+description: "Resume a user's access package request after waiting for a callback from a custom extension."

+Resume a user's access package request after waiting for a callback from a custom extension.

+In [Microsoft Entra entitlement management](../resources/entitlementmanagement-overview.md), when an access package policy has been enabled to call out a custom extension and the request processing is waiting for the callback from the customer, the customer can initiate a resume action. It's performed on an [accessPackageAssignmentRequest](../resources/accesspackageassignmentrequest.md) object whose **requestStatus** is in a `WaitingForCallback` state.

+> [!IMPORTANT]

+> App-only access can be authorized *without* granting the `EntitlementManagement.ReadWrite.All` application permission to the caller. Instead, assign the caller an [Entitlement Management role](/entr#example-4-create-a-role-assignment-with-access-package-catalog-scope) or [Delegate access governance to access package managers in entitlement management](/entra/id-governance/entitlement-management-delegate-managers#as-a-catalog-owner-delegate-to-an-access-package-manager).

+> **Note:** For delegated permissions to allow apps to get report settings on behalf of a user, the tenant administrator must have assigned the user the appropriate Microsoft Entra ID limited administrator role. For more information, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).

+## Optional query parameters

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+> **Note:** For delegated permissions to allow apps to update report settings on behalf of a user, the tenant administrator must have assigned the user the appropriate Microsoft Entra ID limited administrator role. For more information, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).

+| displayConcealedNames | Boolean | If set to `true`, all reports conceal user information such as usernames, groups, and sites. If `false`, all reports show identifiable information. This property represents a setting in the Microsoft 365 admin center. Required. |

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+ "clientAppId": "6ed63604-0ba7-4a28-bb3a-dda03ea18d54",

+ "clientAppId": null,

+ "clientAppId": null,

+ Title: "List owners of an application"

+description: "Retrieve a list of owners for an application."

+# List owners of an application

+Retrieve a list of owners for an application that are [directoryObject](../resources/directoryobject.md) types.

+This method supports the `$count`, `$expand`, `$filter`, `$orderby`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on directory objects](/graph/aad-advanced-queries).

+### Request

+The following example shows a request that uses the **appId** alternate key to query the owners of an application.

+GET https://graph.microsoft.com/beta/applications(appId='bbec3106-565f-4907-941e-96b4dbfef21c')/owners

+### Response

+The following example shows the response. It shows only the **id** property as populated while other properties as `null`. This is because the caller did not have permissions to read users in the tenant.

+>**Note:** The response object shown here might be shortened for readability.

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directoryObjects",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET applications(appId=<key>)/owners?$select=deletedDateTime",

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "ce4770b3-70b2-4a38-a242-76631e9f7408",

+ "businessPhones": [],

+ "displayName": null,

+ "givenName": null,

+ "jobTitle": null,

+ "mail": null,

+ "mobilePhone": null,

+ "officeLocation": null,

+ "preferredLanguage": null,

+ "surname": null,

+ "userPrincipalName": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "858a9c90-38b3-4e78-b915-234aece712c4",

+ },

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "7585d967-f300-43de-b817-7119a6404c5e",

+ }

+ ]

+This API supports the following PSTN scenarios:

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+<!-- { "blockType": "permissions", "name": "approvalitem_cancel" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitem_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+```msgraph-interactive

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitem_list_requests" } -->

+This method supports the `$filter`, `$orderby`, `$count` and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitem_list_responses" } -->

+This method supports the `$filter`, `$orderby`, `$count` and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+ "createdDateTime":"2022-04-12T20:51:19Z"

+ "createdDateTime":"2022-04-12T20:51:19Z"

+<!-- { "blockType": "permissions", "name": "approvalitem_post_responses" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitemrequest_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitemresponse_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvaloperation_get" } -->

+This method supports the `$filter`, `$orderby`, `$count` and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_list_approvalitems" } -->

+This method supports the `$filter`, `$orderby`, `$top`, `$count`, and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_post_approvalitems" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_provision" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "authentication_post_fido2methods" } -->

+<!-- { "blockType": "permissions", "name": "authentication_update_2" } -->

+<!-- { "blockType": "permissions", "name": "authentication_update_3" } -->

+Update the properties of an [authenticationEventsFlow](../resources/authenticationeventsflow.md) object by ID. You must specify the **@odata.type** property and the value of the [authenticationEventsFlow](../resources/authenticationeventsflow.md) object type to update. The following derived subtypes are supported:

+- [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md)

+|onAttributeCollection|[onAttributeCollectionHandler](../resources/onattributecollectionhandler.md)|The configuration for what to invoke for the onAttributeCollection event. <br/><br/><li> You can only update this property if it was configured during user flow creation. If it wasn't, call the [Add attributes to a user flow](../api/onattributecollectionexternalusersselfservicesignup-post-attributes.md) API first. </li><li> You can't add or remove attributes by updating the **attributeCollectionPage** > **views** > **inputs** and **attributes** objects. Use the [Add attribute to user flow](../api/onattributecollectionexternalusersselfservicesignup-post-attributes.md) or [Remove attribute from user flow](../api/onattributecollectionexternalusersselfservicesignup-post-attributes.md) APIs instead to update both objects.</li><li> To update the **attributeCollectionPage** > **views** > **inputs** collection, you must include all objects in the collection, not only the changed objects. <li> The order of objects in the **attributeCollectionPage** > **views** > **inputs** collection corresponds to the order in which the attributes are displayed on the app's sign-up UI. |

+The following example shows a request that updates the display name of a specific external identities user flow, as well as the priority for all the listeners associated with the policy.

+### Example 2: Update the page layout of a self-service sign up user flow

+The following request updates the configuration of some of the attributes. All the attributes are marked as required; the email attribute is marked as hidden; the input type of the custom attribute is also updated to a radio button with two options.

+ "required": true,

+ "required": true,

+ "attribute": "extension_331d514c0c18477583ea7dd5a79feda2_RockorCountry",

+ "label": "Rock music or Country",

+ "inputType": "radioSingleSelect",

+ "required": true,

+ "options": [

+ {

+ "label": "Rock music",

+ "value": "Rock"

+ },

+ {

+ "label": "Country music",

+ "value": "Country"

+ }

+ ]

+Before you call this API, call [List protection policies](../api/backuprestoreroot-list-protectionpolicies.md) to initialize the data store in the tenant. Data store initialization takes about 5 minutes. If you call this API before the data store is initialized, the call results in an error.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+description: "Get a list of restorePoint objects and their properties."

+Get a list of [restorePoint](../resources/restorepoint.md) objects and their properties.

+> **Note:** This API returns a maximum of five **restorePoint** objects. If you don't include the `orderBy` parameter, the five most recent restore points are returned.

+This method supports the `$expand`, `$filter` and `orderBy` [OData query parameters](/graph/query-parameters), as shown in the [example](../api/backuprestoreroot-list-restorepoints.md#request) later in this topic.

+The `$expand` and `$filter` query parameters are required.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+ Title: "calendar: permanentDelete"

+description: "Permanently delete a calendar folder and the events that it contains and remove them from the mailbox."

+ms.localizationpriority: high

+# calendar: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a calendar folder and the events that it contains and remove them from the mailbox. For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "calendar_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/calendar/permanentDelete

+POST /groups/{groupsId}/calendar/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "calendarthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/calendar/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+Enable a bot to answer an incoming [call](../resources/call.md). The incoming call request can be an invitation from a participant in a group call or a peer-to-peer call. If an invitation to a group call is received, the notification contains the [chatInfo](../resources/chatinfo.md) and [meetingInfo](../resources/meetinginfo.md) parameters.

+This API supports the following PSTN scenarios:

+Delta query supports both full synchronization that gets all the recordings for online meetings organized by the user, and incremental synchronization that gets recordings added since the last synchronization. Typically, you do an initial full synchronization, and then get incremental changes to that recording view periodically.

+A GET request with the delta function returns one of the following:

+- An **@odata.nextLink** that contains a URL with a **delta** function call and a `skipToken`.

+- An **@odata.deltaLink** that contains a URL with a **delta** function call and a `deltaToken`.

+State tokens are opaque to the client. To proceed with a round of change tracking, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL returned from the last GET request to the next **delta** function call for that same recording view. An **@odata.deltaLink** returned in a response signifies that the current round of change tracking is complete. You can save and use the **@odata.deltaLink** URL when you start the next round of synchronization to get the new recordings added after you acquire **@odata.deltaLink**.

+- [Using the `$top` query parameter might not return the **@odata.nextLink**](https://developer.microsoft.com/en-us/graph/known-issues/?search=22931).

+>**Note:** The request fails if you don't pass the function parameter **meetingOrganizerUserId**.

+Tracking changes in call recordings incurs a round of one or more **delta** function calls. If you use any query parameter (other than `$deltaToken` and `$skipToken`), you must specify it in the initial **delta** request. Microsoft Graph automatically encodes any specified parameters into the token portion of the **@odata.nextLink** or **@odata.deltaLink** URL provided in the response.

+In subsequent requests, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL from the previous response, as that URL already includes the encoded parameters.

+| `$deltaToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.deltaLink** URL of the previous **delta** function call that indicates the completion of that round of change tracking. Save and apply the entire **@odata.deltaLink** URL including this token in the first request of the next round of change tracking for that collection.|

+| `$skipToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.nextLink** URL of the previous **delta** function call that indicates that there are further changes to be tracked. |

+| `$top` | Integer | Allows the caller to specify the maximum number of objects per page. |

+If successful, this method returns a `200 OK` response code and a collection of [callRecording](../resources/callrecording.md) objects in the response body. The response also includes an **@odata.nextLink** URL or an **@odata.deltaLink** URL.

+- Step 2: [second request](#second-request) and [response](#second-response).

+See also what you do in the [next round to get more recordings](#example-2-next-round-to-get-more-recordings).

+In this example, the call recordings synchronize for the first time and the initial sync request doesn't include any state token. This round returns all recordings available at the time.

+The response includes two call recordings and an **@odata.nextLink** response header with a `skipToken`. The **@odata.nextLink** URL indicates that more call recordings are available to retrieve.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+The second request specifies the **@odata.nextLink** URL returned from the previous response. Notice that it no longer has to specify the same query parameters as in the initial request, as the `skipToken` in the **@odata.nextLink** URL encodes and includes them.

+The second response returns one or more next call recordings and an **@odata.nextLink** property with a `skipToken` that indicates that more recordings are available.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+The third request continues to use the latest **@odata.nextLink** returned from the last sync request.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllRecordings(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={skipToken2}

+The third response returns the only remaining recordings and an **@odata.deltaLink** property with a `deltaToken` that indicates that all recordings are returned. Save and use the **@odata.deltaLink** URL to query for any new recording that is added from this point onwards.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+Using the **@odata.deltaLink** from the last request in the last round, you can get only those recordings added since the **@odata.deltaLink** was acquired.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllRecordings(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={deltaToken1}

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+Delta query supports both full synchronization that gets all the transcripts for online meetings organized by the user, and incremental synchronization that gets transcripts added since the last synchronization. Typically, you do an initial full synchronization, and then get incremental changes to that transcript view periodically.

