Updates from: 05/04/2021 03:08:39
Service Microsoft Docs article Related commit history on GitHub Change details
v1.0 Authorizationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/authorizationpolicy-update.md
In the request body, supply the values for relevant fields that should be update
|:-|:|:| |displayName|String| Display name for this policy. | |description|String| Description of this policy. |
-|guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Refer to [List unifiedRoleDefinitions](./rbacapplication-list-roledefinitions.md) to find the list of available role templates. Only supported roles today are User (a0b1b346-4d3e-4e8b-98f8-753987be4970), Guest User (10dae51f-b6af-4016-8d66-8c2a99b929b3), and Restricted Guest User (2af84b1e-32c8-42b7-82bc-daa82404023b). |
+|guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Refer to [List unifiedRoleDefinitions](./rbacapplication-list-roledefinitions.md) to find the list of available role templates. Only supported roles today are User (`a0b1b346-4d3e-4e8b-98f8-753987be4970`), Guest User (`10dae51f-b6af-4016-8d66-8c2a99b929b3`), and Restricted Guest User (`2af84b1e-32c8-42b7-82bc-daa82404023b`). |
|enabledPreviewFeatures|Collection(string)| List of features enabled for private preview on the tenant. |
-|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell, set this property to `true`. Setting to `true` will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
+|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell, set this property to `true`. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
|defaultUserRolePermissions|[defaultUserRolePermissions](../resources/defaultUserRolePermissions.md)| Specifies certain customizable permissions for default user role. | |allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. | |allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
v1.0 Educationassignment Get Rubric https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignment-get-rubric.md
One of the following permissions is required to call this API. To learn more, in
|:|:--| | Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+| Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignment-get.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationassignment List Categories https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignment-list-categories.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationassignment List Resources https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignment-list-resources.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationassignment List Submissions https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignment-list-submissions.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationassignmentdefaults Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignmentdefaults-get.md
One of the following permissions is required to call this API. To learn more, in
|:|:| |Delegated (work or school account)| EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account)| Not supported. |
-|Application*| EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application| EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationassignmentresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignmentresource-get.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationassignmentsettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationassignmentsettings-get.md
One of the following permissions is required to call this API. To learn more, in
|:|:| |Delegated (work or school account)|EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite| |Delegated (personal Microsoft account)|Not supported.|
-|Application*| EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application| EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationcategory Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationcategory-get.md
One of the following permissions is required to call this API. To learn more, in
| :- | :-- | | Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+| Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationclass List Assignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationclass-list-assignments.md
One of the following permissions is required to call this API. To learn more, in
| :- | :-- | | Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+| Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationclass List Categories https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationclass-list-categories.md
One of the following permissions is required to call this API. To learn more, in
| :- | :-- | | Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+| Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationrubric Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationrubric-get.md
One of the following permissions is required to call this API. To learn more, in
|:|:--| | Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+| Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationsubmission Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationsubmission-get.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationsubmission List Outcomes https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationsubmission-list-outcomes.md
One of the following permissions is required to call this API. To learn more, in
|:|:--| | Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+| Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationsubmission List Resources https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationsubmission-list-resources.md
One of the following permissions is required to call this API. To learn more, in
| :- | :-- | | Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | | Delegated (personal Microsoft account) | Not supported. |
-| Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+| Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request
v1.0 Educationsubmission List Submittedresources https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationsubmission-list-submittedresources.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationsubmissionresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationsubmissionresource-get.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Educationsubmittedsubmissionresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/educationsubmittedsubmissionresource-get.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite | |Delegated (personal Microsoft account) | Not supported. |
-|Application* | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
-
-*Application permissions are currently available to private preview customers only.
