+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the user who is the app owner, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore deleted users through the [Restore deleted items API](directory-deleteditems-restore.md).

+### Example 6: Create a one-on-one chat with a federated user (outside of own organization)

+#### Request

+<!-- {

+ "blockType": "request",

+ "name": "create_chat_oneOnOne_federated"

+}

+-->

+``` http

+POST https://graph.microsoft.com/v1.0/chats

+Content-Type: application/json

+{

+ "chatType": "oneOnOne",

+ "members": [

+ {

+ "@odata.type": "#microsoft.graph.aadUserConversationMember",

+ "roles": ["owner"],

+ "user@odata.bind": "https://graph.microsoft.com/v1.0/users('8b081ef6-4792-4def-b2c9-c363a1bf41d5')"

+ },

+ {

+ "@odata.type": "#microsoft.graph.aadUserConversationMember",

+ "roles": ["owner"],

+ "user@odata.bind": "https://graph.microsoft.com/v1.0/users('82af01c5-f7cc-4a2e-a728-3a5df21afd9d')",

+ "tenantId": "4dc1fe35-8ac6-4f0d-904a-7ebcd364bea1"

+ }

+ ]

+}

+```

+#### Response

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.chat"

+}

+-->

+``` http

+HTTP/1.1 201 Created

+Content-Type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#chats/$entity",

+ "id": "19:82af01c5-f7cc-4a2e-a728-3a5df21afd9d_8b081ef6-4792-4def-b2c9-c363a1bf41d5@unq.gbl.spaces",

+ "topic": null,

+ "createdDateTime": "2020-12-04T23:10:28.51Z",

+ "lastUpdatedDateTime": "2020-12-04T23:10:28.51Z",

+ "chatType": "oneOnOne"

+}

+```

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the user who is a registered owner of the device, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore deleted users through the [Restore deleted items API](directory-deleteditems-restore.md).

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the user who is a registered user of the device, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore deleted users through the [Restore deleted items API](directory-deleteditems-restore.md).

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the member object, the object will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore specific objects through the [Restore deleted items API](directory-deleteditems-restore.md).

+## See also

+[Large file upload](/graph/sdks/large-file-upload)

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the member object type, the member object will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. For example, an app with both *GroupMember.ReadWrite.All* and *User.ReadWrite.All* permissions will delete a user. You can restore specific objects through the [Restore deleted items API](directory-deleteditems-restore.md).

+> [!NOTE]

+> This request might have replication delays for delegated permission grants that were recently created, updated, or deleted.

+This method supports the `$filter` (`eq`) [OData query parameter](/graph/query-parameters) to help customize the response.

+|[Update application](../api/application-update.md) | None |Update application object. |

+The following table lists the supported events.

+| [messagePinnedEventMessageDetail](../resources/messagepinnedeventmessagedetail.md) | A message has been pinned. |

+| [messageUnpinnedEventMessageDetail](../resources/messageunpinnedeventmessagedetail.md) | A message has been unpinned. |

+ Title: "messagePinnedEventMessageDetail resource type"

+description: "Represents the details of an event message about a pinned chat message."

+ms.localizationpriority: medium

+# messagePinnedEventMessageDetail resource type

+Namespace: microsoft.graph

+Represents the details of an event message about a pinned [chatMessage](../resources/chatmessage.md). This message is generated when a chat message is pinned.

+Inherits from [eventMessageDetail](../resources/eventmessagedetail.md).

+## Properties

+|Property|Type|Description|

+|:|:|:|

+|eventDateTime|DateTimeOffset|Date and time when the event occurred.|

+|initiator|[identitySet](../resources/identityset.md)|Initiator of the event.|

+## JSON representation

+The following is a JSON representation of the resource.

+<!-- {

+ "blockType": "resource",

+ "@odata.type": "microsoft.graph.messagePinnedEventMessageDetail",

+ "baseType": "microsoft.graph.eventMessageDetail"

+}

+-->

+``` json

+{

+ "@odata.type": "#microsoft.graph.messagePinnedEventMessageDetail",

+ "eventDateTime": "String (timestamp)",

+ "initiator": {

+ "@odata.type": "microsoft.graph.identitySet"

+ }

+}

+```

+## See also

+- [Example response for an event message about a pinned chat message](/graph/system-messages/#message-pinned)

+- For more information about other types of events, see [System messages](/graph/system-messages).

+ Title: "messageUnpinnedEventMessageDetail resource type"

+description: "Represents the details of an event message about an unpinned chat message."

+ms.localizationpriority: medium

+# messageUnpinnedEventMessageDetail resource type

+Namespace: microsoft.graph

+Represents the details of an event message about an unpinned [chatMessage](../resources/chatmessage.md). This message is generated when a chat message is unpinned.

+Inherits from [eventMessageDetail](../resources/eventmessagedetail.md).

+## Properties

+|Property|Type|Description|

+|:|:|:|

+|eventDateTime|DateTimeOffset|Date and time when the event occurred.|

+|initiator|[identitySet](../resources/identityset.md)|Initiator of the event.|

+## JSON representation

+The following is a JSON representation of the resource.