+A GET request with the delta function returns one of the following:

+- An **@odata.nextLink** that contains a URL with a **delta** function call and a `skipToken`.

+- An **@odata.deltaLink** that contains a URL with a **delta** function call and a `deltaToken`.

+State tokens are opaque to the client. To proceed with a round of change tracking, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL returned from the last GET request to the next **delta** function call for that same transcript view. An **@odata.deltaLink** returned in a response signifies that the current round of change tracking is complete. You can save and use the **@odata.deltaLink** URL when you start the next round of synchronization to get the new transcripts added after you acquire **@odata.deltaLink**.

+- [Using the `$top` query parameter might not return the **@odata.nextLink**](https://developer.microsoft.com/en-us/graph/known-issues/?search=22931).

+>**Note:** The request fails if you don't pass the function parameter **meetingOrganizerUserId**.

+Tracking changes in call transcripts incurs a round of one or more **delta** function calls. If you use any query parameter (other than `$deltaToken` and `$skipToken`), you must specify it in the initial **delta** request. Microsoft Graph automatically encodes any specified parameters into the token portion of the **@odata.nextLink** or **@odata.deltaLink** URL provided in the response.

+In subsequent requests, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL from the previous response, as that URL already includes the encoded parameters.

+| `$deltaToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.deltaLink** URL of the previous **delta** function call that indicates the completion of that round of change tracking. Save and apply the entire **@odata.deltaLink** URL including this token in the first request of the next round of change tracking for that collection.|

+| `$skipToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.nextLink** URL of the previous **delta** function call that indicates that there are further changes to be tracked. |

+| `$top` | Integer | Allows the caller to specify the maximum number of objects per page. |

+If successful, this method returns a `200 OK` response code and a collection of [callTranscript](../resources/calltranscript.md) objects in the response body. The response also includes an **@odata.nextLink** URL or an **@odata.deltaLink** URL.

+- Step 2: [second request](#second-request) and [response](#second-response).

+See also what you do in the [next round to get more transcripts](#example-2-next-round-to-get-more-transcripts).

+In this example, the call transcripts synchronize for the first time and the initial sync request doesn't include any state token. This round returns all transcripts available at the time.

+The response includes two call transcripts and an **@odata.nextLink** response header with a `skipToken`. The **@odata.nextLink** URL indicates that more call transcripts are available to retrieve.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+The second request specifies the **@odata.nextLink** URL returned from the previous response. Notice that it no longer has to specify the same query parameters as in the initial request, as the `skipToken` in the **@odata.nextLink** URL encodes and includes them.

+The second response returns one or more next call transcripts and an **@odata.nextLink** property with a `skipToken` that indicates that more transcripts are available.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+The third request continues to use the latest **@odata.nextLink** returned from the last sync request.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllTranscripts(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={skipToken2}

+The third response returns the only remaining transcripts and an **@odata.deltaLink** property with a `deltaToken` that indicates that all transcripts are returned. Save and use the **@odata.deltaLink** URL to query for any new transcript that is added from this point onwards.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+Using the **@odata.deltaLink** from the last request in the last round, you can get only those transcripts added since the **@odata.deltaLink** was acquired.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllTranscripts(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={deltaToken1}

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+> - The `ChannelMessage.Read.Group` permission uses [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).

+> - The `Group.Read.All` and `Group.ReadWrite.All` permissions are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.

+If successful, this method returns a `200 OK` response code and a collection of [chatMessage](../resources/chatmessage.md) objects in the response body. The channel messages in the response are sorted by the last modified date of the entire reply chain, including both the root channel message and its replies.

+The response includes replies of that channel message. In practice, this operation can return up to 1,000 replies of a channel message, and includes a URL in `replies@odata.nextLink` to get any further replies beyond the page size of 1,000. This example assumes more than 1,000 replies in that channel message, but for readability, the following response shows only three replies.

+ "displayName": "Hundred points",

+ "displayName": "microsoft_teams",

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+ "value": "active"

+ "value": "active"

+# [PowerShell](#tab/powershell)

+description: "Delete a Viva Engage community along with all associated Microsoft 365 content, including the connected Microsoft 365 group, OneNote notebook, and Planner plans."

+ Title: "contact: permanentDelete"

+description: "Permanently delete a contact and place it in the Purges folder in the user's mailbox."

+ms.localizationpriority: high

+# contact: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a contact and place it in the Purges folder in the dumpster in the user's mailbox. Email clients such as Outlook or Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "contact_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/contacts/{contactId}/permanentDelete

+POST /users/{usersId}/contactFolders/{contactFolderId}/contacts/{contactId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "contactthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/contacts/{contactId}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+ Title: "contactFolder: permanentDelete"

+description: "Permanently delete a contact folder and remove its items from the user's mailbox."

+ms.localizationpriority: high

+# contactFolder: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a contact folder and remove its items from the user's mailbox. For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "contactfolder_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/contactFolders/{contactFolderId}/permanentDelete

+POST /users/{usersId}/contactFolders/{contactFolderId}/childFolders/{contactFolderId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "contactfolderthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/contactFolders/{contactFolderId}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+<!-- { "blockType": "permissions", "name": "daynote_delete" } -->

+<!-- { "blockType": "permissions", "name": "daynote_get" } -->

+<!-- { "blockType": "permissions", "name": "daynote_list" } -->

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_getretentionlabel" } -->

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_lockorunlockrecord" } -->

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_removeretentionlabel" } -->

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_setretentionlabel" } -->

+This method supports the `$select`, `$orderby`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+You can use `$orderby` with the following properties of the [educationAssignment](../resources/educationassignment.md) resource: **assignDateTime**, **assignedDateTime**, **closeDateTime**, **createdDateTime**, **displayName**, **dueDateTime**, **lastModifiedDateTime**, **moduleUrl**, and **status**.

+In the request body, supply the **odata.id** of an existing [educationCategory](../resources/educationcategory.md) object to add to this assignment.

+### Request

+ "blockType": "request",

+ "name": "add_educationcategory_to_educationassignment"

+POST https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignments/70b7077c-7c1c-4e56-9b3b-2365411900c6/categories/$ref

+ "@odata.id": "https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentCategories/39e3d9dc-7244-42d7-8b4d-1071aae5eb41"

+### Response

+The following example shows the response.

+ "blockType": "response",

+ "truncated": true

+ "blockType": "request",

+ "name": "remove_educationcategory_from_educationassignment"

+DELETE https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignments/e98aaae1-7c98-4e65-bb62-1994fe410552/categories/39e3d9dc-7244-42d7-8b4d-1071aae5eb41/$ref

+ "blockType": "response",

+ "truncated": true

+ "name": "delete_educationassignment_2"

+DELETE https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentCategories/39e3d9dc-7244-42d7-8b4d-1071aae5eb41

+This method supports the `$select` and `$orderby` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+You can use `$orderby` with the **displayName** property of the [educationCategory](../resources/educationcategory.md) resource.

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignments('a3cce0ba-2008-4c4d-bf62-079408562d96')/submissions('2185e6d7-2924-4ed1-dde1-269f89e29184')/outcomes/$entity",

+ "lastModifiedDateTime": "2024-08-14T06:50:11.6979503Z",

+ "id": "b7e92489-91b6-4734-ab5c-b1370862e4a2",

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "createdDateTime": "2024-08-14T06:50:11.6979432Z",

+ "lastModifiedDateTime": "2024-08-14T06:50:11.6979503Z",

+ "fileUrl": "https://graph.microsoft.com/v1.0/drives/b!-Ik2sRPLDEWy_bR8l75jfeDcpXQcRKVOmcml10NQLQ1F8CNZWU38SarWxPyWM7jx/items/01VANVJQZ6GPYK2SPEXRDKILMSBSL5KNKM",

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+PATCH https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/assignments/db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a/submissions/4bca096a-7de3-8675-5e86-2fa149923860/outcomes/ca05367a-b292-42d5-aff7-5d279feeace8

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('bf1f1963-05f6-4cba-903c-5892b4ce3bd7')/assignments('db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a')/submissions('4bca096a-7de3-8675-5e86-2fa149923860')/outcomes/$entity",

+ "lastModifiedDateTime": "2024-08-14T06:37:17.7703021Z",

+ "publishedFeedback": null,

+ "application": null,

+ "device": null,

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+ "feedbackDateTime": "2024-08-14T06:37:17.7703021Z",

+ "application": null,

+ "device": null,

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+This method supports the `$select` and `$orderby` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+You can use `$orderby` with the following properties of the [educationSubmission](../resources/educationsubmission.md) resource: **excusedDateTime**, **reassignedDateTime**, **returnedDateTime**, **status**, **submittedDateTime**, and **unsubmittedDateTime**.

+GET https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/assignments/db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a/submissions/4bca096a-7de3-8675-5e86-2fa149923860/outcomes

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('bf1f1963-05f6-4cba-903c-5892b4ce3bd7')/assignments('db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a')/submissions('4bca096a-7de3-8675-5e86-2fa149923860')/outcomes",

+ "lastModifiedDateTime": null,

+ "lastModifiedBy": null,

+ "feedback": null,

+ "publishedFeedback": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.educationPointsOutcome",

+ "lastModifiedDateTime": null,

+ "id": "ea1351f6-ba33-4940-b2cb-6a7254af2dc8",

+ "lastModifiedBy": null,

+ "points": null,

+ "publishedPoints": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.educationRubricOutcome",

+ "lastModifiedDateTime": "2024-08-14T05:47:41.8399565Z",

+ "id": "65a46d78-1a2b-4a7e-bcf8-78a22ac2611b",

+ "lastModifiedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ "rubricQualityFeedback": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "feedback": null

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "feedback": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "feedback": null

+ ],

+ "rubricQualitySelectedLevels": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "columnId": null

+ },

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "columnId": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "columnId": null

+ }

+ ],

+ "publishedRubricQualityFeedback": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "feedback": null

+ },

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "feedback": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "feedback": null

+ }

+ ],

+ "publishedRubricQualitySelectedLevels": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "columnId": null

+ },

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "columnId": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "columnId": null

+ }

+ ]

+ "lastModifiedDateTime": "2022-05-06T00:52:17.3180275Z",

+ "id": "0710aeea-590d-46b4-9eb8-1c08b6549677",

+ "displayName": "Document3.docx",

+ "createdDateTime": "2022-05-06T00:52:17.3180176Z",

+ "lastModifiedDateTime": "2022-05-06T00:52:17.3180275Z",

+ "fileUrl": "https://graph.microsoft.com/v1.0/drives/b!-Ik2sRPLDEWy_bR8l75jfeDcpXQcRKVOmcml10NQLQ1F8CNZWU38SarWxPyWM7jx/items/01VANVJQ563EMEMHRTBBH2SOZ4GDSNEUZK",

+ "truncated": true,

+ "blockType": "response",

+ "truncated": true,

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+All [properties](../resources/educationassignment.md#properties) are supported by the `$filter` query parameter.