+|Application | EduAssignments.ReadBasic, EduAssignments.ReadWriteBasic, EduAssignments.Read, EduAssignments.ReadWrite |
## HTTP request <!-- { "blockType": "ignored" } -->
v1.0 Oauth2permissiongrant List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/oauth2permissiongrant-list.md
Namespace: microsoft.graph
Retrieve a list of [oAuth2PermissionGrant](../resources/oauth2permissiongrant.md) objects, representing delegated permissions which have been granted for client applications to access APIs on behalf of signed-in users.
+> [!NOTE]
+> This request might have replication delays for delegated permission grants that were recently created, updated, or deleted. This delay will be minimized if a filter on `clientId` is specified.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 User List Oauth2permissiongrants https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/user-list-oauth2permissiongrants.md
Retrieve a list of [oAuth2PermissionGrant](../resources/oAuth2PermissionGrant.md
> [!NOTE] > Querying the delegated permission grants for a user will only return delegated permissions grants that are specifically for the given user. Delegated permissions granted on behalf of all users in the organization are _not_ included in the response.
+> [!NOTE]
+> This request might have replication delays for delegated permission grants that were recently created, updated, or deleted.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Authenticationflowspolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/authenticationflowspolicy.md
doc_type: resourcePageType
Namespace: microsoft.graph + Represents the [policy configuration of self-service sign-up experience](../resources/selfservicesignupauthenticationflowconfiguration.md) at a tenant level that lets external users request to sign up for approval. It contains information about the ID, display name, and description, and indicates whether self-service sign up is enabled for the policy. ## Properties
The following is a JSON representation of the resource.
``` json {
- "id": "String (identifier)",
- "displayName": "String",
- "description": "String",
- "selfServiceSignUp": {
- "@odata.type": "#microsoft.graph.selfServiceSignUpAuthenticationFlowConfiguration"
- },
+ "id":"String (identifier)",
+ "displayName":"String",
+ "description":"String",
+ "selfServiceSignUp":{
+ "@odata.type":"#microsoft.graph.selfServiceSignUpAuthenticationFlowConfiguration"
+ }
} ```
v1.0 Authorizationpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/authorizationpolicy.md
Represents a policy that can control Azure Active Directory authorization settin
## Properties | Property | Type | Description | |-|-|-|
-|id|String| ID of the authorization policy. Required. Read-only.|
-|displayName|String| Display name for this policy. |
-|description|String| Description of this policy.|
-|guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Refer to [List unifiedRoleDefinitions](../api/rbacapplication-list-roledefinitions.md) to find the list of available role templates. Currently following roles are supported: User (`a0b1b346-4d3e-4e8b-98f8-753987be4970`), Guest User (`10dae51f-b6af-4016-8d66-8c2a99b929b3`), and Restricted Guest User (`2af84b1e-32c8-42b7-82bc-daa82404023b`). |
-|enabledPreviewFeatures|String collection| List of features enabled for private preview on the tenant. |
-|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to true. Setting to true will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
-|defaultUserRolePermissions|[defaultUserRolePermissions](defaultUserRolePermissions.md)| Specifies certain customizable permissions for default user role. |
-|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
+|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowEmailVerifiedUsersToJoinOrganization|Boolean| Indicates whether a user can join the tenant by email validation. | |allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. See more in the [table below](#allowinvitesfrom-values).|
+|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to `true`. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
+|defaultUserRolePermissions|[defaultUserRolePermissions](defaultUserRolePermissions.md)| Specifies certain customizable permissions for default user role. |
+|description|String| Description of this policy.|
+|displayName|String| Display name for this policy. |
+|enabledPreviewFeatures|String collection| List of features enabled for private preview on the tenant. |