+<!-- {

+ "blockType": "resource",

+ "@odata.type": "microsoft.graph.messageUnpinnedEventMessageDetail",

+ "baseType": "microsoft.graph.eventMessageDetail"

+}

+-->

+``` json

+{

+ "@odata.type": "#microsoft.graph.messageUnpinnedEventMessageDetail",

+ "eventDateTime": "String (timestamp)",

+ "initiator": {

+ "@odata.type": "microsoft.graph.identitySet"

+ }

+}

+```

+## See also

+- [Example response for an event message about an unpinned chat message](/graph/system-messages/#message-unpinned)

+- For more information about other types of events, see [System messages](/graph/system-messages).

+| principalId | String | The **id** of the [user](user.md) on behalf of whom the client is authorized to access the resource, when **consentType** is *Principal*. If **consentType** is *AllPrincipals* this value is null. Required when **consentType** is *Principal*. Supports `$filter` (`eq` only). |

+| resourceId | String | The **id** of the resource [service principal](serviceprincipal.md) to which access is authorized. This identifies the API which the client is authorized to attempt to call on behalf of a signed-in user. Supports `$filter` (`eq` only). |

+Lists the client applications that are pre-authorized with the specified delegated permissions to access this application's APIs. Users are not required to consent to any pre-authorized application (for the permissions specified). However, any additional permissions not listed in preAuthorizedApplications (requested through incremental consent for example) will require user consent.

+In some rare cases, an identifier listed in the `permissionIds` property may refer to an [app role](approle.md) (from the service principal's `appRoles` property), indicating that the client application identified by the `appId` property has been pre-authorized for that app role.

+|appId|String| The unique identifier for the client application. |

+|permissionIds|String collection| The unique identifier for the [scopes](permissionscope.md) the client application is granted. |

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the user who is the app owner, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore deleted users through the [Restore deleted items API](directory-deleteditems-restore.md).

+### Example 5: Create a one-on-one chat with a federated user (outside of own organization)

+#### Request

+<!-- {

+ "blockType": "request",

+ "name": "create_chat_oneOnOne_federated"

+}

+-->

+``` http

+POST https://graph.microsoft.com/v1.0/chats

+Content-Type: application/json

+{

+ "chatType": "oneOnOne",

+ "members": [

+ {

+ "@odata.type": "#microsoft.graph.aadUserConversationMember",

+ "roles": ["owner"],

+ "user@odata.bind": "https://graph.microsoft.com/v1.0/users('8b081ef6-4792-4def-b2c9-c363a1bf41d5')"

+ },

+ {

+ "@odata.type": "#microsoft.graph.aadUserConversationMember",

+ "roles": ["owner"],

+ "user@odata.bind": "https://graph.microsoft.com/v1.0/users('82af01c5-f7cc-4a2e-a728-3a5df21afd9d')",

+ "tenantId": "4dc1fe35-8ac6-4f0d-904a-7ebcd364bea1"

+ }

+ ]

+}

+```

+#### Response

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.chat"

+}

+-->

+``` http

+HTTP/1.1 201 Created

+Content-Type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#chats/$entity",

+ "id": "19:82af01c5-f7cc-4a2e-a728-3a5df21afd9d_8b081ef6-4792-4def-b2c9-c363a1bf41d5@unq.gbl.spaces",

+ "topic": null,

+ "createdDateTime": "2020-12-04T23:10:28.51Z",

+ "lastUpdatedDateTime": "2020-12-04T23:10:28.51Z",

+ "chatType": "oneOnOne"

+}

+```

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the user who is a registered owner of the device, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore deleted users through the [Restore deleted items API](directory-deleteditems-restore.md).

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the user who is a registered user of the device, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore deleted users through the [Restore deleted items API](directory-deleteditems-restore.md).

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the member object, the object will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. You can restore specific objects through the [Restore deleted items API](directory-deleteditems-restore.md).

+>**Note:** You can use the `@microsoft.graph.conflictBehavior` and `if-match` headers as expected in this call.

+## See also

+[Large file upload](/graph/sdks/large-file-upload)

+> [!CAUTION]

+> If `/$ref` is not appended to the request and the calling app has permissions to manage the member object type, the member object will also be deleted from Azure Active Directory (Azure AD); otherwise, a `403 Forbidden` error is returned. For example, an app with both *GroupMember.ReadWrite.All* and *User.ReadWrite.All* permissions will delete a user. You can restore specific objects through the [Restore deleted items API](directory-deleteditems-restore.md).

+> [!NOTE]

+> This request might have replication delays for delegated permission grants that were recently created, updated, or deleted.

+This method supports the `$filter` (`eq`) [OData query parameter](/graph/query-parameters) to help customize the response.

+| principalId | String | The **id** of the [user](user.md) on behalf of whom the client is authorized to access the resource, when **consentType** is *Principal*. If **consentType** is *AllPrincipals* this value is null. Required when **consentType** is *Principal*. Supports `$filter` (`eq` only).|

+| resourceId | String | The **id** of the resource [service principal](serviceprincipal.md) to which access is authorized. This identifies the API which the client is authorized to attempt to call on behalf of a signed-in user. Supports `$filter` (`eq` only). |

+In some rare cases, an identifier listed in the `delegatedPermissionIds` property may actually identify an [app role](approle.md) (from the service principal's `appRoles` property), indicating that the client application identified by the `appId` property has been pre-authorized for that app role.