+You can use `$orderby` with the following properties of the [educationAssignment](../resources/educationassignment.md) resource: **assignDateTime**, **assignedDateTime**, **closeDateTime**, **createdDateTime**, **displayName**, **dueDateTime**, **lastModifiedDateTime**, and **status**.

+ Title: "event: permanentDelete"

+description: "Permanently delete an event and place it in the Purges folder in the dumpster in the user's mailbox."

+ms.localizationpriority: high

+# event: permanentDelete

+Namespace: microsoft.graph

+Permanently delete an event and place it in the Purges folder in the dumpster in the user's mailbox. Email clients such as Outlook or the Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "event_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/events/{eventId}/permanentDelete

+POST /groups/{groupsId}/events/{eventId}/permanentDelete

+POST /users/{usersId}/calendarView/{eventId}/permanentDelete

+POST /groups/{groupsId}/calendarView/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/instances/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/calendar/events/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/exceptionOccurrences/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/calendar/calendarView/{eventId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "eventthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/events/{eventId}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+ Title: "eventMessage: permanentDelete"

+description: "Permanently delete an event message and place it in the Purges folder in the user's mailbox."

+ms.localizationpriority: high

+# eventMessage: permanentDelete

+Namespace: microsoft.graph

+Permanently delete an event message and place it in the Purges folder in the user's mailbox. Email clients such as Outlook or the Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "eventmessage_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /me/messages/{id}/permanentDelete

+POST /users/{id | userPrincipalName}/messages/{id}/permanentDelete

+POST /me/mailFolders/{id}/messages/{id}/permanentDelete

+POST /users/{id | userPrincipalName}/mailFolders/{id}/messages/{id}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "eventmessagethis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/me/messages/{id}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+<!-- { "blockType": "permissions", "name": "fido2authenticationmethod_creationoptions" } -->

+GET /users/{user-id}/authentication/fido2Methods/creationOptions(challengeTimeoutInMinutes={challengeTimeoutInMinutes})

+# [PowerShell](#tab/powershell)

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.webauthnCredentialCreationOptions",

+ "challengeTimeoutDateTime": "2024-08-14T16:29:58Z",

+ "publicKey": {

+ "challenge": "ZXlKaGJHY2lPaUpTVTBFdFQwRkZVQzB5TlRZaUxDSmxibU1pT2lKQk1qVTJSME5OSWl3aWVEVmpJanBiSWsxSlNVUmhSRU5EUVd4...",

+ "timeout": 0,

+ "attestation": "direct",

+ "rp": {

+ "id": "login.microsoft.com",

+ "name": "Microsoft"

+ },

+ "user": {

+ "id": "T0Y6Ehqp2EfQP0iExdt54DFwdWuaH7qIZbZGpOc92RGnvbXyRPvU-8AOp9r1T7Cebfc3",

+ "displayName": "Kim User",

+ "name": "kimuser@contoso.com"

+ },

+ "pubKeyCredParams": [

+ {

+ "type": "public-key",

+ "alg": -7

+ },

+ {

+ "type": "public-key",

+ "alg": -257

+ }

+ ],

+ "excludeCredentials": [

+ {

+ "id": "0S64X8KwFmCeJjHzK1oE/39T+JYhfYbhFurwOxMMjtvRWc/sLYq8AMJVuva823XQ",

+ "type": "public-key",

+ "transports": []

+ },

+ {

+ "id": "pgIfj2fnom8rJdb4/h1gKqDkq+gxHFksI+m2aR5T+PNNycBfENAM4ksEBvoXky6d",

+ "type": "public-key",

+ "transports": []

+ },

+ {

+ "id": "u5wuw6SGH0VhAz7OXCLRkCuxhm4UrCB7hcLccyMU6calP1hWexfKe5PJNM69neAM",

+ "type": "public-key",

+ "transports": []

+ },

+ {

+ "id": "6rc0zTSz2YRlaKlCjqxsNDjDe8qY8TSL95Z4WhxEaaP4XfvfSnAGMk49RSwm/uAO",

+ "type": "public-key",

+ "transports": []

+ }

+ ],

+ "authenticatorSelection": {

+ "authenticatorAttachment": "cross-platform",

+ "requireResidentKey": true,

+ "userVerification": "required"

+ },

+ "extensions": {

+ "hmacCreateSecret": true,

+ "enforceCredentialProtectionPolicy": true,

+ "credentialProtectionPolicy": "userVerificationOptional"

+ }

+ }

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| assignedLabels | [assignedLabel](../resources/assignedlabel.md) collection | The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. This property can be updated only in delegated scenarios where the caller requires both the Microsoft Graph permission and [a supported administrator role](/purview/get-started-with-sensitivity-labels#permissions-required-to-create-and-manage-sensitivity-labels).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+```

+|onAttributeCollection|[onAttributeCollectionHandler](../resources/onattributecollectionhandler.md)|Optional. The configuration for what to invoke when attributes are ready to be collected from the user. To configure this property, you must specify both **attributes** and **onAttributeCollectionPage** > **views** objects.|

+<!-- { "blockType": "permissions", "name": "identitygovernance_deleteditemcontainer_delete" } -->

+GET /identityGovernance/lifecycleWorkflows/insights/topTasksProcessedSummary(startDateTime={startDateTime},endDateTime={endDateTime})

+GET /identityGovernance/lifecycleWorkflows/insights/topWorkflowsProcessedSummary(startDateTime={startDateTime},endDateTime={endDateTime})

+GET /identityGovernance/lifecycleWorkflows/insights/workflowsProcessedByCategory(startDateTime={startDateTime},endDateTime={endDateTime})

+GET /identityGovernance/lifecycleWorkflows/insights/workflowsProcessedSummary(startDateTime={startDateTime},endDateTime={endDateTime})

+description: "Get a list of built-in workflow tasks in Lifecycle Workflows."

+Get a list of built-in workflow tasks in Lifecycle Workflows. A task is represented by the [taskDefinition](../resources/identitygovernance-taskdefinition.md) object.

+<!-- Keep the full response object for this example for other internal purposes-->

+ "@odata.count": 24,

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET identityGovernance/lifecycleWorkflows/taskDefinitions?$select=category,continueOnError",

+ "description": "Send offboarding email to user's manager before the last day of work",

+ "displayName": "Send email before user's last day",

+ "description": "Send offboarding email to user's manager on the last day of work",

+ "displayName": "Send email on user's last day",

+ "description": "Send offboarding email to user's manager after the last day of work",

+ "displayName": "Send email after user's last day",

+ "description": "Send onboarding reminder email to user's manager",

+ "description": "Send email to notify user's manager of user move",

+description: "Read the details of a built-in workflow task in Lifecycle Workflows."

+Read the details of a built-in workflow [task](../resources/identitygovernance-taskdefinition.md) in Lifecycle Workflows.

+ Title: "mailFolder: permanentDelete"

+description: "Permanently delete a mail folder and remove its items from the user's mailbox."

+ms.localizationpriority: high

+# mailFolder: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a mail folder and remove its items from the user's mailbox. For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "mailfolder_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/mailFolders/{mailFolderId}/permanentDelete

+POST /users/{usersId}/mailFolders/{mailFolderId}/childFolders/{mailFolderId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "mailfolderthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/mailFolders/{mailFolderId}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+ Title: "mailSearchFolder: permanentDelete"

+description: "Permanently delete a mail search folder and remove its items from the user's mailbox."

+ms.localizationpriority: high

+# mailSearchFolder: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a mail search folder and remove its items from the user's mailbox. For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "mailsearchfolder_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /me/mailFolders/{id}/permanentDelete

+POST /users/{id | userPrincipalName}/mailFolders/{id}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "mailsearchfolderthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/betEzM/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+ Title: "message: permanentDelete"

+description: "Permanently delete a message and place it in the Purges folder in the user's mailbox."

+ms.localizationpriority: high

+# message: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a message and place it in the Purges folder in the dumpster in the user's mailbox. Email clients such as Outlook or Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "message_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/messages/{messageId}/permanentDelete

+POST /users/{usersId}/mailFolders/{mailFolderId}/messages/{messageId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "messagethis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/messages/{messageId}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+The attribute is removed from both the **attributes** and **views** collections of the **attributeCollectionPage** object in the user flow.

+This API operation fails when you attempt to remove the last remaining attribute on the user flow.

+If successful, this method returns a `204 No Content` response code. If unsuccessful, a `4xx` error is returned with specific details. Attempting to remove the last remaining attribute results in a `400 Bad Request` error code.

+The following example shows a request that removes city as an attribute from the attribute collection step of an external identities self-service sign-up user flow.

+The attribute is added to both the **attributeCollection**> **attributes** and **attributeCollection**> **attributeCollectionPage** > **views** collections on the user flow. In the **views** collection, the attribute is assigned the default settings. You can [PATCH the user flow](../api/authenticationeventsflow-update.md) to customize the settings of the attribute on the **views** object, for example, marking it as required or updating the allowed input types.

+The following example shows a request that adds city as an attribute for attribute collection step of an external identities self-service sign-up user flow. If the request is successful, the attribute is added to both the **attributeCollection**> **attributes** and **attributeCollection**> **attributeCollectionPage** > **views** collections on the user flow. After adding the attribute to the user flow, you can [PATCH the user flow](../api/authenticationeventsflow-update.md) to customize the settings of the attribute on the **views** object, that is, customize the page layout.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+The delta query supports both full synchronization and incremental synchronization. Full synchronization gets all the recordings for online meetings organized by the user. Incremental synchronization gets recordings that are added since the last synchronization. Typically, you do an initial full synchronization, and then get incremental changes to that recording view periodically.

+- [Using the `$top` query parameter might not return the **@odata.nextLink**](https://developer.microsoft.com/en-us/graph/known-issues/?search=22931).

+>**Note:** The request fails if you don't pass the function parameter **meetingOrganizerUserId**.

+|endDateTime|DateTimeOffset|Optional parameter to filter for artifacts created before the given end date. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|

+|startDateTime|DateTimeOffset|Optional parameter to filter for artifacts created after the given start date. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|

+## Optional query parameters

+This method supports the following OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+| Name | Description |

+| :- | :-- |

+| `$top` | Allows the caller to specify the max number of objects per page as the page size. |

+If successful, this method returns a `200 OK` response code and a collection of [callRecording](../resources/callrecording.md) objects in the response body.