+|guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Refer to [List unifiedRoleDefinitions](../api/rbacapplication-list-roledefinitions.md) to find the list of available role templates. Currently following roles are supported: User (`a0b1b346-4d3e-4e8b-98f8-753987be4970`), Guest User (`10dae51f-b6af-4016-8d66-8c2a99b929b3`), and Restricted Guest User (`2af84b1e-32c8-42b7-82bc-daa82404023b`). |
+|id|String| ID of the authorization policy. Required. Read-only.|
|permissionGrantPolicyIdsAssignedToDefaultUserRole|String collection|Indicates if user consent to apps is allowed, and if it is, which app consent policy (permissionGrantPolicy) governs the permission for users to grant consent. Values should be in the format `managePermissionGrantsForSelf.{id}`, where `{id}` is the **id** of a built-in or custom [app consent policy](/azure/active-directory/manage-apps/manage-app-consent-policies). An empty list indicates user consent to apps is disabled. | ### allowInvitesFrom values
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/user.md
This resource supports:
| givenName | String | The given name (first name) of the user. Maximum length is 64 characters. Returned by default. Supports `$filter`.| | hireDate | DateTimeOffset | The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. <br><br>Returned only on `$select`. <br><br> **Note:** This property is specific to SharePoint Online. We recommend using the native **employeeHireDate** property to set and update hire date values using Microsoft Graph APIs. | | id | String | The unique identifier for the user. Should be treated as an opaque identifier. Inherited from [directoryObject](directoryobject.md). <br><br>Returned by default. Not nullable. Read-only.|
-| identities | [objectIdentity](objectIdentity.md) collection | Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft (also known as a local account), by organizations, or by social identity providers such as Facebook, Google, and Microsoft, and tied to a user account. May contain multiple items with the same **signInType** value. Can contain up to ten [objectIdentity](objectIdentity.md) objects. <br><br>Returned only on `$select`. Supports `$filter`. |
+| identities | [objectIdentity](objectIdentity.md) collection | Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft (also known as a local account), by organizations, or by social identity providers such as Facebook, Google, and Microsoft, and tied to a user account. May contain multiple items with the same **signInType** value. <br><br>Returned only on `$select`. Supports `$filter`. |
| imAddresses | String collection | The instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only.| | infoCatalogs | String collection | Identifies the info segments assigned to the user. Returned by default. | | interests | String collection | A list for the user to describe their interests. <br><br>Returned only on `$select`. |
This resource supports:
| lastPasswordChangeDateTime | DateTimeOffset | The time when this Azure AD user last changed their password. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z` <br><br>Returned only on `$select`. Read-only. | | legalAgeGroupClassification | [legalAgeGroupClassification](#legalagegroupclassification-values) | Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on **ageGroup** and **consentProvidedForMinor** properties. Allowed values: `null`, `minorWithOutParentalConsent`, `minorWithParentalConsent`, `minorNoParentalConsentRequired`, `notAdult` and `adult`. Refer to the [legal age group property definitions](#legal-age-group-property-definitions) for further information. <br><br>Returned only on `$select`. | | licenseAssignmentStates | [licenseAssignmentState](licenseassignmentstate.md) collection | State of license assignments for this user. <br><br>Returned only on `$select`. Read-only. |
-| mail | String | The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com".<br>NOTE: While this property can contain accent characters, they can cause access issues to first-party applications for the user.<br><br>Returned by default. Supports `$filter` and `endsWith`. |
+| mail | String | The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com".<br>NOTE: While this property can contain accent characters, using them can cause access issues with other Microsoft applications for the user.<br><br>Returned by default. Supports `$filter` and `endsWith`. |
