Updates from: 07/09/2021 03:08:53
Service Microsoft Docs article Related commit history on GitHub Change details
v1.0 Directoryrole List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/directoryrole-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] List the directory roles that are activated in the tenant.+
+This operation only returns roles that have been activated. A role becomes activated when an admin activates the role using the [Activate directoryRole](directoryrole-post-directoryroles.md) API. Not all built-in roles are initially activated.
+
+When assigning a role using the Azure portal, the role activation step is implicitly done on the admin's behalf. To get the full list of roles that are available in Azure AD, use [List directoryRoleTemplates](directoryroletemplate-list.md).
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Rbacapplication List Roledefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/rbacapplication-list-roledefinitions.md
The following RBAC providers are currently supported:
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Cloud PC | CloudPC.Read.All, CloudPC.ReadWrite.All | Not supported. | CloudPC.Read.All, CloudPC.ReadWrite.All |
-| Device management | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All | Not supported. | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
-| Directory | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All | Not supported.| RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
-| Entitlement management | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All | Not supported. | Not supported. |
+### For Cloud PC provider
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | CloudPC.Read.All, CloudPC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | CloudPC.Read.All, CloudPC.ReadWrite.All |
+
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
+
+### For Directory (Azure AD) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+
+### For Entitlement management provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
## HTTP request
v1.0 Rbacapplication Post Roledefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/rbacapplication-post-roledefinitions.md
Create a new [unifiedRoleDefinition](../resources/unifiedroledefinition.md) obje
The following RBAC providers are currently supported: - device management (Intune)-- directory (Azure AD)
+- directory (Azure AD)
> [!NOTE] > The cloud PC RBAC provider currently supports only the [list](rbacapplication-list-roledefinitions.md) and [get](unifiedroledefinition-get.md) operations. ## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Device management | DeviceManagementRBAC.ReadWrite.All | Not supported. | DeviceManagementRBAC.ReadWrite.All |
-| Directory | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All | Not supported.| RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.ReadWrite.All |
+
+### For Directory (Azure AD) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
## HTTP request
v1.0 Rbacapplicationmultiple List Roleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/rbacapplicationmultiple-list-roleassignments.md
For other Microsoft 365 applications (like Azure AD), use [unifiedRoleAssignment
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
+
+### For Cloud PC provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | CloudPC.Read.All, CloudPC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | CloudPC.Read.All, CloudPC.ReadWrite.All |
+
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Cloud PC | CloudPC.Read.All, CloudPC.ReadWrite.All | Not supported. | CloudPC.Read.All, CloudPC.ReadWrite.All |
-| Intune | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All | Not supported.| DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
## HTTP request
v1.0 Rbacapplicationmultiple Post Roleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/rbacapplicationmultiple-post-roleassignments.md
For other Microsoft 365 applications (like Azure AD), use [unifiedRoleAssignment
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
+
+### For Cloud PC provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | CloudPC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | CloudPC.ReadWrite.All |
+
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.ReadWrite.All |
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Cloud PC | CloudPC.ReadWrite.All | Not supported. | CloudPC.ReadWrite.All |
-| Intune | DeviceManagementRBAC.ReadWrite.All | Not supported.| DeviceManagementRBAC.ReadWrite.All |
## HTTP request
v1.0 Search Query https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/search-query.md
Content-type: application/json
``` ## See also+ - Search [mail messages](/graph/search-concept-messages) - Search [calendar events](/graph/search-concept-events)
+- Search [person](/graph/search-concept-person)
- Search content in SharePoint and OneDrive ([files, lists and sites](/graph/search-concept-files)) - Search [custom types (Graph Connectors)](/graph/search-concept-custom-types) data - [Sort](/graph/search-concept-sort) search results - Use [aggregations](/graph/search-concept-aggregations) to refine search results - Enable [spell corrections](/graph/search-concept-speller) in search results - <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
Content-type: application/json
"section": "documentation", "tocPath": "" }-->--
v1.0 Serviceprincipal Delete Approleassignedto https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/serviceprincipal-delete-approleassignedto.md
Here is an example of the request to delete an app role assignment from the reso
}--> ```http
-DELETE https://graph.microsoft.com/v1.0/servicePrincipals/{resource-SP-id}/appRoleAssignedTo/{appRoleAssignment-id}
+DELETE https://graph.microsoft.com/beta/servicePrincipals/{resource-SP-id}/appRoleAssignedTo/{appRoleAssignment-id}
``` In this example, `{resource-SP-id}` is the id of the resource service principal, and `{appRoleAssignment-id}` is the id of the appRoleAssignment object that represents an assignment to the user, group, or client service principal.