+The following example shows a request.

+The following example shows the response.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+### Example 2: Get all recordings of a given meeting organizer using a date range filter

+The following example shows a request.

+The following example shows the response.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+- [Microsoft Graph service-specific throttling limits](/graph/throttling-limits#microsoft-teams-service-limits)

+- [Delta query overview](/graph/delta-query-overview)

+- [Export content with the Microsoft Teams export APIs](/microsoftteams/export-teams-content)

+Delta query supports both full synchronization and incremental synchronization. Full synchronization gets all the transcripts for online meetings organized by the user. Incremental synchronization gets transcripts that are added since the last synchronization. Typically, you do an initial full synchronization, and then get incremental changes to that recording view periodically.

+- [Using the `$top` query parameter might not return the **@odata.nextLink**](https://developer.microsoft.com/en-us/graph/known-issues/?search=22931).

+>**Note:** The request fails if you don't pass the function parameter **meetingOrganizerUserId**.

+|endDateTime|DateTimeOffset|Optional parameter to filter for artifacts created before the given end date. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|

+|meetingOrganizerUserId|String|The user identifier of the meeting organizer that is used to filter artifacts for meetings organized by that specific user.|

+|startDateTime|DateTimeOffset|Optional parameter to filter for artifacts created after the given start date. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|

+This method supports the following OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+| Name | Description |

+| :- | :-- |

+| `$top` | Allows the caller to specify the max number of objects per page as the page size. |

+If successful, this method returns a `200 OK` response code and a collection of [callTranscript](../resources/calltranscript.md) objects in the response body.

+The following example shows a request.

+The following example shows the response.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+### Example 2: Get all transcripts of a given meeting organizer using a date range filter

+The following example shows a request.

+The following example shows the response.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+- [Microsoft Graph service-specific throttling limits](/graph/throttling-limits#microsoft-teams-service-limits)

+- [Delta query overview](/graph/delta-query-overview)

+- [Export content with the Microsoft Teams export APIs](/microsoftteams/export-teams-content)

+For the list of properties that support updating, see the [Request body](#request-body) section.

+> - **userId** is the object ID of a user in [Microsoft Entra admin center > user management page](https://entra.microsoft.com/#blade/Microsoft_AAD_IAM/UsersManagementMenuBlade). For more information, see [application access policy](/graph/cloud-communication-online-meeting-application-access-policy).

+The following table lists the properties that can be updated. In the request body, supply *only* the values for properties that should be updated, with the following exceptions:

+- If you update the start or end date/time of an online meeting, you must always include both **startDateTime** and **endDateTime** properties in the request body.

+- The **organizer** field of the **participants** property can't be updated. The organizer of the meeting can't be modified after the meeting is created.

+- If you update the **attendees** field of the **participants** property, such as adding or removing an attendee to the meeting, you must always include the full list of attendees in the request body.

+The last column indicates whether updating this property takes effect for an in-progress meeting.

+|--||-| |

+| allowAttendeeToEnableCamera | Boolean | Indicates whether attendees can turn on their camera. | Yes |

+| allowAttendeeToEnableMic | Boolean | Indicates whether attendees can turn on their microphone. | Yes |

+| allowBreakoutRooms | Boolean | Indicates whether breakout rooms are enabled for the meeting. | No |

+| allowedPresenters | onlineMeetingPresenters | Specifies who can be a presenter in a meeting. | Yes |

+| allowLiveShare | Boolean | Indicates whether live share is enabled for the meeting. | No |

+| allowMeetingChat | meetingChatMode | Specifies the mode of meeting chat. | Yes |

+| allowPowerPointSharing | Boolean | Indicates whether PowerPoint live is enabled for the meeting. | No |

+| allowTeamworkReactions | Boolean | Indicates whether Teams reactions are enabled for the meeting. | Yes |

+| allowWhiteboard | Boolean | Indicates whether whiteboard is enabled for the meeting. | No |

+| endDateTime | DateTime | The meeting end time in UTC. | No |

+| isEntryExitAnnounced | Boolean | Whether or not to announce when callers join or leave. | Yes |

+| lobbyBypassSettings | [lobbyBypassSettings](../resources/lobbyBypassSettings.md) | Specifies which participants can bypass the meeting lobby. | Yes |

+| participants | [meetingParticipants](../resources/meetingparticipants.md) | The participants associated with the online meeting. Only attendees can be updated. | No |

+| recordAutomatically | Boolean | Indicates whether to record the meeting automatically. | No |

+| startDateTime | DateTime | The meeting start time in UTC. | No |

+| subject | String | The subject of the online meeting. | No |

+ Title: "outlookTask: permanentDelete"

+description: "Permanently delete an Outlook task and place it in the Purges folder in the user's mailbox."

+ms.localizationpriority: high

+# outlookTask: permanentDelete

+Namespace: microsoft.graph

+Permanently delete an Outlook task and place it in the Purges folder in the user's mailbox. Email clients such as Outlook or the Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "outlooktask_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/outlook/tasks/{outlookTaskId}/permanentDelete

+POST /users/{usersId}/outlook/taskGroups/{outlookTaskGroupId}/taskFolders/{outlookTaskFolderId}/tasks/{outlookTaskId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "outlooktaskthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/outlook/tasks/{outlookTaskId}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+<!--

+{

+ "type": "#page.annotation",

+ "description": "Update checklistItem",

+ "keywords": "",

+ "section": "documentation",

+ "tocPath": "",

+ "suppressions": [

+ "Error: microsoft.graph.microsoft.graph/users:

+ /users/{var}/outlook/tasks/{var}/permanentDelete

+ Uri path requires navigating into unknown object hierarchy: missing property 'tasks' on 'outlookUser'. Possible issues:

+ 1) Doc bug where 'tasks' isn't defined on the resource.

+ 2) Doc bug where 'tasks' is an example key and should instead be replaced with a placeholder like {item-id} or declared in the sampleKeys annotation.

+ 3) Doc bug where 'outlookUser' is supposed to be an entity type, but is being treated as a complex because it (and its ancestors) are missing the keyProperty annotation."

+ ]

+}

+-->

+ Title: "outlookTaskFolder: permanentDelete"

+description: "Permanently delete an outlook task folder and remove its items from the user's mailbox."

+ms.localizationpriority: high

+# outlookTaskFolder: permanentDelete

+Namespace: microsoft.graph

+Permanently delete an outlook task folder and remove its items from the user's mailbox. For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "outlooktaskfolder_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/outlook/taskFolders/{outlookTaskFolderId}/permanentDelete

+POST /users/{usersId}/outlook/taskGroups/{outlookTaskGroupId}/taskFolders/{outlookTaskFolderId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "outlooktaskfolderthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/outlook/taskFolders/{outlookTaskFolderId}/permanentDelete

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+<!--

+{

+ "type": "#page.annotation",

+ "description": "Update checklistItem",

+ "keywords": "",

+ "section": "documentation",

+ "tocPath": "",

+ "suppressions": [

+ "Error: microsoft.graph.microsoft.graph/users:

+ /users/{var}/outlook/taskFolders/{var}/permanentDelete

+ Uri path requires navigating into unknown object hierarchy: missing property 'taskFolders' on 'outlookUser'. Possible issues:

+ 1) Doc bug where 'taskFolders' isn't defined on the resource.

+ 2) Doc bug where 'taskFolders' is an example key and should instead be replaced with a placeholder like {item-id} or declared in the sampleKeys annotation.

+ 3) Doc bug where 'outlookUser' is supposed to be an entity type, but is being treated as a complex because it (and its ancestors) are missing the keyProperty annotation."

+ ]

+}

+-->

+ Title: "Get partnerSecurityScore"

+description: "Read the properties and relationships of a partnerSecurityScore object."

+ms.localizationpriority: medium

+# Get partnerSecurityScore

+Namespace: microsoft.graph.partner.security

+Read the properties and relationships of a [partnerSecurityScore](../resources/partner-security-partnersecurityscore.md) object.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- {

+ "blockType": "permissions",

+ "name": "partner-security-partnersecurityscore-get-permissions"

+}

+-->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /security/partner/securityScore

+```

+## Optional query parameters

+This method supports OData query parameters to customize the response. For example, the `$expand` parameter is useful to retrieve optional properties like **requirements** or **history**. For more information and examples, see [OData query parameters](/graph/query-parameters).

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a [microsoft.graph.partner.security.partnerSecurityScore](../resources/partner-security-partnersecurityscore.md) object in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "get_partnersecurityscore"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/security/partner/securityScore

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.partner.security.partnerSecurityScore"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": {

+ "@odata.type": "#microsoft.graph.partner.security.partnerSecurityScore",

+ "id": "9021efeb-af08-e3dd-9c11-ac69f92e43b8",

+ "updatedDateTime": "2024-01-17T00:00:00Z",

+ "lastRefreshDateTime":"2024-02-28T00:00:00Z",

+ "currentScore": 14.29,

+ "maxScore": 100.0

+ }

+}

+```

+ Title: "List customerInsights"

+description: "Get a list of the customerInsight data and their properties."

+ms.localizationpriority: medium

+# List customerInsights

+Namespace: microsoft.graph.partner.security

+Get a list of the [customerInsight](../resources/partner-security-customerinsight.md) objects and their properties.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- {

+ "blockType": "permissions",

+ "name": "partner-security-partnersecurityscore-list-customerinsights"

+}

+-->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /security/partner/securityScore/customerInsights

+```

+## Optional query parameters

+This method supports OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+Server-side pagination is supported by following the `nextLink` provided in the API response when you use the `$skipToken` OData query parameter. Using client-side pagination with `$skip` and `$top` isn't supported.

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.partner.security.customerInsight](../resources/partner-security-customerinsight.md) objects in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "list_customerinsight"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/security/partner/securityScore/customerInsights

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.partner.security.customerInsight)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.partner.security.customerInsight",

+ "tenantId": "d90cb160-123d-0608-3fd6-c53551dcc20c",

+ "mfa": {

+ "@odata.type": "microsoft.graph.partner.security.customerMfaInsight",

+ "compliantAdminsCount": 1,

+ "compliantNonAdminsCount": 2,

+ "totalUsersCount": 5,

+ "securityDefaultsStatus": "enabled",

+ "mfaConditionalAccessPolicyStatus": "disabled",

+ "legacyPerUserMfaStatus": "disabled"

+ }

+ }

+ ]

+}

+```

+ Title: "List securityScoreHistory"

+description: "Lists the history of security score changes for the partner."