| mailboxSettings | [mailboxSettings](mailboxsettings.md) | Settings for the primary mailbox of the signed-in user. You can [get](../api/user-get-mailboxsettings.md) or [update](../api/user-update-mailboxsettings.md) settings for sending automatic replies to incoming messages, locale, and time zone. <br><br>Returned only on `$select`. Supported only on the Get user API (`GET /users/{id}` or `GET /me`). | | mailNickname | String | The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. <br><br>Returned only on `$select`. Supports `$filter`. | | mobilePhone | String | The primary cellular telephone number for the user. <br><br>Returned by default. Read-only for users synced from on-premises directory. |
v1.0 Authorizationpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/authorizationpolicy-update.md
In the request body, supply the values for relevant fields that should be update
| Property | Type | Description | |:-|:|:|
-|displayName|String| Display name for this policy. |
-|description|String| Description of this policy.|
-|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to true. Setting to true will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
-|defaultUserRolePermissions|[defaultUserRolePermissions](../resources/defaultuserrolepermissions.md)| Specifies certain customizable permissions for default user role. |
-|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
+|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowEmailVerifiedUsersToJoinOrganization|Boolean| Indicates whether a user can join the tenant by email validation. |
-|allowInvitesFrom|String|Indicates who can invite external users to the organization. Possible values are:<ul><li>`none` - Prevent everyone, including admins, from inviting external users. Default setting for US Government.</li><li>`adminsAndGuestInviters` - Allow members of Global Administrators, User Administrators, and Guest Inviter roles to invite external users.</li><li>`adminsGuestInvitersAndAllMembers` - Allow the above admin roles and all other User role members to invite external users.</li><li>`everyone` - Allow everyone in the organization, including guest users, to invite external users. Default setting for all cloud environments except US Government.</li></ul> |
+|allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. See more on the allowed values in this [table](../resources/authorizationpolicy.md#allowinvitesfrom-values). |
+|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to `true`. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
+|defaultUserRolePermissions|[defaultUserRolePermissions](../resources/defaultuserrolepermissions.md)| Specifies certain customizable permissions for default user role. |
+|description|String| Description of this policy.|
+|displayName|String| Display name for this policy. |
+|guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Currently following roles are supported: User (`a0b1b346-4d3e-4e8b-98f8-753987be4970`), Guest User (`10dae51f-b6af-4016-8d66-8c2a99b929b3`), and Restricted Guest User (`2af84b1e-32c8-42b7-82bc-daa82404023b`). |
+ ## Response
v1.0 Educationroot Post Schools https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/educationroot-post-schools.md
Content-length: 292
"street": "12345 Main St." }, "externalId": "10002",
- "phone": "+1 (253) 555-0102",
+ "phone": "+1 (253) 555-0102"
} ```
v1.0 Oauth2permissiongrant List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/oauth2permissiongrant-list.md
Namespace: microsoft.graph
Retrieve a list of [oAuth2PermissionGrant](../resources/oauth2permissiongrant.md) objects, representing delegated permissions which have been granted for client applications to access APIs on behalf of signed-in users.
+> [!NOTE]
+> This request might have replication delays for delegated permission grants that were recently created, updated, or deleted. This delay will be minimized if a filter on `clientId` is specified.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 User List Oauth2permissiongrants https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/user-list-oauth2permissiongrants.md
Retrieve a list of [oAuth2PermissionGrant](../resources/oAuth2PermissionGrant.md
> [!NOTE] > Querying the delegated permission grants for a user will only return delegated permissions grants that are specifically for the given user. Delegated permissions granted on behalf of all users in the organization are _not_ included in the response.
+> [!NOTE]
+> This request might have replication delays for delegated permission grants that were recently created, updated, or deleted.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Authenticationflowspolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/resources/authenticationflowspolicy.md
The following is a JSON representation of the resource.