v1.0 Unifiedroleassignmentmultiple Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentmultiple-delete.md
This is applicable for a RBAC application that supports multiple principals and
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
+
+### For Cloud PC provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | CloudPC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | CloudPC.ReadWrite.All |
+
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.ReadWrite.All |
+
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Cloud PC | CloudPC.ReadWrite.All | Not supported. | CloudPC.ReadWrite.All |
-| Intune | DeviceManagementRBAC.ReadWrite.All | Not supported.| DeviceManagementRBAC.ReadWrite.All |
## HTTP request
v1.0 Unifiedroleassignmentmultiple Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentmultiple-get.md
For other Microsoft 365 applications (like Azure AD), use [unifiedRoleAssignment
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
+
+### For Cloud PC provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | CloudPC.Read.All, CloudPC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | CloudPC.Read.All, CloudPC.ReadWrite.All |
+
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
+
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Cloud PC | CloudPC.Read.All, CloudPC.ReadWrite.All | Not supported. | CloudPC.Read.All, CloudPC.ReadWrite.All |
-| Intune | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All | Not supported.| DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
## HTTP request
v1.0 Unifiedroleassignmentmultiple Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentmultiple-update.md
In contrast, [unifiedRoleAssignment](../resources/unifiedroleassignment.md) does
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
+
+### For Cloud PC provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | CloudPC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | CloudPC.ReadWrite.All |
+
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.ReadWrite.All |
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Cloud PC | CloudPC.ReadWrite.All | Not supported. | CloudPC.ReadWrite.All |
-| Intune | DeviceManagementRBAC.ReadWrite.All | Not supported.| DeviceManagementRBAC.ReadWrite.All |
## HTTP request
v1.0 Unifiedroleassignmentschedule Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedule-filterbycurrentuser.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleassignmentschedule Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedule-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleassignmentschedule List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedule-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory |
## HTTP request
v1.0 Unifiedroleassignmentscheduleinstance Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentscheduleinstance-filterbycurrentuser.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleassignmentscheduleinstance Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentscheduleinstance-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleassignmentscheduleinstance List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentscheduleinstance-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|RoleManagement.ReadWrite.Directory|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleassignmentschedulerequest Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedulerequest-cancel.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported| |Application|Not supported|
v1.0 Unifiedroleassignmentschedulerequest Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedulerequest-filterbycurrentuser.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleassignmentschedulerequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedulerequest-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleassignmentschedulerequest List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedulerequest-list.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | | :- | : |
-| Delegated (work or school account) | PrivilegedAccess.ReadWrite.AzureAD |
+| Delegated (work or school account) | RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
| Delegated (personal Microsoft account) | Not supported |
-| Application | PrivilegedAccess.Read.AzureAD |
+| Application | RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory |
## HTTP request
v1.0 Unifiedroleassignmentschedulerequest Post Unifiedroleassignmentschedulerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedulerequest-post-unifiedroleassignmentschedulerequests.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported| |Application|Not supported|
v1.0 Unifiedroleassignmentschedulerequest Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleassignmentschedulerequest-update.md
- Title: "Update unifiedRoleAssignmentScheduleRequest"
-description: "Update the properties of an unifiedRoleAssignmentScheduleRequest object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update unifiedRoleAssignmentScheduleRequest
-Namespace: microsoft.graph
--
-Update the properties of an [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
-|Delegated (personal Microsoft account)|Not supported|
-|Application|Not supported|
-
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequestsId}
-```
-
-## Request headers
-|Name|Description|
-|:|:|
-|Authorization|Bearer {token}. Required.|
-|Content-Type|application/json. Required.|
-
-## Request body
-In the request body, supply a JSON representation of the [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) object.
-
-The following table shows the properties that are required when you update the [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|The unique identifier for the unifiedRoleAssignmentScheduleRequest. Key, not nullable, Read-only.|
-|action|String|Representing the type of the operation on the role assignment. The value can be <ul><li>`AdminAdd`: Administrators assign users/groups to roles;</li><li>`UserAdd`: Users activate eligible assignments;</li><li> `AdminUpdate`: Administrators change existing role assignments</li><li>`AdminRemove`: Administrators remove users/groups from roles;<li>`UserRemove`: Users deactivate active assignments;<li>`UserExtend`: Users request to extend their expiring assignments;</li><li>`AdminExtend`: Administrators extend expiring assignments.</li><li>`UserRenew`: Users request to renew their expired assignments;</li><li>`AdminRenew`: Administrators extend expiring assignments.</li></ul>|
-|principalId|String|Objectid of the principal to which the assignment is being granted to.|
-|roleDefinitionId|String|ID of the unifiedRoleDefinition the assignment is for. Read only.|
-|directoryScopeId|String|Id of the directory object representing the scope of the assignment. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. App scopes are scopes that are defined and understood by this application only.|
-|appScopeId|String|Id of the app specific scope when the assignment scope is app specific. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use "/" for tenant-wide scope. App scopes are scopes that are defined and understood by this application only.|
-|isValidationOnly|Boolean|A boolean that determines whether the call is a validation or an actual call. Only set this property if you want to check whether an activation is subject to additional rules like MFA before actually submitting the request.|
-|targetScheduleId|String|ID of the schedule object attached to the assignment.|
-|justification|String|A message provided by users and administrators when create the request about why it is needed.|
-|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|The schedule object of the role assignment request.|
-|ticketInfo|[ticketInfo](../resources/ticketinfo.md)|The ticketInfo object attached to the role assignment request which includes details of the ticket number and ticket system.|
-
-## Response
-
-If successful, this method returns a `200 OK` response code and an updated [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) object in the response body.
-
-## Examples
-
-### Request
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "update_unifiedroleassignmentschedulerequest"
-}
>
-``` http
-PATCH https://graph.microsoft.com/beta/roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequestsId}
-Content-Type: application/json
-Content-length: 466
-
-{
- "@odata.type": "#microsoft.graph.unifiedRoleAssignmentScheduleRequest",
- "action": "String",
- "principalId": "String",
- "roleDefinitionId": "String",
- "directoryScopeId": "String",
- "appScopeId": "String",
- "isValidationOnly": "Boolean",
- "targetScheduleId": "String",
- "justification": "String",
- "scheduleInfo": {
- "@odata.type": "microsoft.graph.requestSchedule"
- },
- "ticketInfo": {
- "@odata.type": "microsoft.graph.ticketInfo"
- }
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-----
-### Response
-**Note:** The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true
-}
>
-```http
-HTTP/1.1 204 OK
-
-```
-
-<!--
-{
- "@odata.type": "#microsoft.graph.unifiedRoleAssignmentScheduleRequest",
- "id": "c13ee236-e236-c13e-36e2-3ec136e23ec1",
- "action": "String",
- "principalId": "String",
- "roleDefinitionId": "String",
- "directoryScopeId": "String",
- "appScopeId": "String",
- "isValidationOnly": "Boolean",
- "targetScheduleId": "String",
- "justification": "String",
- "scheduleInfo": {
- "@odata.type": "microsoft.graph.requestSchedule"
- },
- "ticketInfo": {
- "@odata.type": "microsoft.graph.ticketInfo"
- }
-}
-```-->
-
v1.0 Unifiedroledefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroledefinition-delete.md
The following RBAC providers are currently supported:
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Device management | DeviceManagementRBAC.ReadWrite.All | Not supported. | DeviceManagementRBAC.ReadWrite.All |
-| Directory | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All | Not supported.| RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.ReadWrite.All |
+
+### For Directory (Azure AD) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
## HTTP request
v1.0 Unifiedroledefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroledefinition-get.md
The following RBAC providers are currently supported:
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
-
-|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
-|:--|:|:|:|
-| Cloud PC | CloudPC.Read.All, CloudPC.ReadWrite.All | Not supported. | CloudPC.Read.All, CloudPC.ReadWrite.All |
-| Device management | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All | Not supported. | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
-| Directory | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All | Not supported.| RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
-| Entitlement management | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All | Not supported. | Not supported. |
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, see [Permissions](/graph/permissions-reference).
+
+### For Cloud PC provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | CloudPC.Read.All, CloudPC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | CloudPC.Read.All, CloudPC.ReadWrite.All |
+
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.Read.All, DeviceManagementRBAC.ReadWrite.All |
+
+### For Directory (Azure AD) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+
+### For Entitlement management provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
## HTTP request
v1.0 Unifiedroledefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroledefinition-update.md
The following RBAC providers are currently supported:
## Permissions
-Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the RBAC provider and the permission type (delegated or application) that is needed, choose from the following table the least privileged permission required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in the [Permissions reference](/graph/permissions-reference).
|Supported provider | Delegated (work or school account) | Delegated (personal Microsoft account) | Application | |:--|:|:|:| | Device management | DeviceManagementRBAC.ReadWrite.All | Not supported. | DeviceManagementRBAC.ReadWrite.All | | Directory | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All | Not supported.| RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+### For Device management (Intune) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | DeviceManagementRBAC.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | DeviceManagementRBAC.ReadWrite.All |
+
+### For Directory (Azure AD) provider
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+ ## HTTP request To update a role definition for a device management provider:
v1.0 Unifiedroleeligibilityschedule Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedule-filterbycurrentuser.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleeligibilityschedule Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedule-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleeligibilityschedule List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedule-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleeligibilityscheduleinstance Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityscheduleinstance-filterbycurrentuser.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleeligibilityscheduleinstance Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityscheduleinstance-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleeligibilityscheduleinstance List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityscheduleinstance-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleeligibilityschedulerequest Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedulerequest-cancel.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|Not supported|
+|Application|RoleManagement.ReadWrite.Directory |
## HTTP request
v1.0 Unifiedroleeligibilityschedulerequest Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedulerequest-filterbycurrentuser.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory |
## HTTP request
v1.0 Unifiedroleeligibilityschedulerequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedulerequest-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedroleeligibilityschedulerequest List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedulerequest-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory |
## HTTP request
v1.0 Unifiedroleeligibilityschedulerequest Post Unifiedroleeligibilityschedulerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedulerequest-post-unifiedroleeligibilityschedulerequests.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory |
|Delegated (personal Microsoft account)|Not supported| |Application|Not supported|
v1.0 Unifiedroleeligibilityschedulerequest Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedroleeligibilityschedulerequest-update.md
- Title: "Update unifiedRoleEligibilityScheduleRequest"
-description: "Update the properties of an unifiedRoleEligibilityScheduleRequest object."
-
-localization_priority: Normal
-doc_type: apiPageType
--
-# Update unifiedRoleEligibilityScheduleRequest
-Namespace: microsoft.graph
--
-Update the properties of an [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) object.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from least to most privileged)|
-|:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
-|Delegated (personal Microsoft account)|Not supported|
-|Application|Not supported|
-
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-PATCH /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequestsId}
-```
-
-## Request headers
-|Name|Description|
-|:|:|
-|Authorization|Bearer {token}. Required.|
-|Content-Type|application/json. Required.|
-
-## Request body
-In the request body, supply a JSON representation of the [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) object.
-
-The following table shows the properties that are required when you update the [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md).
-
-|Property|Type|Description|
-|:|:|:|
-|id|String|The unique identifier for the unifiedRoleEligibilityScheduleRequest. Key, not nullable, Read-only|
-|action|String|Representing the type of the operation on the role assignment. The value can be <ul><li>`AdminAdd`: Administrators assign users/groups to roles;</li><li>`UserAdd`: Users activate eligible assignments;</li><li> `AdminUpdate`: Administrators change existing role assignments</li><li>`AdminRemove`: Administrators remove users/groups from roles;<li>`UserRemove`: Users deactivate active assignments;<li>`UserExtend`: Users request to extend their expiring assignments;</li><li>`AdminExtend`: Administrators extend expiring assignments.</li><li>`UserRenew`: Users request to renew their expired assignments;</li><li>`AdminRenew`: Administrators extend expiring assignments.</li></ul>|
-|principalId|String|Objectid of the principal to which the assignment is being granted to.|
-|roleDefinitionId|String|ID of the unifiedRoleDefinition the assignment is for. Read only.|
-|directoryScopeId|String|Id of the directory object representing the scope of the assignment. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. App scopes are scopes that are defined and understood by this application only.|
-|appScopeId|String|Id of the app specific scope when the assignment scope is app specific. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use "/" for tenant-wide scope. App scopes are scopes that are defined and understood by this application only.|
-|isValidationOnly|Boolean|A boolean that determines whether the call is a validation or an actual call. Only set this property if you want to check whether an activation is subject to additional rules like MFA before actually submitting the request.|
-|targetScheduleId|String|ID of the schedule object attached to the assignment.|
-|justification|String|A message provided by users and administrators when create the request about why it is needed.|
-|scheduleInfo|[requestSchedule](../resources/requestschedule.md)|The schedule object of the role assignment request.|
-|ticketInfo|[ticketInfo](../resources/ticketinfo.md)|The ticketInfo object attached to the role assignment request which includes details of the ticket number and ticket system.|
---
-## Response
-
-If successful, this method returns a `200 OK` response code and an updated [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) object in the response body.
-
-## Examples
-
-### Request
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "update_unifiedroleeligibilityschedulerequest"
-}
>
-``` http
-PATCH https://graph.microsoft.com/beta/roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequestsId}
-Content-Type: application/json
-Content-length: 467
-
-{
- "@odata.type": "#microsoft.graph.unifiedRoleEligibilityScheduleRequest",
- "action": "String",
- "principalId": "String",
- "roleDefinitionId": "String",
- "directoryScopeId": "String",
- "appScopeId": "String",
- "isValidationOnly": "Boolean",
- "targetScheduleId": "String",
- "justification": "String",
- "scheduleInfo": {
- "@odata.type": "microsoft.graph.requestSchedule"
- },
- "ticketInfo": {
- "@odata.type": "microsoft.graph.ticketInfo"
- }
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-----
-### Response
-**Note:** The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true
-}
>
-```http
-HTTP/1.1 204 OK
-
-```
-<!--
-{
- "@odata.type": "#microsoft.graph.unifiedRoleEligibilityScheduleRequest",
- "id": "a2e242a0-42a0-a2e2-a042-e2a2a042e2a2",
- "action": "String",
- "principalId": "String",
- "roleDefinitionId": "String",
- "directoryScopeId": "String",
- "appScopeId": "String",
- "isValidationOnly": "Boolean",
- "targetScheduleId": "String",
- "justification": "String",
- "scheduleInfo": {
- "@odata.type": "microsoft.graph.requestSchedule"
- },
- "ticketInfo": {
- "@odata.type": "microsoft.graph.ticketInfo"
- }
-}
-```
>
v1.0 Unifiedrolemanagementpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicy-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicy List Effectiverules https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicy-list-effectiverules.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicy List Rules https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicy-list-rules.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicy-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicyassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicyassignment-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicyassignment List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicyassignment-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicyrule Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicyrule-get.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicyrule List https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicyrule-list.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.Read.Directory, RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported|
-|Application|PrivilegedAccess.Read.AzureAD|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
## HTTP request
v1.0 Unifiedrolemanagementpolicyrule Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/unifiedrolemanagementpolicyrule-update.md
One of the following permissions is required to call this API. To learn more, in
|Permission type|Permissions (from least to most privileged)| |:|:|
-|Delegated (work or school account)|PrivilegedAccess.ReadWrite.AzureAD|
+|Delegated (work or school account)|RoleManagementPolicy.ReadWrite.Directory, RoleManagement.ReadWrite.Directory|
|Delegated (personal Microsoft account)|Not supported| |Application|Not supported|
v1.0 Userflowlanguageconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/userflowlanguageconfiguration-get.md
doc_type: apiPageType
Namespace: microsoft.graph + Read the properties and relationships of a [userFlowLanguageConfiguration](../resources/userflowlanguageconfiguration.md) object. These objects represent a language available in a user flow. **Note:** To retrieve a language supported for customization, you must first enable language customization on your Azure AD B2C user flow. For more information, see [Update b2cIdentityUserFlow](../api/b2cidentityuserflow-update.md). Language customization is enabled by default in [Azure Active Directory user flows](../resources/b2xidentityuserflow.md).
v1.0 Windowsupdates Deploymentaudience List Exclusions https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/windowsupdates-deploymentaudience-list-exclusions.md
doc_type: apiPageType
# List deployment audience exclusions+ Namespace: microsoft.graph.windowsUpdates [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] List the [updatableAsset](../resources/windowsupdates-updatableasset.md) resources that are excluded from a [deploymentAudience](../resources/windowsupdates-deploymentaudience.md).
+> [!NOTE]
+> This API has a [known issue](/Graph/known-issues#accessing-and-updating-deployment-audiences) related to deployments created via Intune.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Windowsupdates Deploymentaudience List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/windowsupdates-deploymentaudience-list-members.md
doc_type: apiPageType
# List deployment audience members+ Namespace: microsoft.graph.windowsUpdates [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] List the [updatableAsset](../resources/windowsupdates-updatableasset.md) resources that are members of a [deploymentAudience](../resources/windowsupdates-deploymentaudience.md).
+> [!NOTE]
+> This API has a [known issue](/Graph/known-issues#accessing-and-updating-deployment-audiences) related to deployments created via Intune.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Windowsupdates Deploymentaudience Updateaudience https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/windowsupdates-deploymentaudience-updateaudience.md
doc_type: apiPageType
# deploymentAudience: updateAudience+ Namespace: microsoft.graph.windowsUpdates [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
If the same [updatableAsset](../resources/windowsupdates-updatableasset.md) gets
If all **updatableAsset** objects are the same type, you can also use the method [updateAudienceById](windowsupdates-deploymentaudience-updateaudiencebyid.md) to update the **deploymentAudience**.
+> [!NOTE]
+> This API has a [known issue](/Graph/known-issues#accessing-and-updating-deployment-audiences) related to deployments created via Intune.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Windowsupdates Deploymentaudience Updateaudiencebyid https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/api/windowsupdates-deploymentaudience-updateaudiencebyid.md
doc_type: apiPageType
# deploymentAudience: updateAudienceById+ Namespace: microsoft.graph.windowsUpdates [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
If the same [updatableAsset](../resources/windowsupdates-updatableasset.md) gets
You can also use the method [updateAudience](windowsupdates-deploymentaudience-updateaudience.md) to update the **deploymentAudience**.
+> [!NOTE]
+> This API has a [known issue](/Graph/known-issues#accessing-and-updating-deployment-audiences) related to deployments created via Intune.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Cloudpconpremisesconnectionhealthcheck https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/cloudpconpremisesconnectionhealthcheck.md
The result of a cloud PC on-premises connection health check.
|adJoinCheckIncorrectCredentials|The active domain join check failed because the domain credentials are incorrect. Please update the username and password.| |adJoinCheckOrganizationalUnitNotFound|The active domain join check failed because the specified organizational unit was not found. Please re-enter organization unit.| |adJoinCheckOrganizationalUnitIncorrectFormat|The active domain join check failed because the format of the specified organizational unit is incorrect. Example format: ΓÇ£OU=OU1,OU=OU2,OU=OU3,DC=DC1ΓÇ¥.|
+|adJoinCheckComputerObjectAlreadyExists|The computer account can't be found in the organizational unit (OU) provided in the on-premises network connection but the computer name already exists in the domain. This often occurs after the computer object was moved out of the OU configured in the on-premises network connection. Please move the computer object back to the target OU.|
|adJoinCheckAccessDenied|The active domain join check failed because access is denied when non-administrator users who have been delegated control try to join computer objects to a domain controller. Please assign the correct permission to the customer to join computer object to the domain. Permissions needed: Create computer objects, Delete computer objects.| |adJoinCheckUnknownError|The active domain join check failed due to an unknown error. Please contact customer support.| |endpointConnectivityCheckCloudPcUrlNotAllowListed|The endpoint connectivity check failed because the CPC provision script storage URL isnΓÇÖt on the allow list in the network firewall settings. Please add URLs to the list of allowed network firewall settings. The URLs can be found in additional information.|
v1.0 Search Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/search-api-overview.md
The following table describes the types available to query and the supported per
|[listItem](listitem.md)|Sites.Read.All, Sites.ReadWrite.All| SharePoint and OneDrive | List items. Note that files and folders are also returned as list items; **listItem** is the super class of **driveItem**. | |[site](site.md)|Sites.Read.All, Sites.ReadWrite.All| SharePoint | Sites in SharePoint.| |[externalItem](externalitem.md)|ExternalItem.Read.All| Microsoft Graph connectors| All content ingested with the Microsoft Graph connectors API.|
+|[person](person.md)|People.Read|Exchange Online|Personal contacts and contacts or addressable objects in your organization.|
## Page search results
When searching the **message** entity, specifying **enableTopResults** as `true`
## Get selected properties
-When searching an entity type, such as **message**, **event**, **drive**, **driveItem**, **list**, **listItem**, **site**, **externalItem**, you can include in the **fields** property specific entity properties to return in the search results. This is similar to using the [OData system query option, $select](/graph/query-parameters#select-parameter) in REST requests. The search API does not technically support these query options because the behavior is expressed in the POST body.
+When searching an entity type, such as **message**, **event**, **drive**, **driveItem**, **list**, **listItem**, **site**, **externalItem**, or **person**, you can include in the **fields** property specific entity properties to return in the search results. This is similar to using the [OData system query option, $select](/graph/query-parameters#select-parameter) in REST requests. The search API does not technically support these query options because the behavior is expressed in the POST body.
For all these entity types, specifying the **fields** property reduces the number of properties returned in the response, optimizing the payload over the wire.
Depending on the entity type, the searchable properties vary. For details, see:
Search results in the response are sorted in the following default sort order: - **message** and **event** are sorted by date.-- All SharePoint, OneDrive and connector types are sorted by relevance.
+- All SharePoint, OneDrive, person and connector types are sorted by relevance.
The [query](../api/search-query.md) method lets you customize the search order by specifying the **sortProperties** on the `requests` parameter, which is a collection of [searchRequest](./searchrequest.md) objects. This allows you to specify a list of one or more sortable properties and the sort order.
The search API has the following limitations:
- The **query** method is defined to allow passing a collection of one or more **searchRequest** instances at once. However, the service currently supports only a single [searchRequest](./searchrequest.md) at a time. - The [searchRequest](./searchrequest.md) resource supports passing multiple types of entities at a time. However, currently the only supported combination is for SharePoint and OneDrive entityTypes: **driveItem**, **drive**, **site**, **list**, **listItem**.
-Any combinations involving **message**, **event**, SharePoint and OneDrive types , or **externalItem** are currently not supported.
+Any combinations involving **message**, **event**, **person**, SharePoint and OneDrive types, or **externalItem** are currently not supported.
- The **contentSource** property, which defines the connection to use, is only applicable when **entityType** is specified as `externalItem`. -- The search API does not support custom sort for **message**, **event** or **externalItem**.
+- The search API does not support custom sort for **message**, **event**, **person**, or **externalItem**.
-- The search API does not support aggregations for **message**, **event**, **site** or **drive**.
+- The search API does not support aggregations for **message**, **event**, **site**, **person**, or **drive**.
- Customizations in SharePoint search, such as a custom search schema or result sources, can interfere with the operation of the Microsoft Search API.
For backward compatibility, the original properties and types are accessible and
- Learn more about a few key use cases: - [Search Outlook messages](/graph/search-concept-messages) - [Search calendar events](/graph/search-concept-events)
+ - [Search person](/graph/search-concept-person)
- [Search content in Sharepoint and OneDrive](/graph/search-concept-files) - [Search custom types imported using connectors](/graph/search-concept-custom-types) - [Sort search results](/graph/search-concept-sort)
For backward compatibility, the original properties and types are accessible and
- [Request spelling correction](/graph/search-concept-speller) - [Use search display layout](/graph/search-concept-display-layout) -- Explore the search APIs in [Graph Explorer](https://developer.microsoft.com/graph/graph-explorer).
+- Explore the search APIs in [Graph Explorer](https://developer.microsoft.com/graph/graph-explorer).
## What's new
v1.0 Searchrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/searchrequest.md
The JSON blob contains the types of resources expected in the response, the unde
|aggregationFilters|String collection|Contains one or more filters to obtain search results aggregated and filtered to a specific value of a field. Optional.<br>Build this filter based on a prior search that aggregates by the same field. From the response of the prior search, identify the [searchBucket](searchBucket.md) that filters results to the specific value of the field, use the string in its **aggregationFilterToken** property, and build an aggregation filter string in the format **"{field}:\\"{aggregationFilterToken}\\""**. <br>If multiple values for the same field need to be provided, use the strings in its **aggregationFilterToken** property and build an aggregation filter string in the format **"{field}:or(\\"{aggregationFilterToken1}\\",\\"{aggregationFilterToken2}\\")"**. <br>For example, searching and aggregating drive items by file type returns a **searchBucket** for the file type `docx` in the response. You can conveniently use the **aggregationFilterToken** returned for this **searchBucket** in a subsequent search query and filter matches down to drive items of the `docx` file type. [Example 1](/graph/search-concept-aggregation#example-1-request-aggregations-by-string-fields) and [example 2](/graph/search-concept-aggregation#example-2-apply-an-aggregation-filter-based-on-a-previous-request) show the actual requests and responses.| |contentSources|String collection|Contains the connection to be targeted. <br>Respects the following format : `/external/connections/connectionid` where `connectionid` is the ConnectionId defined in the Connectors Administration. <br> Note: contentSource is only applicable when entityType=`externalItem`. Optional.| |enableTopResults|Boolean|This triggers hybrid sort for messages: the first 3 messages are the most relevant. This property is only applicable to entityType=`message`. Optional.|
-|entityTypes|entityType collection| One or more types of resources expected in the response. Possible values are: `list`, `site`, `listItem`, `message`, `event`, `drive`, `driveItem`, `externalItem`. See [known limitations](search-api-overview.md#known-limitations) for those combinations of two or more entity types that are supported in the same search request. Required.|
+|entityTypes|entityType collection| One or more types of resources expected in the response. Possible values are: `list`, `site`, `listItem`, `message`, `event`, `drive`, `driveItem`, `person`, `externalItem`. See [known limitations](search-api-overview.md#known-limitations) for those combinations of two or more entity types that are supported in the same search request. Required.|
|fields|String collection |Contains the fields to be returned for each resource object specified in **entityTypes**, allowing customization of the fields returned by default otherwise, including additional fields such as custom managed properties from SharePoint and OneDrive, or custom fields in **externalItem** from content that Microsoft Graph connectors bring in. <br>The fields property can be using the [semantic labels](https://docs.microsoft.com/microsoftsearch/configure-connector#step-5-assign-property-labels) applied to properties. For example, if a property is label as title, you can retrieve it using the following syntax : label_title.<br>Optional.| |from|Int32|Specifies the offset for the search results. Offset 0 returns the very first result. Optional.| |query|[searchQuery](searchquery.md)|Contains the query terms. Required.|
The following is a JSON representation of the resource.
## See also - Search [mail messages](/graph/search-concept-messages) - Search [calendar events](/graph/search-concept-events)
+- Search [person](/graph/search-concept-person)
- Search content in SharePoint and OneDrive ([files, lists and sites](/graph/search-concept-files)) - Search [custom types imported using connectors](/graph/search-concept-custom-types) data - [Sort](/graph/search-concept-sort) search results
v1.0 Singlevaluelegacyextendedproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/singlevaluelegacyextendedproperty.md
Here is a JSON representation of the resource.
"id": "string (identifier)", "value": "string" }- ``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
v1.0 Unifiedroleassignmentschedulerequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/unifiedroleassignmentschedulerequest.md
Administrators can use `unifiedRoleAssignmentScheduleRequest` to create active r
|[List unifiedRoleAssignmentScheduleRequests](../api/unifiedroleassignmentschedulerequest-list.md)|[unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) collection|Get a list of the [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) objects and their properties.| |[Create unifiedRoleAssignmentScheduleRequest](../api/unifiedroleassignmentschedulerequest-post-unifiedroleassignmentschedulerequests.md)|[unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md)|Create a new [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) object.| |[Get unifiedRoleAssignmentScheduleRequest](../api/unifiedroleassignmentschedulerequest-get.md)|[unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md)|Read the properties and relationships of an [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) object.|
-|[Update unifiedRoleAssignmentScheduleRequest](../api/unifiedroleassignmentschedulerequest-update.md)|[unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md)|Update the properties of an [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) object.|
|[filterByCurrentUser](../api/unifiedroleassignmentschedulerequest-filterbycurrentuser.md)|[unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) collection|Get a list of the [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) objects and their properties that are related to a particular user.| |[cancel](../api/unifiedroleassignmentschedulerequest-cancel.md)|None|Cancels a [unifiedRoleAssignmentScheduleRequest](../resources/unifiedroleassignmentschedulerequest.md) immediately and marks it for deletion in 30 days|
v1.0 Unifiedroledefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/unifiedroledefinition.md
The following RBAC providers are currently supported:
|id|String| The unique identifier for the unifiedRoleDefinition. Key, not nullable, Read-only. Supports `$filter` (`eq` operator only). | |isBuiltIn|Boolean| Flag indicating if the unifiedRoleDefinition is part of the default set included with the product or custom. Read-only. Supports `$filter` (`eq` operator only).| |isEnabled|Boolean| Flag indicating if the role is enabled for assignment. If false the role is not available for assignment. Read-only when **isBuiltIn** is true. |
-|resourceScopes|String collection| List of scopes permissions granted by the role definition apply to. Currently only `/` is supported. Read-only when isBuiltIn is true. **DO NOT USE. This is going to be deprecated soon. Attach scope to role assignment** |
+|resourceScopes|String collection| List of scopes permissions granted by the role definition apply to. Currently only `/` is supported. Read-only when isBuiltIn is true. **DO NOT USE. This will be deprecated soon. Attach scope to role assignment** |
|rolePermissions|[unifiedRolePermission](unifiedrolepermission.md) collection| List of permissions included in the role. Read-only when **isBuiltIn** is true. Required. | |templateId|String| Custom template identifier that can be set when isBuiltIn is false. This identifier is typically used if one needs an identifier to be the same across different directories. Read-only when **isBuiltIn** is true. | |version|String| Indicates version of the unifiedRoleDefinition. Read-only when **isBuiltIn** is true.|
v1.0 Unifiedroleeligibilityschedulerequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/beta/resources/unifiedroleeligibilityschedulerequest.md
Administrators can use `unifiedRoleEligibilityScheduleRequest` to create and/or
|[List unifiedRoleEligibilityScheduleRequests](../api/unifiedroleeligibilityschedulerequest-list.md)|[unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) collection|Get a list of the [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) objects and their properties.| |[Create unifiedRoleEligibilityScheduleRequest](../api/unifiedroleeligibilityschedulerequest-post-unifiedroleeligibilityschedulerequests.md)|[unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md)|Create a new [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) object.| |[Get unifiedRoleEligibilityScheduleRequest](../api/unifiedroleeligibilityschedulerequest-get.md)|[unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md)|Read the properties and relationships of an [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) object.|
-|[Update unifiedRoleEligibilityScheduleRequest](../api/unifiedroleeligibilityschedulerequest-update.md)|[unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md)|Update the properties of an [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) object.|
|[filterByCurrentUser](../api/unifiedroleeligibilityschedulerequest-filterbycurrentuser.md)|[unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) collection|Get a list of the [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) objects and their properties that are related to a particular user.| |[cancel](../api/unifiedroleeligibilityschedulerequest-cancel.md)|None|Cancels a [unifiedRoleEligibilityScheduleRequest](../resources/unifiedroleeligibilityschedulerequest.md) immediately and marks it for deletion in 30 days|
v1.0 Chat Sendactivitynotification https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/chat-sendactivitynotification.md
Content-Type: application/json
``` http HTTP/1.1 204 No Content ```
+## See also
+
+[Notify Feed App C# sample](https://github.com/OfficeDev/Microsoft-Teams-Samples/tree/main/samples/graph-activity-feed/csharp)
v1.0 Emailauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/emailauthenticationmethodconfiguration-get.md
If successful, this method returns a `200 OK` response code and an [emailAuthent
--> ```http
-GET /policies/authenticationMethodsPolicy/email
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/email
``` ### Response
v1.0 Emailauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/emailauthenticationmethodconfiguration-update.md
If successful, this method returns a `204 No Content` response code. It does not
--> ```http
-PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfiguration/email
+PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/email
Content-Type: application/json Content-length: 147
v1.0 Featurerolloutpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/featurerolloutpolicy-get.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/directory/featureRolloutPolicies/df85e4d9-e8c4-4033-a41c-73419a95c29c?$expand=appliesTo
+GET https://graph.microsoft.com/v1.0/policies/featureRolloutPolicies/df85e4d9-e8c4-4033-a41c-73419a95c29c?$expand=appliesTo
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-featurerolloutpolicy-expand-appliesto-csharp-snippets.md)]
v1.0 Fido2authenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/fido2authenticationmethod-get.md
For delegated scenarios where an admin is acting on another user, the admin need
} --> ``` http
-GET /me/authentication/fido2AuthenticationMethod/{id}
-GET /users/{id | userPrincipalName}/authentication/fido2AuthenticationMethod/{id}
+GET /me/authentication/fido2Methods/{id}
+GET /users/{id | userPrincipalName}/authentication/fido2Methods/{id}
``` ## Request headers
If successful, this method returns a `200 OK` response code and the requested [f
### Request ``` http
-GET https://graph.microsoft.com/v1.0/me/authentication/fido2AuthenticationMethod/-2_GRUg2-HYz6_1YG4YRAQ2
+GET https://graph.microsoft.com/v1.0/me/authentication/fido2Methods/-2_GRUg2-HYz6_1YG4YRAQ2
``` ### Response
v1.0 User List Manager https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/api/user-list-manager.md
This method supports the `$select` and `$expand` [OData query parameters](/graph
> + The `n` value of `$levels` can be `max` (to return all managers) or a number between 1 and 1000. > + When the `$levels` parameter is not specified, only the immediate manager is returned. > + You can specify `$select` inside `$expand` to select the individual manager's properties. The `$levels` parameter is required: `$expand=manager($levels=max;$select=id,displayName)`
+> + In order to select the expanded manager's properties, the `$count=true` parameter must be added to the query as well as the header,
+`ConsistencyLevel=eventual`. You can see this implemented in Example 2.
## Request headers
v1.0 Singlevaluelegacyextendedproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/master/api-reference/v1.0/resources/singlevaluelegacyextendedproperty.md
Here is a JSON representation of the resource.
"id": "string (identifier)", "value": "string" }- ``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79