+ms.localizationpriority: medium

+# List securityScoreHistory

+Namespace: microsoft.graph.partner.security

+Get a list of [securityScoreHistory](../resources/partner-security-securityscorehistory.md) entries.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- {

+ "blockType": "permissions",

+ "name": "partner-security-partnersecurityscore-list-history"

+}

+-->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /security/partner/securityScore/history

+```

+## Optional query parameters

+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.partner.security.securityScoreHistory](../resources/partner-security-securityscorehistory.md) objects in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "list_securityscorehistory"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/security/partner/securityScore/history

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.partner.security.securityScoreHistory)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.partner.security.securityScoreHistory",

+ "id": "a368fa06-ba31-2d7e-3b0c-2ded0b0c093e",

+ "createdDateTime": "2024-01-17T00:00:00Z",

+ "score": 14.29,

+ "compliantRequirementsCount": 4,

+ "totalRequirementsCount": 5

+ }

+ ]

+}

+```

+ Title: "List requirements"

+description: "Get a list of the security requirements to understand if the requirement is compliant and how to improve the score."

+ms.localizationpriority: medium

+# List requirements

+Namespace: microsoft.graph.partner.security

+Get a list of [securityRequirement](../resources/partner-security-securityrequirement.md) objects and their properties.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- {

+ "blockType": "permissions",

+ "name": "partner-security-partnersecurityscore-list-requirements"

+}

+-->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /security/partner/securityScore/requirements

+```

+## Optional query parameters

+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.partner.security.securityRequirement](../resources/partner-security-securityrequirement.md) objects in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "list_securityrequirement"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/security/partner/securityScore/requirements

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.partner.security.securityRequirement)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.partner.security.securityRequirement",

+ "id": "adc3e54c-8dde-f1cb-b92e-ffb989948282",

+ "requirementType": "securityContactProvided",

+ "complianceStatus": "compliant",

+ "actionUrl": "https://aka.ms/partner-center-security-contact",

+ "helpUrl": "https://aka.ms/partner-center-security-dashboard-security-contact",

+ "score": 20,

+ "maxScore": 20,

+ "state": "active",

+ "updatedDateTime": "2023-09-26T04:04:01.4261872Z"

+ }

+ ]

+}

+```

+ Title: "Get securityRequirement"

+description: "Read the properties and relationships of a ecurityRequirement object."

+ms.localizationpriority: medium

+# Get securityRequirement

+Namespace: microsoft.graph.partner.security

+Read the properties and relationships of a [securityRequirement](../resources/partner-security-securityrequirement.md) object.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- {

+ "blockType": "permissions",

+ "name": "partner-security-securityrequirement-get"

+}

+-->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /security/partner/securityScore/requirements/{securityRequirementId}

+```

+## Optional query parameters

+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a [microsoft.graph.partner.security.securityRequirement](../resources/partner-security-securityrequirement.md) object in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "get_securityrequirement"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/security/partner/securityScore/requirements/{securityRequirementId}

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.partner.security.securityRequirement"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": {

+ "@odata.type": "#microsoft.graph.partner.security.securityRequirement",

+ "id": "adc3e54c-8dde-f1cb-b92e-ffb989948282",

+ "requirementType": "securityContactProvided",

+ "complianceStatus": "compliant",

+ "actionUrl": "https://aka.ms/partner-center-security-contact",

+ "helpUrl": "https://aka.ms/partner-center-security-dashboard-security-contact",

+ "score": "20",

+ "maxScore": "20",

+ "state": "active",

+ "updatedDateTime": "2023-09-26T04:04:01.4261872Z"

+ }

+}

+```

+ Title: "Get securityScoreHistory"

+description: "Read the properties and relationships of a securityScoreHistory object."

+ms.localizationpriority: medium

+# Get securityScoreHistory

+Namespace: microsoft.graph.partner.security

+Read the properties and relationships of a [securityScoreHistory](../resources/partner-security-securityscorehistory.md) object.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- {

+ "blockType": "permissions",

+ "name": "partner-security-securityscorehistory-get"

+}

+-->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /security/partner/securityScore/history/{securityScoreHistoryId}

+```

+## Optional query parameters

+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a [microsoft.graph.partner.security.securityScoreHistory](../resources/partner-security-securityscorehistory.md) object in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "get_securityscorehistory"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/security/partner/securityScore/history/{securityScoreHistoryId}

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.partner.security.securityScoreHistory"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": {

+ "@odata.type": "#microsoft.graph.partner.security.securityScoreHistory",

+ "id": "a368fa06-ba31-2d7e-3b0c-2ded0b0c093e",

+ "createdDateTime": "2024-01-17T00:00:00Z",

+ "score": 80.0,

+ "compliantRequirementsCount": 4,

+ "totalRequirementsCount": 5

+ }

+}

+```

+<!-- { "blockType": "permissions", "name": "peopleadminsettings_delete_photoupdatesettings" } -->

+<!-- { "blockType": "permissions", "name": "peopleadminsettings_list_photoupdatesettings" } -->

+```

+<!-- { "blockType": "permissions", "name": "photoupdatesettings_get" } -->

+<!-- { "blockType": "permissions", "name": "photoupdatesettings_update" } -->

+Update the properties of a [plannerPlanConfiguration](../resources/plannerplanconfiguration.md) object and its [plannerPlanConfigurationLocalization](../resources/plannerplanconfigurationlocalization.md) collection for a [businessScenario](../resources/businessscenario.md).

+|defaultLanguage|String|The language that should be used for creating plans when no language has been specified.|

+|buckets|[plannerPlanConfigurationBucketDefinition](../resources/plannerplanconfigurationbucketdefinition.md) collection|Buckets available in the plan.|

+|localizations|[plannerPlanConfigurationLocalization](../resources/plannerplanconfigurationlocalization.md) collection|Localized names for the plan configuration.|

+ ],

+ "localizations": [

+ {

+ "id": "en-us",

+ "languageTag": "en-us",

+ "planTitle": "Order Tracking",

+ "buckets": [

+ {

+ "externalBucketId": "deliveryBucket",

+ "name": "Deliveries"

+ },

+ {

+ "externalBucketId": "storePickupBucket",

+ "name": "Pickup"

+ },

+ {

+ "externalBucketId": "specialOrdersBucket",

+ "name": "Special Orders"

+ },

+ {

+ "externalBucketId": "returnProcessingBucket",

+ "name": "Customer Returns"

+ }

+ ]

+ },

+ {

+ "id": "es-es",

+ "languageTag": "es-es",

+ "planTitle": "Seguimiento de pedidos",

+ "buckets": [

+ {

+ "externalBucketId": "deliveryBucket",

+ "name": "Entregas"

+ },

+ {

+ "externalBucketId": "storePickupBucket",

+ "name": "Recogida"

+ },

+ {

+ "externalBucketId": "specialOrdersBucket",

+ "name": "Pedidos especiales"

+ },

+ {

+ "externalBucketId": "specialOrdersBucket",

+ "name": "Devoluciones de clientes"

+ }

+ ]

+ }

+ ],

+ "localizations": [

+ {

+ "id": "en-us",

+ "languageTag": "en-us",

+ "planTitle": "Order Tracking",

+ "buckets": [

+ {

+ "externalBucketId": "deliveryBucket",

+ "name": "Deliveries"

+ },

+ {

+ "externalBucketId": "storePickupBucket",

+ "name": "Pickup"

+ },

+ {

+ "externalBucketId": "specialOrdersBucket",

+ "name": "Special Orders"

+ },

+ {

+ "externalBucketId": "returnProcessingBucket",

+ "name": "Customer Returns"

+ }

+ ]

+ },

+ {

+ "id": "es-es",

+ "languageTag": "es-es",

+ "planTitle": "Seguimiento de pedidos",

+ "buckets": [

+ {

+ "externalBucketId": "deliveryBucket",

+ "name": "Entregas"

+ },

+ {

+ "externalBucketId": "storePickupBucket",

+ "name": "Recogida"

+ },

+ {

+ "externalBucketId": "specialOrdersBucket",

+ "name": "Pedidos especiales"

+ },

+ {

+ "externalBucketId": "specialOrdersBucket",

+ "name": "Devoluciones de clientes"

+ }

+ ]

+ }

+Currently, only one active backup policy per underlying service is supported (that is, one for OneDrive accounts, one for SharePoint sites, and one for Exchange Online users). You can add or remove artifacts (sites or user accounts) to or from each active policy.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+### Example 1: Activate an inactive protection policy

+The following example shows a request to activate an inactive protection policy.

+### Example 2: Activate an active protection policy

+The following example shows a request to activate a protection policy that's already active. This request results in an error.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+<!-- { "blockType": "permissions", "name": "reflectcheckinresponse_get" } -->

+> [!NOTE]

+> - Calls return a maximum of five restore points.

+> - You can include a maximum of 20 protection units in one request and the response won't be paginated.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+Activate a draft [restoreSessionBase](../resources/restoresessionbase.md) object to restore a [protection unit](../resources/protectionunitbase.md).

+The following points apply to restoring a protection unit:

+- The SharePoint sites and OneDrive accounts being restored aren't locked in a ready-only state.

+- For SharePoint and OneDrive sites restored to new URLs, users don't have the same permissions they had to the original site. Only the global admin or SharePoint admin has permission to the restored site. However, for in-place or restores to the same URL, the permissions from the original site at the time of restoration are preserved.

+- Restoration of SharePoint site and OneDrive user content that was removed from the recycle bin isn't supported.

+- Mailboxes, OneDrive accounts, and SharePoint sites that are under legal or in-place holds can't be restored unless the legal hold is removes. To restore a SharePoint site under legal hold, you need to restore the site to a new URL.

+- Mailbox draft items aren't backed up and can't be restored.

+- A restore isn't performed if the current state of the mailbox is the same as the point in time you're trying to restore it to.

+- SharePoint sites and OneDrive accounts that are restored to a new URL have a read-only lock on that new URL until the restore completes. The global admin can still download documents or remove the read-only lock manually.

+- The global admin, SharePoint admin, or Exchange admin can initiate a restore of up to 1,000 SharePoint sites, 1,000 OneDrive users, and 1000 mailboxes queued in parallel at a time.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+|determination|microsoft.graph.security.alertDetermination|Specifies the determination of the incident. Possible values are: `unknown`, `apt`, `malware`, `securityPersonnel`, `securityTesting`, `unwantedSoftware`, `other`, `multiStagedAttack`, `compromisedAccount`, `phishing`, `maliciousUserActivity`, `notMalicious`, `notEnoughDataToValidate`, `confirmedUserActivity`, `lineOfBusinessApplication`, `unknownFutureValue`.|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+ Title: "List owners of a service principal"

+# List owners of a service principal

+This method supports the `$count`, `$expand`, `$filter`, `$orderby`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on directory objects](/graph/aad-advanced-queries).

+GET https://graph.microsoft.com/beta/serviceprincipals(appId='bbec3106-565f-4907-941e-96b4dbfef21c')/owners

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directoryObjects",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET servicePrincipals(appId=<key>)/owners?$select=deletedDateTime",

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "ce4770b3-70b2-4a38-a242-76631e9f7408",

+ "accountEnabled": null,

+ "city": null,

+ "createdDateTime": null,

+ "displayName": null,

+ "mail": null,

+ "mailNickname": null,

+ "otherMails": [],

+ "proxyAddresses": [],

+ "surname": null,

+ "userPrincipalName": null,

+ "userType": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "858a9c90-38b3-4e78-b915-234aece712c4"

+ },

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "7585d967-f300-43de-b817-7119a6404c5e"

+ }

+ ]

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+The following tables show the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+> [!NOTE]

+> - The Directory.ReadWrite.All permission is supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission and avoid using this permissions going forward.

+> - You can only use the AppCatalog.Submit permission to delete app definitions in review.

+> - Only global administrators can call this API.

+Permissions for the following HTTP request:

+<!-- { "blockType": "ignored" } -->

+```http

+DELETE /appCatalogs/teamsApps/{id}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "teamsapp_delete",

+ "requestUrls": ["DELETE /appCatalogs/teamsApps/{id}"]

+ } -->

+Permissions for the following HTTP request:

+<!-- { "blockType": "ignored" } -->

+```http

+DELETE /appCatalogs/teamsApps/{appId}/appDefinitions/{appDefinitionId}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "teamsapp_delete_2",

+ "requestUrls": ["DELETE /appCatalogs/teamsApps/{appId}/appDefinitions/{appDefinitionId}"]

+ } -->

+>

+> * The `Directory.ReadWrite.All` permission is supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.

+> * The `AppCatalog.Submit` permission allows you to submit apps for review only, not to publish them to the catalog.

+### Error response

+If you send a request to upload an app manifest that contains missing information or errors, you receive an error message that includes the inner error code `UnableToParseTeamsAppManifest`. The **details** property of the inner error contains the error code and the error message. The following table describes the error codes that you might encounter.

+<br>

+<details><summary>Error response</summary>

+| Error code | Error message | Description |

+| :- | - | - |

+|`Serialization_FileNotValidJson`| The file couldn't be parsed as a JSON object.| The submitted file didn't comply with a valid JSON format. |

+|`Serialization_FileMissing`| The file {0} couldn't be found in the app package.| The expected file is missing in the app package.|

+|`Serialization_TrailingCommaInManifestJsonFile`| Manifest json file contains trailing comma.| The app manifest file contains a trailing comma.|

+|`SchemaError_MultipleOf`| Integer {0} isn't a multiple of {1}.| The app manifest file failed the `multipleOf` validation of the schema. Here, {0} represents the integer value and {1} indicates the required multiple. |

+|`SchemaError_Maximum`| Integer {0} exceeds maximum value of {1}.| The app manifest file failed the `maximum` validation of the schema. Here, {0} represents the value that exceeds the maximum limit and {1} represents the maximum limit. |

+|`SchemaError_Minimum`| Integer {0} is less than minimum value of {1}.|The app manifest file failed the `minimum` validation of the schema. Here, {0} represents the value that exceeds the minimum limit and {1} represents the minimum limit.|

+|`SchemaError_MaximumLength`| String {0} exceeds maximum length of {1}.| The app manifest file failed the `maximumLength` validation of the schema. Here, {0} represents the string that exceeds the maximum length and {1} represents the maximum length.|

+|`SchemaError_MinimumLength`| String {0} is less than minimum length of {1}. | The app manifest file failed the `minimumLength` validation of the schema. Here, {0} represents the string that is less than the minimum length and {1} represents the minimum.|

+|`SchemaError_Pattern`| String {0} doesn't match regex pattern "{1}". | The app manifest file failed the `pattern` validation of the schema. Here, {0} represents the value that doesn't match the pattern and {1} represents the expected pattern.|

+|`SchemaError_ContentEncoding`| String {0} doesn't validate against content encoding {1}.| The app manifest file failed the `contentEncoding` validation of the schema. Here, {0} represents the string that doesn't match content encoding and {1} represents the expected content encoding.|

+|`SchemaError_Format`| String {0} doesn't validate against format {1}.| The app manifest file failed the `format` validation of the schema. Here, {0} represents the string that isn't in the expected format and {1} represents the expected format.|

+|`SchemaError_Type`| Value {0} isn't of the expected type {1}.| The app manifest file failed the `type` validation of the schema. Here, {0} represents the string that isn't in the expected type and {1} represents the expected type.|

+|`SchemaError_AdditionalItems`| The schema doesn't allow additional items.| The app manifest file failed the `additionalItems` validation of the schema.|

+|`SchemaError_MaximumItems`| Array item count {0} exceeds maximum count of {1}.| The app manifest file failed the `maximumItems` validation of the schema. Here, {0} represents the number of elements in the array and {1} represents the maximum allowed.|

+|`SchemaError_MinimumItems`| Array item count {0} is less than minimum count of {1}.| The app manifest file failed the `minimumItems` validation of the schema. Here, {0} represents the number of elements in the array and {1} represents the minimum allowed.|

+|`SchemaError_UniqueItems`| Array contains items that aren't unique.| The app manifest file failed the `uniqueItems` validation of the schema.|

+|`SchemaError_MaximumProperties`| Object property count {0} exceeds maximum count of {1}.| The app manifest file failed the `maximumProperties` validation of the schema. Here, {0} represents the number of properties provided and {1} represents the maximum allowed properties.|

+|`SchemaError_MinimumProperties`| Object property count {0} is less than minimum count of {1}.|The app manifest file failed the `minimumProperties` validation of the schema. Here, {0} represents the number of properties provided and {1} represents the minimum allowed properties.|

+|`SchemaError_Required`| Required properties are missing from object: {0}.| The app manifest file failed the `required` validation of the schema. Here, {0} represents the required properties. |

+|`SchemaError_AdditionalProperties`| Property {0} hasn't been defined and the schema doesn't allow additional properties.| The app manifest file failed the `additionalProperties` validation of the schema. Here, {0} represents the additional property.|

+|`SchemaError_Dependencies`|Dependencies for property {0} failed. Missing required keys.| The app manifest file failed the `dependencies` validation of the schema. Here, {0} represents the property that failed.|

+|`SchemaError_Enum`| Value {0} isn't defined in the enum.| The app manifest file failed the `enum` validation of the schema. Here, {0} represents the value that isn't in the enum.|

+|`SchemaError_AllOf`| JSON doesn't match all schemas from "allOf".| The app manifest file failed the `allOf` validation of the schema.|

+|`SchemaError_AnyOf`| JSON doesn't match any schemas from "anyOf".| The app manifest file failed the `anyOf` validation of the schema.|

+|`SchemaError_OneOf`| JSON is valid against more than one schema from "oneOf".| The app manifest file failed the `oneOf` validation of the schema.|

+|`SchemaError_Not`| JSON is valid against schema from "not".| The app manifest file failed the `not` validation of the schema.|

+|`SchemaError_Id`| Duplicate schema ID {0} encountered.| The app manifest file failed the `id` validation of the schema. Here, {0} represents the `id` of the schema.|

+|`SchemaError_PatternProperties`| Couldn't test property names with regex pattern "{0}".| The app manifest file failed the `patternProperties` validation of the schema. Here, {0} represents the pattern for the properties.|

+|`SchemaError_Valid`| Schema always fails validation.| The app manifest file failed the `valid` validation of the schema.|

+|`SchemaError_Const`| Value {0} doesn't match constant {1}.| The app manifest file failed the `const` validation of the schema. Here, {0} represents the value that failed and {1} represents the correct value.|

+|`SchemaError_Contains`| Array doesn't contain a required item.| The app manifest file failed the `contains` validation of the schema.|

+|`SchemaError_Then`|JSON doesn't match schema from "then".| The app manifest file failed the `then` validation of the schema.|

+|`SchemaError_Else`| JSON doesn't match schema from "else".|The app manifest file failed the `else` validation of the schema.|

+| `SchemaError_Other`| The value doesn't conform to the schema for this property.| The app manifest file failed other unhandled validations of the schema.|

+|`ActivityGroupIdFromActivitiesTypeValidation` | ActivityGroupId field in ActivityType must be a subset of ID field in ActivityGroup.| The `ActivityGroupId` field in `ActivityType` isn't a subset of the `Id` field in `ActivityGroup` in the app manifest.|

+|`ActivityTypesMustExistWithActivitiesGroupValidation` | Manifest shouldn't contain Activity Group when Activity Types is missing.| The `ActivityGroup` property is available, but the `ActivityType` property is missing in the app manifest.|

+|`ApiSecretServiceAuthTypeComposeExtensionContainsMsftEntraConfiguration`|API-based compose extension with apiSecretServiceAuth authType have microsoftEntraConfiguration defined.| The API-based compose extension has `microsoftEntraConfiguration` defined in the app manifest.|

+|`ApiSecretServiceAuthTypeComposeExtensionContainsNoApiSecretRegistrationId`| API-based compose extension with apiSecretServiceAuth authType have no apiSecretRegistrationId defined.| The API-based compose extension with `apiSecretServiceAuth` authType without `apiSecretRegistrationId` defined in the app manifest.|

+|`ApiSecretServiceAuthTypeComposeExtensionContainsNoApiSecretServiceAuthConfiguration` | API-based compose extension with apiSecretServiceAuth authType have no apiSecretServiceConfiguration.| The API-based compose extension doesn't set `supportsSingleSignOn` to `true` in the app manifest.|

+|`ApiBasedComposeExtensionManifestCommandIdsNotIncludedInOperationIdsOnApiSpecficationFile`| Command Ids on manifest aren't included in Operation Ids on API specification file.| The error that occurs when the `Command Ids` in the app manifest aren't included in `Operation Ids` on API specification file.|

+|`ApiBasedComposeExtensionWithBotId`| API-based compose extension can't have botId defined.| The API-based compose extension has `botId` defined in the app manifest.|

+|`ApiBasedComposeExtensionWithCanUpdateConfiguration`|API-based compose extension can't have canUpdateConfiguration defined on manifest.| The API-based compose extension has `canUpdateConfiguration` defined in the app manifest.|

+|`ApiBasedComposeExtensionWithNoParameter`| API-based compose extension must have command parameters defined on manifest.| The API-based compose extension doesn't have any command parameters defined in the app manifest.|

+|`ApiBasedComposeExtensionApiResponseRenderingTemplateFileNullOrEmpty`| API-based compose extension must have apiResponseRenderingTemplateFile defined on manifest.| The API-based compose extension doesn't have the `apiResponseRenderingTemplateFile` defined in the app manifest.|

+|`ApiBasedComposeExtensionApiSpecificationFileNullOrEmpty`| API-based compose extension must have apiSpecificationFile defined on manifest. | The API-based compose extension doesn't have the `apiSpecificationFile` defined in the app manifest.|

+|`MsftEntraAuthTypeComposeExtensionContainsApiSecretServiceConfiguration`|API-based compose extension with microsoftEntra authType have apiSecretServiceConfiguration defined. |The API-based compose extension has `apiSecretServiceConfiguration` defined in the manifest.|

+|`MsftEntraAuthTypeComposeExtensionContainsNoMsftEntraConfiguration`|API-based compose extension with microsoftEntra authType have no microsoftEntraConfiguration defined.| The API-based compose extension doesn't have `microsoftEntraConfiguration` defined in the app manifest.|

+|`MsftEntraAuthTypeComposeExtensionWebApplicationInfoOrResourceNotDefined`|API-based compose extension with microsoftEntra authType have no webApplicationInfo or resource defined on manifest.| The API-based compose extension with `microsoftEntra` authType doesn't have `webApplicationInfo` or `resource` defined in the app manifest.|

+|`MsftEntraAuthTypeComposeExtensionResourceURLNotMatchServerURLOnApiSpec` |API-based compose extension with microsoftEntra authType resource URL on manifest doesn't match server URL on API specification file.| The API-based compose extension with `microsoftEntra` authType resource URL in the app manifest doesn't match server URL in the API specification file.|

+|`NoAuthTypeComposeExtensionContainsAuthConfiguration` |API-based compose extension with none authType have auth-related configuration defined.| The API-based compose extension with authType `microsoftEntraConfiguration` or `apiSecretServiceConfiguration` isn't defined in the app manifest.|

+|`ApiSpecificationFileContainUnsupportedHttpMethod`| API-based compose extension have server urls that have unsupported http method defined on apiSpecificationFile. Currently only GET and POST are supported.| The API-based compose extension has an unsupported `http` method defined in the `apiSpecificationFile`.|

+|`ApiSpecificationFileRequiredParameterContainUnsupportedLocation`| API-based compose extension have unsupported parameter location defined on apiSpecificationFile for {0}. Currently only path and query supported.| The API-based compose extension has an unsupported parameter location defined in the `apiSpecificationFile`.|

+|`ApiSpecificationFileRequestBodyContainUnsupportedMediaType`|API-based compose extension have unsupported media type defined in request body on apiSpecificationFile. Currently only application/json is supported.| The API-based compose extension has an unsupported `media` type defined in request body in the `apiSpecificationFile`.|

+|`ApiSpecificationFileRequestBodyContainUnsupportedSchemaType`| API-based compose extension have unsupported schema type defined in request body on apiSpecificationFile. Currently arrays aren't supported.| The API-based compose extension has an unsupported schema type defined in request body in the `apiSpecificationFile`.|

+|`ApiSpecificationFileRequestBodySchemaContainKeywords` | API-based compose extension have keywords.|The API-based compose extension has keywords defined in request body in the `apiSpecificationFile`.|

+|`ApiSpecificationFileRequiredParameterOrPropertyNotDefinedOnManifest`| API-based compose extension have required parameters or properties {0} not defined on manifest.| The API-based compose extension has a `required` parameter, which isn't defined in the app manifest.|

+|`ApiSpecificationFileResponseContainUnsupportedMediaType`| API-based compose extension have unsupported media type defined in response on apiSpecificationFile. Currently only application/json supported. | The API-based compose extension has an unsupported `media` type defined in response in the `apiSpecificationFile`.|

+|`ApiSpecificationFileServerUrlsContainHttp`| API-based compose extension have server urls that have http protocol defined on apiSpecificationFile.| The API-based compose extension has server urls that contain `http` protocol in the `apiSpecificationFile`.|

+|`ApiSpecificationFileServerUrlsContainInvalidUrl`| API-based compose extension have server urls that are invalid URL defined on apiSpecificationFile.| The API-based compose extension has an `invalid` URL defined in the `apiSpecificationFile`.|

+|`ServerUrlsMissingOnApiSpecificationFile`| API-based compose extension have no server urls defined on apiSpecificationFile.| The error that occurs The API-based compose extension has no server urls defined in the `apiSpecificationFile`.|

+|`BotBasedComposeExtensionApiResponseRenderingTemplateFileExists` |Bot based compose extension can't have apiResponseRenderingTemplateFile defined.|The bot-based compose extension has an `apiResponseRenderingTemplateFile` property defined in the app manifest.|

+|`BotBasedComposeExtensionApiSpecificationFileExists` |Bot based compose extension can't have apiSpecificationFile defined.|The bot-based compose extension has an API specification file defined in the app manifest.|

+|`BotBasedComposeExtensionBotIdNotGuid` |Bot based compose extension must have GUID botId.| The bot-based compose extension `botId` isn't GUID.|

+|`CommonAppIdIsNotGuid`| Field 'ID' isn't a Guid in the manifest.| The `appId` isn't GUID.|

+|`CommonAppIdIsRequiredField`| Required field 'ID' is missing in the manifest.| The `appId` isn't provided.|

+|`CommonManifestVersionIsRequiredField`|The required field in manifest 'manifest Version' is missing.| The manifest version isn't provided.|

+|`CommonSchemaUrlIsRequiredField`| Schema URL must be present.| The schema isn't provided.|

+|`DashboardCardBothIconNameAndUrlPresent`| Dashboard cards icon shouldn't contain both icon name and URL.| Dashboard cards icon mustn't contain both icon name and URL.|

+|`DashboardCardEntityIdsAreNotUnique`| Dashboard card entity IDs should be unique.| The returned entity Id for a dashboard card isn't unique within the manifest.|

+|`DeveloperNameIsRequiredField`| Required field 'developer name' is missing in the manifest.| The developer name isn't provided.|

+|`DeveloperNameLengthCheck`| Maximum character length must not exceed 32 chars.| The developer name is more than 32 characters long.|

+|`DeveloperPrivacyUrlIsRequiredField`| Required field 'privacyUrl' is missing in the manifest.| The `privacyUrl` is missing in the app manifest. |

+|`DeveloperPrivacyUrlMustBeHttps`| Privacy URL must be secured Support URL (HTTPS).| The developer privacy URL didn't use HTTPS.|

+|`DeveloperTermsOfUseUrlIsRequiredField`| Required field 'termsOfUseUrl' is missing in the manifest.| The **termsOfUseUrl** is missing from the manifest.|

+|`DeveloperTermsOfUseUrlMustBeHttps`|Terms Of Use URL must be secured Support URL (HTTPS).| The developer terms of use URL didn't use HTTPS.|

+|`DeveloperWebsiteUrlIsRequiredField`| Required field 'websiteUrl' is missing in the manifest.| The developer website URL is missing.|

+|`DeveloperWebsiteUrlMustBeHttps`| Website URL must be secured Support URL (HTTPS).| The developer website URL didn't use HTTPS.|

+|`UniqueActivityTypeInActivitiesValidation` |Manifest shouldn't contain duplicate Activity Type.| The activity type isn't unique in the app manifest.|

+|`UniqueIdInActivitiesGroupValidation` |Manifest shouldn't contain duplicate ID in Activity Groups.| The activity group ID isn't unique in the app manifest.|

+|`FullDescriptionCannotBeEmpty` |Full Description can't be empty.| The full description is empty.|

+|`FullDescriptionLengthCheck`| Maximum character length for long description must not exceed 4,000 chars.| The full description length is more than 4,000 characters.|

+|`GroupChatForBotsLessThanV13`| Please upgrade the version of manifest to V1.3 as group chat bot is supported in manifest v1.3 onwards.| The `groupChat` scope for bots isn't supported in the app manifest version 1.3 and below.|

+|`GroupChatForConfigurableTabsLessThanV13`| Please upgrade the version of manifest to V1.3 as group chat configurable tabs is supported in manifest v1.3 onwards.|The `groupChat` scope for configurable tabs isn't supported in the app manifest version 1.3 and below.|

+|`InvalidColor32x32IconHeightAndWidth`|Color 32x32 icon should be 32x32 with only white and transparent.| The color 32x32 icon doesn't have the correct dimensions.|

+|`InvalidColorIconHeightAndWidth`| Color Icon isn't as per the required dimension.| The dimensions of the color icon are incorrect.|

+|`InvalidOutlineIconHeightAndWidth` | Small icon should be 32x32 with only white and transparent.| The dimensions of the outline icon are incorrect.|

+|`ParameterOnManifestNotDefinedOnApiSpecFile` | API-based compose extension have parameters {0} on manifest not defined on API specification file.| The API-based compose extension parameters in the app manifest aren't defined in the API specification file. |

+|`ReservedActivitiesValidation`| Manifest shouldn't contain reserved Activity Type 'systemDefault'.| The `systemDefault` activity type is defined in the app manifest.|

+|`ReservedStaticTabNameShouldBeNull`| Reserved tab "Name" property shouldn't be specified.| The reserved `staticTabs` name property was specified.|

+|`ShortDescriptionCannotBeEmpty`| Short Description canΓÇÖt be empty| The short description was empty.|

+|`ShortDescriptionLengthCheck`|Maximum character length for short description must not exceed 80 chars.| The short description is more than 80 characters long.|

+|`ShortNameEqualsReservedName`|Short name of the app can't be reserved name.| The short name is a reserved name.|

+|`ShortNameIsRequiredField`| Short name of the app can't be empty.| The short name is empty.|

+|`StaticTabNameCouldNotBeEmpty`| Non-reserved staticTabs "Name" property can't be empty.| The `staticTabs` name property is empty.|

+|`BotIdIsNotGuid`| BotId isn't a Guid value.|The `BotId` value in the app manifest isn't a GUID.|

+|`VersionCannotBeEmpty`| Required field "version" is missing in the manifest.| The app package version is missing.|

+|`VersionContainsOnlyNumbersDotSeparated`| App version supports only numbers in the '#.#.#' format.| The version in the app package isn't matched by the pattern, `#.#.#`.|

+|`VersionHasMajorLessThan1`|App version shouldn't start with '0'. Ex: 0.0.1 or 0.1 aren't valid app versions and 1.0 / 1.5.1 / 1.0.0 / 2.5.0 are valid app versions. In case of new update in manifest to an existing app in store. | The app version is less than 1.0. You need to upgrade your app version. For example, if the current version of your app in the store is 1.0 and youΓÇÖre submitting an update for validation, the app version must be higher than 1.0.|

+|`ShortNameLengthCheck` |Maximum character length for Short Name must not exceed 30 chars.|The short name exceeds 30 characters.|

+|`ApiSpecificationFileParameterContainUnsupportedSchemaType` |API-based compose extension have unsupported parameter schema type defined on apiSpecificationFile.Arrays aren't supported.|The API-based compose extension has an unsupported parameter schema type defined in the `apiSpecificationFile`.|

+</details>

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+Update the signed-in [user's](../resources/user.md) password. Any user can update their password without belonging to any administrator role.