+ displayName: authentication, authorization, authenticate, authorize

+ - name: Resolve authorization errors

+ href: /graph/resolve-auth-errors?context=graph/api/1.0

+ displayName: Microsoft Graph API, API, Microsoft Graph REST API, REST API

+ - name: Access data and methods

+ href: /graph/traverse-the-graph?context=graph/api/1.0

+ - name: Query parameters

+ - name: Use query parameters

+ href: /graph/query-parameters?context=graph/api/1.0

+ displayName: OData query parameters, OData

+ - name: Use the search query parameter

+ href: /graph/search-query-parameter?context=graph/api/1.0

+ - name: Advanced query capabilities

+ href: /graph/aad-advanced-queries?context=graph/api/1.0

+ - name: Optimize requests with query parameters

+ href: /learn/modules/optimize-data-usage

+ displayName: Batch request

+ items:

+ - name: Overview

+ href: /graph/throttling?context=graph/api/1.0

+ displayName: throttling

+ - name: Optimize network traffic

+ href: /learn/modules/optimize-network-traffic

+ displayName: change notifications, WebHooks, set up notifications for changes in resource data

+ - name: Change notifications tutorial

+ href: /graph/webhooks-lifecycle?context=graph/api/1.0

+ - name: Get notifications delivered different ways (preview)

+ href: /graph/change-notifications-delivery?context=graph/api/1.0

+ - name: Change notifications for cloud printing

+ href: /graph/universal-print-webhook-notifications?context=graph/api/1.0

+ - name: Change notifications for Microsoft Teams resources

+ items:

+ - name: Notification types and payloads

+ href: /graph/teams-change-notification-in-microsoft-teams-overview?context=graph/api/1.0

+ displayName: change notifications, Teams, Microsoft Teams

+ - name: Teams and channels

+ href: /graph/teams-changenotifications-team-and-channel?context=graph/api/1.0

+ - name: Team and channel membership

+ href: /graph/teams-changenotifications-teamMembership?context=graph/api/1.0

+ - name: Chat and channel messages

+ href: /graph/teams-changenotifications-chatmessage?context=graph/api/1.0

+ - name: Chat

+ href: /graph/teams-changenotifications-chat?context=graph/api/1.0

+ - name: Chat membership

+ href: /graph/teams-changenotifications-chatMembership?context=graph/api/1.0

+ - name: Change notifications for Outlook resources

+ href: /graph/outlook-change-notifications-overview?context=graph/api/1.0

+ displayName: Delta query, track changes, change tracking

+ displayName: add custom data, extensions, resources using extensions

+ displayName: Graph Explorer, try the API, try API

+ - name: Migrate Azure AD Graph apps

+ href: /graph/migrate-azure-ad-graph-overview?context=graph/api/1.0

+ displayName: Migration, Azure AD Graph, migrate

+ - name: Azure AD Graph migration FAQ

+ displayName: migrate, frequently asked questions

+ - name: Exchange Web Services

+ items:

+ - name: Migrate EWS apps

+ href: /graph/migrate-exchange-web-services-overview?context=graph/api/1.0

+ displayName: Migration, Exchange Web Services, EWS, migrate

+ - name: Authentication

+ href: /graph/migrate-exchange-web-services-authentication?context=graph/api/1.0

+ - name: API mapping

+ href: /graph/migrate-exchange-web-services-api-mapping?context=graph/api/1.0

+ displayName: SDK, SDKs, Microsoft Graph SDK

+ displayName: install SDK, install SDKs, installation

+ - name: PowerShell overview

+ href: /powershell/microsoftgraph/overview?toc=/graph/toc.json

+ - name: Install PowerShell SDK

+ href: /powershell/microsoftgraph/installation?toc=/graph/toc.json

+ href: /powershell/microsoftgraph/get-started?toc=/graph/toc.json

+ - name: Navigate the PowerShell SDK

+ href: /powershell/microsoftgraph/navigating?toc=/graph/toc.json

+ href: /powershell/microsoftgraph/app-only?toc=/graph/toc.json

+ - name: Overview

+ displayName: Microsoft Graph Toolkit, toolkit

+ - name: Get started

+ displayName: Microsoft Graph Toolkit, toolkit

+ - name: Toolkit for React

+ - name: Toolkit for SPFx

+ displayName: Microsoft Graph Toolkit providers, toolkit provider

+ - name: TeamsFx provider

+ href: /graph/toolkit/providers/teamsfx?context=graph/api/1.0

+ displayName: Microsoft Graph toolkit components, toolkit component

+ displayName: Microsoft Graph, Best practices for working with Microsoft Graph

+ displayName: Microsoft Graph, Known issues with Microsoft Graph

+ - name: API changelog

+ displayName: Microsoft Graph error responses and error resource types

+ - name: API v1.0 reference

+ displayName: Microsoft Graph REST API v1.0 reference