``` json {
- "id": "String (identifier)",
- "displayName": "String",
- "description": "String",
- "selfServiceSignUp": {
- "@odata.type": "#microsoft.graph.selfServiceSignUpAuthenticationFlowConfiguration"
- },
+ "id":"String (identifier)",
+ "displayName":"String",
+ "description":"String",
+ "selfServiceSignUp":{
+ "@odata.type":"#microsoft.graph.selfServiceSignUpAuthenticationFlowConfiguration"
+ }
} ```
v1.0 Authorizationpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/resources/authorizationpolicy.md
Represents a policy that can control Azure Active Directory authorization settin
## Properties | Property | Type | Description | |-|-|-|
-|id|String| ID of the authorization policy. Required. Read-only.|
-|displayName|String| Display name for this policy. |
-|description|String| Description of this policy.|
-|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to true. Setting to true will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
-|defaultUserRolePermissions|[defaultUserRolePermissions](defaultuserrolepermissions.md)| Specifies certain customizable permissions for default user role. |
-|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowedToSignUpEmailBasedSubscriptions|Boolean| Indicates whether users can sign up for email based subscriptions. |
+|allowedToUseSSPR|Boolean| Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant. |
|allowEmailVerifiedUsersToJoinOrganization|Boolean| Indicates whether a user can join the tenant by email validation. | |allowInvitesFrom|allowInvitesFrom|Indicates who can invite external users to the organization. Possible values are: `none`, `adminsAndGuestInviters`, `adminsGuestInvitersAndAllMembers`, `everyone`. `everyone` is the default setting for all cloud environments except US Government. See more in the [table below](#allowinvitesfrom-values). |
+|blockMsolPowerShell|Boolean| To disable the use of MSOL PowerShell set this property to `true`. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph. |
+|defaultUserRolePermissions|[defaultUserRolePermissions](defaultuserrolepermissions.md)| Specifies certain customizable permissions for default user role. |
+|description|String| Description of this policy.|
+|displayName|String| Display name for this policy. |
+|guestUserRoleId|Guid| Represents role templateId for the role that should be granted to guest user. Currently following roles are supported: User (`a0b1b346-4d3e-4e8b-98f8-753987be4970`), Guest User (`10dae51f-b6af-4016-8d66-8c2a99b929b3`), and Restricted Guest User (`2af84b1e-32c8-42b7-82bc-daa82404023b`). |
+|id|String| ID of the authorization policy. Required. Read-only.|
### allowInvitesFrom values
The following is a JSON representation of the resource.
"allowedToUseSSPR": true, "allowedToSignUpEmailBasedSubscriptions": true, "allowEmailVerifiedUsersToJoinOrganization": true,
- "allowInvitesFrom": "String"
+ "allowInvitesFrom": "String",
+ "guestUserRoleId": "Guid"
} ```
v1.0 Security Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/resources/security-api-overview.md
The following are some of the most popular requests for working with the Microso
| Update alerts | [Update alert](../api/alert-update.md) | [https://graph.microsoft.com/v1.0/security/alerts/{alert-id}](https://developer.microsoft.com/graph/graph-explorer?request=security/alerts/{alert-id}&method=PATCH&version=v1.0&GraphUrl=https://graph.microsoft.com) | |List secure scores|[List secureScores](../api/security-list-securescores.md) |[https://graph.microsoft.com/v1.0/security/secureScores](https://developer.microsoft.com/graph/graph-explorer?request=security/secureScores&method=GET&version=v1.0&GraphUrl=https://graph.microsoft.com)| |Get secure score|[Get secureScore](../api/securescore-get.md) |[https://graph.microsoft.com/v1.0/security/secureScores/{id}](https://developer.microsoft.com/graph/graph-explorer?request=security/secureScores/{id}&method=GET&version=v1.0&GraphUrl=https://graph.microsoft.com)|
-|List secure score control profiles|[List secureScoreControlProfiles](../api/security-list-securescorecontrolprofiles.md) |[https://graph.microsoft.com/v1.0/security/secureScoreControlProfiles/{id}](https://developer.microsoft.com/graph/graph-explorer?request=security/secureScoreControlProfiles//{id}&method=GET&version=v1.0&GraphUrl=https://graph.microsoft.com)|
-|Get secure score control profile|[Get secureScoreControlProfile](../api/securescorecontrolprofile-get.md) |[https://graph.microsoft.com/v1.0/security/secureScoreControlProfiles](https://developer.microsoft.com/graph/graph-explorer?request=security/secureScoreControlProfiles&method=GET&version=v1.0&GraphUrl=https://graph.microsoft.com)|
+|List secure score control profiles|[List secureScoreControlProfiles](../api/security-list-securescorecontrolprofiles.md) |[https://graph.microsoft.com/v1.0/security/secureScoreControlProfiles](https://developer.microsoft.com/graph/graph-explorer?request=security/secureScoreControlProfiles&method=GET&version=v1.0&GraphUrl=https://graph.microsoft.com)|
+|Get secure score control profile|[Get secureScoreControlProfile](../api/securescorecontrolprofile-get.md) |[https://graph.microsoft.com/v1.0/security/secureScoreControlProfiles/{id}](https://developer.microsoft.com/graph/graph-explorer?request=security/secureScoreControlProfiles/{id}&method=GET&version=v1.0&GraphUrl=https://graph.microsoft.com)|
|Update secure score control profiles|[Update secureScoreControlProfile](../api/securescorecontrolprofile-update.md) |[https://graph.microsoft.com/v1.0/security/secureScoreControlProfiles/{id}](https://developer.microsoft.com/graph/graph-explorer?request=security/secureScoreControlProfiles/{id}&method=PATCH&version=v1.0&GraphUrl=https://graph.microsoft.com)|
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/resources/user.md
This resource supports:
|givenName|String|The given name (first name) of the user. Returned by default. Maximum length is 64 characters. Supports `$filter`.| | hireDate | DateTimeOffset | The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. <br><br>Returned only on `$select`. <br><br> **Note:** This property is specific to SharePoint Online. We recommend using the native **employeeHireDate** property to set and update hire date values using Microsoft Graph APIs. | |id|String|The unique identifier for the user. Should be treated as an opaque identifier. Inherited from [directoryObject](directoryobject.md). Key. <br><br>Not nullable. Read-only.|
-|identities|[objectIdentity](objectIdentity.md) collection| Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft (also known as a local account), by organizations, or by social identity providers such as Facebook, Google, and Microsoft, and tied to a user account. May contain multiple items with the same **signInType** value. Can contain up to ten [objectIdentity](objectIdentity.md) objects. <br>Supports `$filter`.|
+|identities|[objectIdentity](objectIdentity.md) collection| Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft (also known as a local account), by organizations, or by social identity providers such as Facebook, Google, and Microsoft, and tied to a user account. May contain multiple items with the same **signInType** value. <br>Supports `$filter`.|
|imAddresses|String collection|The instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only.| |interests|String collection|A list for the user to describe their interests.| |isResourceAccount|Boolean| Do not use ΓÇô reserved for future use.|
This resource supports:
|lastPasswordChangeDateTime| DateTimeOffset | The time when this Azure AD user last changed their password. The date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |legalAgeGroupClassification|[legalAgeGroupClassification](#legalagegroupclassification-values)| Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on **ageGroup** and **consentProvidedForMinor** properties. Allowed values: `null`, `minorWithOutParentalConsent`, `minorWithParentalConsent`, `minorNoParentalConsentRequired`, `notAdult` and `adult`. Refer to the [legal age group property definitions](#legal-age-group-property-definitions) for further information.| |licenseAssignmentStates|[licenseAssignmentState](licenseassignmentstate.md) collection|State of license assignments for this user. Read-only.|
-|mail|String|The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com".<br>NOTE: While this property can contain accent characters, they can cause access issues to first-party applications for the user. <br><br>Returned by default. Supports `$filter` and `endsWith`.|
+|mail|String|The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com".<br>NOTE: While this property can contain accent characters, using them can cause access issues with other Microsoft applications for the user. <br><br>Returned by default. Supports `$filter` and `endsWith`.|
|mailboxSettings|[mailboxSettings](mailboxsettings.md)|Settings for the primary mailbox of the signed-in user. You can [get](../api/user-get-mailboxsettings.md) or [update](../api/user-update-mailboxsettings.md) settings for sending automatic replies to incoming messages, locale and time zone.<br><br>Returned only on `$select`. Supported only on the Get user API (`GET /users/{id}` or `GET /me`).| |mailNickname|String|The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. Supports `$filter`.| |mobilePhone|String|The primary cellular telephone number for the user. Read-only for users synced from on-premises directory. Maximum length is 64 characters. Returned by default. |