc.yml
items:
href: api/crosstenantaccesspolicyconfigurationpartner-update.md - name: Delete href: api/crosstenantaccesspolicyconfigurationpartner-delete.md
+ - name: Partner user sync settings
+ items:
+ - name: Cross-tenant access partner user sync settings
+ href: resources/crosstenantidentitysyncpolicypartner.md
+ - name: Create
+ href: api/crosstenantaccesspolicyconfigurationpartner-put-identitysynchronization.md
+ - name: Get
+ href: api/crosstenantidentitysyncpolicypartner-get.md
+ - name: Update
+ href: api/crosstenantidentitysyncpolicypartner-update.md
+ - name: Delete
+ href: api/crosstenantidentitysyncpolicypartner-delete.md
- name: Data policy operation href: resources/datapolicyoperation.md items:
items:
href: api/identitysecuritydefaultsenforcementpolicy-update.md - name: User flows items:
- - name: Self-service sign up user flows
+ - name: Self-service sign up user flows in Azure AD
items: - name: Self-service sign up user flow href: resources/b2xidentityuserflow.md
items:
href: api/reportroot-getteamsuseractivitycounts.md - name: Get user counts href: api/reportroot-getteamsuseractivityusercounts.md
+ - name: Microsoft Teams team activity
+ href: resources/microsoft-teams-team-usage-reports.md
+ items:
+ - name: Get team detail
+ href: api/reportroot-getteamsteamactivitydetail.md
+ - name: Get team activity counts
+ href: api/reportroot-getteamsteamactivitycounts.md
+ - name: Get team activity distribution counts
+ href: api/reportroot-getteamsteamactivitydistributioncounts.md
+ - name: Get team counts
+ href: api/reportroot-getteamsteamcounts.md
- name: Outlook activity href: resources/email-activity-reports.md items:
items:
href: api/externalconnectors-schema-create.md - name: Get href: api/externalconnectors-schema-get.md
+ - name: External activity
+ items:
+ - name: External activity
+ href: resources/externalconnectors-externalactivity.md
+ - name: External activity result
+ items:
+ - name: External activity result
+ href: resources/externalconnectors-externalactivityresult.md
- name: External item items: - name: External item
items:
href: api/externalconnectors-externalitem-update.md - name: Delete href: api/externalconnectors-externalitem-delete.md
+ - name: Add activities
+ href: api/externalconnectors-externalitem-addactivities.md
- name: External group items: - name: External group
items:
href: api/termStore-term-list-relations.md - name: Create href: api/termStore-relation-post.md
+ - name: Tenant settings
+ items:
+ - name: SharePoint settings
+ href: resources/sharepointsettings.md
+ - name: Get
+ href: api/sharepointsettings-get.md
+ - name: Update
+ href: api/sharepointsettings-update.md
- name: Tasks and plans displayName: Planner items:
items:
href: api/onlinemeeting-delete.md - name: Create or get href: api/onlinemeeting-createorget.md
+ - name: Virtual appointment
+ items:
+ - name: Get virtual appointment join link
+ href: api/virtualappointment-getvirtualappointmentjoinweburl.md
- name: Presence href: resources/presence.md items: