Service | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
v1.0 | Accesspackagecatalog Post Customaccesspackageworkflowextensions | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md | One of the following permissions is required to call this API. To learn more, in |:|:| |Delegated (work or school account)|EntitlementManagement.ReadWrite.All | |Delegated (personal Microsoft account)|Not supported.|-|Application|EntitlementManagement.ReadWrite.All | +|Application|Not supported.| ## HTTP request |
v1.0 | Externalidentitiespolicy Update | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalidentitiespolicy-update.md | PATCH /policies/externalIdentitiesPolicy |Property|Type|Description| |:|:|:| |allowDeletedIdentitiesDataRemoval|Boolean|Notifies Azure AD whether to clean up the user information about the external identity, from the guest tenant, when the user is deleted in their home tenant. Required.|-|allowExternalIdentitiesToLeave|Boolean|Notifies Azure AD whether to clean up the user information about the external identity, from the guest tenant, when the user is deleted in their home tenant. Required.| +|allowExternalIdentitiesToLeave|Boolean|Defines whether external users can leave the guest tenant. If set to `false`, self-service controls are disabled, and the admin of the guest tenant must manually remove the external user from the guest tenant. When the external user leaves the tenant, their data in the guest tenant is first soft-deleted then permanently deleted in 30 days. Required.| ## Response |
v1.0 | Organization Get | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organization-get.md | Title: "Get organization" description: "Retrieve the properties and relationships of currently authenticated organization." ms.localizationpriority: medium-+ ms.prod: "directory-management" doc_type: apiPageType |
v1.0 | Organization List | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organization-list.md | Title: "List organization" description: "Retrieve a list of organization objects." ms.localizationpriority: medium-+ ms.prod: "directory-management" doc_type: apiPageType |
v1.0 | Organization Update | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organization-update.md | Title: "Update organization" description: "Update the properties of the currently authenticated organization." ms.localizationpriority: medium-+ ms.prod: "directory-management" doc_type: apiPageType |
v1.0 | Orgcontact Get | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-get.md | One of the following permissions is required to call this API. To learn more, in GET /contacts/{id} ``` ## Optional query parameters-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response. +This method supports the `$select` and `$expand` [OData query parameters](/graph/query-parameters) to help customize the response. ## Request headers | Name | Type | Description| Here is an example of the request. "name": "get_orgcontact" }--> ```msgraph-interactive-GET https://graph.microsoft.com/beta/contacts/{id} +GET https://graph.microsoft.com/beta/contacts/25caf6a2-d5cb-470d-8940-20ba795ef62d ``` # [C#](#tab/csharp) HTTP/1.1 200 OK Content-type: application/json {- "addresses":[ - { - "city": "string", - "countryOrRegion": "string", - "officeLocation": "string", - "postalCode": "string", - "state": "string", - "street": "string" - } - ], - "companyName": "companyName-value", - "department": "department-value", - "displayName": "displayName-value", - "phones":[ - { - "type": "string", - "number": "string" - } - ] + "@odata.context": "https://graph.microsoft.com/beta/$metadata#contacts/$entity", + "id": "25caf6a2-d5cb-470d-8940-20ba795ef62d", + "deletedDateTime": null, + "companyName": "Adatum Corporation", + "department": null, + "displayName": "Adele Vance", + "proxyAddresses": [ + "SMTP:AdeleVance@adatum.com" + ], + "givenName": "Adele", + "imAddresses": [], + "jobTitle": "Engagement manager", + "mail": "AdeleVance@adatum.com", + "mailNickname": "AdeleVance", + "onPremisesLastSyncDateTime": null, + "onPremisesSyncEnabled": null, + "surname": "Vance", + "addresses": [ + { + "city": null, + "countryOrRegion": "United States", + "officeLocation": null, + "postalCode": null, + "state": null, + "street": null + } + ], + "onPremisesProvisioningErrors": [], + "phones": [ + { + "number": null, + "type": "businessFax" + }, + { + "number": null, + "type": "mobile" + }, + { + "number": null, + "type": "business" + } + ] } ``` |
v1.0 | Authenticationmethods Overview | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationmethods-overview.md | The authentication method APIs are used to manage a user's authentication method |Authentication method | Description |Examples | |:|:|:|-|[passwordAuthenticationMethod](passwordauthenticationmethod.md)| A password is currently the default primary authentication method in Azure AD.|Reset a user's password| -|[phoneAuthenticationMethod](phoneauthenticationmethod.md)|A phone can be used by a user to authenticate using [SMS or voice calls](/azure/active-directory/authentication/concept-authentication-methods#phone-options) (as allowed by policy).|See a user's authentication phone numbers. Add, update, or remove a phone number to a user. Enable or disable a primary mobile phone for SMS sign-in.| +|[emailAuthenticationMethod](emailauthenticationmethod.md)|An email address can be used by a user as part of the Self-Service Password Reset (SSPR) process.|See a user's authentication email address. Add, update, or remove an email address to a user.| |[fido2AuthenticationMethod](fido2authenticationmethod.md)|A FIDO2 Security Key can be used by a user to sign-in to Azure AD.|Delete a lost FIDO2 Security Key.| |[microsoftAuthenticatorAuthenticationMethod](microsoftauthenticatorauthenticationmethod.md)|Microsoft Authenticator can be used by a user to sign-in or perform multi-factor authentication to Azure AD|Delete a Microsoft Authenticator authentication method.|-|[passwordlessmicrosoftauthenticatorauthenticationmethod](passwordlessmicrosoftauthenticatorauthenticationmethod.md) (deprecated)|Microsoft Authenticator Passwordless Phone Sign-in can be used by a user to sign-in to Azure AD|Delete a Passwordless Phone Sign-in authentication method.| -|[emailAuthenticationMethod](emailauthenticationmethod.md)|An email address can be used by a user as part of the Self-Service Password Reset (SSPR) process.|See a user's authentication email address. Add, update, or remove an email address to a user.| -|[windowsHelloForBusinessAuthenticationMethod](windowsHelloForBusinessAuthenticationMethod.md)|Windows Hello for Business is a passwordless sign-in method on Windows devices.|See devices where a user has enabled Windows Hello for Business sign-in. Delete a Windows Hello for Business credential.| -|[temporaryaccesspassauthenticationmethod](temporaryaccesspassauthenticationmethod.md)|Temporary Access Pass is a time-limited passcode that serves as a strong credential and allows onboarding of passwordless credentials. | Set a new Temporary Access Pass on a user.| +|[passwordAuthenticationMethod](passwordauthenticationmethod.md)| A password is currently the default primary authentication method in Azure AD.|Reset a user's password| +|[phoneAuthenticationMethod](phoneauthenticationmethod.md)|A phone can be used by a user to authenticate using [SMS or voice calls](/azure/active-directory/authentication/concept-authentication-methods#phone-options) (as allowed by policy).|See a user's authentication phone numbers. Add, update, or remove a phone number to a user. Enable or disable a primary mobile phone for SMS sign-in.| |[softwareOathAuthenticationMethod](../resources/softwareoathauthenticationmethod.md)| Allow users to perform multifactor authentication using an application that supports the OATH specification and provides a one-time code. | Get and delete a software token assigned to a user.|+|[temporaryaccesspassauthenticationmethod](temporaryaccesspassauthenticationmethod.md)|Temporary Access Pass is a time-limited passcode that serves as a strong credential and allows onboarding of passwordless credentials. | Set a new Temporary Access Pass on a user.| +|[windowsHelloForBusinessAuthenticationMethod](windowsHelloForBusinessAuthenticationMethod.md)|Windows Hello for Business is a passwordless sign-in method on Windows devices.|See devices where a user has enabled Windows Hello for Business sign-in. Delete a Windows Hello for Business credential.| +|[passwordlessmicrosoftauthenticatorauthenticationmethod](passwordlessmicrosoftauthenticatorauthenticationmethod.md) (deprecated)|Microsoft Authenticator Passwordless Phone Sign-in can be used by a user to sign-in to Azure AD|Delete a Passwordless Phone Sign-in authentication method.| The following authentication methods are not yet supported in Microsoft Graph `beta`. |Authentication method | Description |Examples | |:|:|:|-|Hardware token | Allow users to perform multifactor authentication using a physical device that provides a one-time code. | Get a hardware token assigned to a user.| -|Security questions and answers | Allow users to validate their identity when performing a self-service password reset. |Delete a security question a user registered.| |Default method | Represents the method the user has selected as default for performing multi-factor authentication.| Change a user's default MFA method. <br/> **NOTE:** Managing the details of the default method is currently supported only through the MSOL `Get-MsolUser` and `Set-MsolUser` cmdlets, using the **StrongAuthenticationMethods** property. |+|Hardware token | Allow users to perform multifactor authentication using a physical device that provides a one-time code. | Get a hardware token assigned to a user.| |Require re-register MFA | A control that requires that when user signs in next time and MFA is required, they're requested to set up a new MFA authentication method.|**NOTE:** This feature is replaced by the individual authentication method APIs listed above. These can be used to delete a user's existing registered authentication methods; once the user has no more methods, they'll be prompted to register the next time they sign in where strong authentication is required (the user can also register at any time using [MySecurityInfo](https://aka.ms/mysecurityinfo)). This can be done using the Azure AD admin UX, the Microsoft Graph APIs, and the Microsoft Graph Powershell SDK. <br/> The legacy version of this feature is currently supported only through the MSOL`Set-MsolUser` cmdlet, using the **StrongAuthenticationMethods** property. |+|Security questions and answers | Allow users to validate their identity when performing a self-service password reset. |Delete a security question a user registered.| ## Next steps |
v1.0 | Externalidentitiespolicy | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalidentitiespolicy.md | Inherits from [policyBase](../resources/policybase.md). |Property|Type|Description| |:|:|:| |allowDeletedIdentitiesDataRemoval|Boolean|Notifies Azure AD whether to clean up the user information about the external identity, from the guest tenant, when the user is deleted in their home tenant. |-|allowExternalIdentitiesToLeave|Boolean|Defines whether external users can leave the guest tenant. If set to `false`, self-service controls are not enabled, and the admin of the guest tenant must manually remove the external user from the guest tenant.| +|allowExternalIdentitiesToLeave|Boolean|Defines whether external users can leave the guest tenant. If set to `false`, self-service controls are disabled, and the admin of the guest tenant must manually remove the external user from the guest tenant. When the external user leaves the tenant, their data in the guest tenant is first soft-deleted then permanently deleted in 30 days.| |displayName|String|The policy name. Inherited from [policyBase](../resources/policybase.md).| ## Relationships The following is a JSON representation of the resource. } ``` +## See also ++ [Leave an organization as an external user](/azure/active-directory/external-identities/leave-the-organization) |
v1.0 | Organization | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/organization.md | Title: "organization resource type" description: "Represents an Azure Active Directory tenant. " ms.localizationpriority: medium-+ ms.prod: "directory-management" doc_type: resourcePageType |
v1.0 | Teamsappinstallation | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamsappinstallation.md | A [teamsApp](teamsapp.md) installed in a [team](team.md), a [chat](chat.md), or ## JSON representation +The following is a JSON representation of the resource. + <!-- { "blockType": "resource", "@odata.type": "microsoft.graph.teamsAppInstallation", |
v1.0 | Organization Get | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organization-get.md | Title: "Get organization" description: "Retrieve the properties and relationships of currently authenticated organization." ms.localizationpriority: high-+ ms.prod: "directory-management" doc_type: apiPageType |
v1.0 | Organization List | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organization-list.md | Title: "List organization" description: "Retrieve a list of organization objects." ms.localizationpriority: medium-+ ms.prod: "directory-management" doc_type: apiPageType |
v1.0 | Organization Update | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organization-update.md | Title: "Update organization" description: "Update the properties of the currently authenticated organization." ms.localizationpriority: medium-+ ms.prod: "directory-management" doc_type: apiPageType |
v1.0 | Orgcontact Get | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/orgcontact-get.md | The following is an example of the request. "name": "get_orgcontact" }--> ```msgraph-interactive-GET https://graph.microsoft.com/v1.0/contacts/e63333f5-3d11-4026-8fe3-c0f7b044dd3a +GET https://graph.microsoft.com/v1.0/contacts/25caf6a2-d5cb-470d-8940-20ba795ef62d ``` # [C#](#tab/csharp) HTTP/1.1 200 OK Content-type: application/json {- "addresses":[ - { - "city": "string", - "countryOrRegion": "string", - "officeLocation": "string", - "postalCode": "string", - "state": "string", - "street": "string" - } - ], - "companyName": "companyName-value", - "department": "department-value", - "displayName": "displayName-value", - "phones":[ - { - "type": "string", - "number": "string" - } - ] + "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#contacts/$entity", + "id": "25caf6a2-d5cb-470d-8940-20ba795ef62d", + "deletedDateTime": null, + "companyName": "Adatum Corporation", + "department": null, + "displayName": "Adele Vance", + "proxyAddresses": [ + "SMTP:AdeleVance@adatum.com" + ], + "givenName": "Adele", + "imAddresses": [], + "jobTitle": "Engagement manager", + "mail": "AdeleVance@adatum.com", + "mailNickname": "AdeleVance", + "onPremisesLastSyncDateTime": null, + "onPremisesSyncEnabled": null, + "surname": "Vance", + "addresses": [ + { + "city": null, + "countryOrRegion": "United States", + "officeLocation": null, + "postalCode": null, + "state": null, + "street": null + } + ], + "onPremisesProvisioningErrors": [], + "phones": [ + { + "number": null, + "type": "businessFax" + }, + { + "number": null, + "type": "mobile" + }, + { + "number": null, + "type": "business" + } + ] } ``` |
v1.0 | Authenticationmethods Overview | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethods-overview.md | The authentication method APIs are used to manage a user's authentication method |[emailAuthenticationMethod](emailauthenticationmethod.md)|An email address can be used by a user as part of the Self-Service Password Reset (SSPR) process.|See a user's authentication email address. Add, update, or remove an email address to a user.| |[fido2AuthenticationMethod](fido2authenticationmethod.md)|A FIDO2 Security Key can be used by a user to sign-in to Azure AD.|Delete a lost FIDO2 Security Key.| |[microsoftAuthenticatorAuthenticationMethod](microsoftauthenticatorauthenticationmethod.md)|Microsoft Authenticator can be used by a user to sign-in or perform multi-factor authentication to Azure AD|Delete a Microsoft Authenticator authentication method.|+|[passwordAuthenticationMethod](passwordauthenticationmethod.md)| A password is currently the default primary authentication method in Azure AD.|Reset a user's password| |[phoneAuthenticationMethod](phoneauthenticationmethod.md)|A phone can be used by a user to authenticate using [SMS or voice calls](/azure/active-directory/authentication/concept-authentication-methods#phone-options) as allowed by policy.|See a user's authentication phone numbers. Add, update, or remove a phone number for a user. Enable or disable a primary mobile phone for SMS sign-in.| |[softwareOathAuthenticationMethod](softwareoathauthenticationmethod.md)| Allow users to perform multifactor authentication using an application that supporters the OATH TOTP specification and provides a one-time code.|Get and delete a software OATH token assigned to a user.| |[temporaryAccessPassAuthenticationMethod](temporaryaccesspassauthenticationmethod.md)|A time-limited passcode that serves as a strong credential and allows onboarding of passwordless credentials.| The following authentication methods are not yet supported in Microsoft Graph v1 |Authentication method | Description |Examples | |:|:|:|-|Password | A password is currently the default primary authentication method in Azure AD.|Reset a user's password.| -|Hardware token | Allow users to perform multifactor authentication using a physical device that provides a one-time code. | Get a hardware token assigned to a user.| -|Security questions and answers | Allow users to validate their identity when performing a self-service password reset. |Delete a security question a user registered.| |Default method | Represents the method the user has selected as default for performing multi-factor authentication.| Change a user's default MFA method. <br/> **NOTE:** Managing the details of the default method is currently supported only through the MSOL `Get-MsolUser` and `Set-MsolUser` cmdlets, using the **StrongAuthenticationMethods** property. |+|Hardware token | Allow users to perform multifactor authentication using a physical device that provides a one-time code. | Get a hardware token assigned to a user.| +|Password | A password is currently the default primary authentication method in Azure AD.|Reset a user's password.| |Require re-register MFA | Represents a configuration that requires that when user signs in next time, they're requested to set up a new MFA authentication method.| **NOTE:** This feature is replaced by the individual authentication method APIs listed above. These can be used to delete a user's existing registered authentication methods; once the user has no more methods, they'll be prompted to register the next time they sign in where strong authentication is required (the user can also register at any time using [MySecurityInfo](https://aka.ms/mysecurityinfo)). This can be done using the Azure portal, Microsoft Graph APIs, and the Microsoft Graph Powershell SDK. The legacy version of this feature is currently supported only through the MSOL`Set-MsolUser` cmdlet, using the **StrongAuthenticationMethods** property. |+|Security questions and answers | Allow users to validate their identity when performing a self-service password reset. |Delete a security question a user registered.| ## Next steps |
v1.0 | Organization | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/organization.md | Title: "organization resource type" description: " create and delete are not supported. Inherits from directoryObject." ms.localizationpriority: high-+ ms.prod: "directory-management" doc_type: resourcePageType |
v1.0 | Teamsappinstallation | https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/teamsappinstallation.md | Represents a [teamsApp](teamsapp.md) installed in a [team](team.md) or the perso ## JSON representation +The following is a JSON representation of the resource. + <!-- { "blockType": "resource", "@odata.type": "microsoft.graph.teamsAppInstallation", |