+Get newly created, updated, or deleted users without having to perform a full read of the entire [user](../resources/user.md) collection. See [change tracking](/graph/delta-query-overview) for details.

+| Query parameter | Type |Description|

+Retrieve the properties and relationships of [user](../resources/user.md) object.

+Retrieve the list of [appRoleAssignments](../resources/approleassignment.md) that a [user](../resources/user.md) has been granted. This operation also returns app role assignments granted to groups that the user is a direct member of.

+<!-- { "blockType": "permissions", "name": "user_list_memberof" } -->

+<!-- { "blockType": "permissions", "name": "user_list_transitivememberof" } -->

+Use this API to assign an [app role](../resources/approle.md) to a [user](../resources/user.md), creating an [appRoleAssignment](../resources/approleassignment.md) object. To grant an app role assignment to a user, you need three identifiers:

+| Name | Description|

+|:-|:-|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Content-Type | The nature of the data in the body of an entity. Required. <br/> Use `application/json` for a JSON object and `text/plain` for MIME content |

+|accountEnabled|Boolean| `true` if the account is enabled; otherwise, `false`. This property is required when a user is created. A Privileged Authentication Administrator assigned the _Directory.AccessAsUser.All_ delegated permission is the least privileged role that's allowed to update the **accountEnabled** status of all administrators in the tenant.|

+<!-- { "blockType": "permissions", "name": "virtualendpoint_retrievetenantencryptionsetting" } -->

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+<!-- { "blockType": "permissions", "name": "workbookformatprotection_get" } -->

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+<!-- { "blockType": "permissions", "name": "workbookformatprotection_update" } -->

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+# [HTTP](#tab/http)

+# [JavaScript](#tab/javascript)

+ Title: "workingTimeSchedule: endWorkingTime"

+description: "Trigger the policies associated with the end of working hours for a specific user."

+ms.localizationpriority: medium

+# workingTimeSchedule: endWorkingTime

+Namespace: microsoft.graph

+Trigger the policies associated with the end of working hours for a specific user.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "workingtimeschedule_endworkingtime" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{userId}/solutions/workingTimeSchedule/endWorkingTime

+```

+## Path parameters

+|Parameter|Type|Description|

+|:|:|:|

+|userId|String|ID of the user whose working time ended.|

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `202 Accepted` response code.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "workingtimeschedulethis.endworkingtime"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/ccdf8279-8a3f-4c10-af1a-4a7f46b1489f/solutions/workingTimeSchedule/endWorkingTime

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 202 Accepted

+```

+ Title: "Get workingTimeSchedule"

+description: "Read the properties and relationships of a workingTimeSchedule object."

+ms.localizationpriority: medium

+# Get workingTimeSchedule

+Namespace: microsoft.graph

+Read the properties and relationships of a [workingTimeSchedule](../resources/workingtimeschedule.md) object.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- {

+ "blockType": "permissions",

+ "name": "workingtimeschedule-get-permissions"

+}

+-->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /users/{usersId}/solutions/schedule

+```

+## Optional query parameters

+This method doesn't support [OData query parameters](/graph/query-parameters) to customize the response.

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a [workingTimeSchedule](../resources/workingtimeschedule.md) object in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "get_workingtimeschedule"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/users/ccdf8279-8a3f-4c10-af1a-4a7f46b1489f/solutions/schedule

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.workingTimeSchedule"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": {

+ "@odata.type": "#microsoft.teams.workingTime.workingTimeSchedule",

+ "id": "da5f72af-450e-56fc-10d7-afc9acb40cc0"

+ }

+}

+```

+ Title: "workingTimeSchedule: startWorkingTime"

+description: "Trigger the policies associated with the start of working hours for a specific user."

+ms.localizationpriority: medium

+# workingTimeSchedule: startWorkingTime

+Namespace: microsoft.graph

+Trigger the policies associated with the start of working hours for a specific user.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "workingtimeschedule_startworkingtime" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{userId}/solutions/workingTimeSchedule/startWorkingTime

+```

+## Path parameters

+|Parameter|Type|Description|

+|:|:|:|

+|userId|String|ID of the user whose working hours started.|

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `202 Accepted` response code.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "workingtimeschedulethis.startworkingtime"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/ccdf8279-8a3f-4c10-af1a-4a7f46b1489f/solutions/workingTimeSchedule/startWorkingTime

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 202 Accepted

+```

+|[Filter by current user](../api/accesspackageassignmentrequest-filterbycurrentuser.md)|[accessPackageAssignmentRequest](../resources/accesspackageassignmentrequest.md) collection|Retrieve the list of **accessPackageAssignmentRequest** objects filtered on the signed-in user.|

+| [Resume](../api/accesspackageassignmentrequest-resume.md) | None | Resume a user's access package request after waiting for a callback from a custom extension.|

+There's also a related capability for customers to review and certify the role assignments of administrative users who are assigned to [Microsoft Entra roles](/entr).

+|[Get](../api/adminreportsettings-get.md)|[adminReportSettings](../resources/adminreportsettings.md)|Get the tenant-level settings for Microsoft 365 reports.|

+|[Update](../api/adminreportsettings-update.md)|[adminReportSettings](../resources/adminreportsettings.md)|Update tenant-level settings for Microsoft 365 reports.|

+| displayConcealedNames | Boolean | If set to `true`, all reports conceal user information such as usernames, groups, and sites. If `false`, all reports show identifiable information. This property represents a setting in the Microsoft 365 admin center. Required. |

+|authenticationBehaviors|[authenticationBehaviors](../resources/authenticationbehaviors.md)| The collection of breaking change behaviors related to token issuance that are configured for the application. Authentication behaviors are unset by default (`null`) and must be explicitly enabled or disabled. Nullable. Returned only on `$select`. <br/><br/> For more information about authentication behaviors, see [Manage application authenticationBehaviors to avoid unverified use of email claims for user identification or authorization](/graph/applications-authenticationbehaviors).|

+description: "Used to record when a user, group, or service principal is assigned to an app role on an application's service principal. You can create, read, and delete app role assignments."

+When the [app role](approle.md) that has been assigned to a principal has a nonempty **value** property, this is included in the **roles** claim of tokens where the subject is the assigned principal (for example, SAML responses, ID tokens, access tokens identifying a signed-in user, or an access token identifying a service principal). Applications and APIs use these claims as part of their authorization logic.

+|[List app role assignments for a group](../api/group-list-approleassignments.md)|[appRoleAssignment](../resources/approleassignment.md) collection|Get a list of the [appRoleAssignment](../resources/approleassignment.md) objects and their properties for a group.|

+|[List app role assignments for a user](../api/user-list-approleassignments.md)|[appRoleAssignment](../resources/approleassignment.md) collection|Get a list of the [appRoleAssignment](../resources/approleassignment.md) objects and their properties for a user.|

+|[List app role assignments for a client service principal](../api/serviceprincipal-list-approleassignments.md)|[appRoleAssignment](../resources/approleassignment.md) collection|Get a list of the [appRoleAssignment](../resources/approleassignment.md) objects and their properties for a client service principal.|

+|[List app role assignments for users, groups, and client service principals for a resource service principal](../api/serviceprincipal-list-approleassignedto.md)|[appRoleAssignment](../resources/approleassignment.md) collection|Get a list of the [appRoleAssignment](../resources/approleassignment.md) objects and their properties for users, groups, and client service principals for a specified resource service principal.|

+|[Grant app role to a group](../api/group-post-approleassignments.md)|[appRoleAssignment](../resources/approleassignment.md)|Create a new [appRoleAssignment](../resources/approleassignment.md) object for a group.|

+|[Grant app role to a user](../api/user-post-approleassignments.md)|[appRoleAssignment](../resources/approleassignment.md)|Create a new [appRoleAssignment](../resources/approleassignment.md) object for a user.|

+|[Grant app role to a client service principal](../api/serviceprincipal-post-approleassignments.md)|[appRoleAssignment](../resources/approleassignment.md) collection|Create a new [appRoleAssignment](../resources/approleassignment.md) object for a client service principal.|

+|[Grant app role assignment to user, group, or client service principal for a resource service principal](../api/serviceprincipal-post-approleassignedto.md)|[appRoleAssignment](../resources/approleassignment.md) collection|Create a new [appRoleAssignment](../resources/approleassignment.md) object to a user, group, or client service principal for a specified resource service principal.|

+|[Get app role assignment](../api/approleassignment-get.md)|[appRoleAssignment](../resources/approleassignment.md)|Get an [appRoleAssignment](../resources/approleassignment.md) object assigned to a user, group, or client service principal for a resource service principal.|

+|[Delete app role assignment for a group](../api/group-delete-approleassignments.md)|None|Delete an [appRoleAssignment](../resources/approleassignment.md) object from a group.|

+|[Delete app role assignment for a user](../api/user-delete-approleassignments.md)|None|Delete an [appRoleAssignment](../resources/approleassignment.md) object from a user.|

+|[Delete app role assignment for a client service principal](../api/serviceprincipal-delete-approleassignments.md)|None|Delete an [appRoleAssignment](../resources/approleassignment.md) object from a client service principal.|

+|[Delete app role assignment for user, group, or client service principal to a resource service principal](../api/serviceprincipal-delete-approleassignedto.md)|None|Delete an [appRoleAssignment](../resources/approleassignment.md) object from a user, group, or client service principal for a specified resource service principal.|

+| appRoleId | Guid | The identifier (**id**) for the [app role](approle.md) that is assigned to the principal. This app role must be exposed in the **appRoles** property on the resource application's service principal (**resourceId**). If the resource application hasn't declared any app roles, a default app role ID of `00000000-0000-0000-0000-000000000000` can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create. |

+description: "The base type for several types of attachments on a user, message, task, or group post."

+The base type for several types of attachments on a user, message, task, or group post that serves as the base resource for the following derived types of attachments:

+* A file ([fileAttachment](../resources/fileattachment.md) resource)

+* An item (contact, event, or message, represented by an [itemAttachment](../resources/itemattachment.md) resource)

+* A link to a file ([referenceAttachment](../resources/referenceattachment.md) resource)

+Applications can adopt new breaking changes by enabling a behavior (set the behavior to `true`), or continue using preexisting behavior by disabling it (by setting the behavior to `false`). For more information about managing authentication behaviors, see [Manage application authenticationBehaviors](/graph/applications-authenticationbehaviors).

+|blockAzureADGraphAccess|Boolean| If `false`, allows the app to have extended access to Azure AD Graph until June 30, 2025 when Azure AD Graph is fully retired. For more information on Azure AD retirement updates, see [June 2024 update on Azure AD Graph API retirement](https://techcommunity.microsoft.com/t5/microsoft-entra-blog/june-2024-update-on-azure-ad-graph-api-retirement/ba-p/4094534).|

+|removeUnverifiedEmailClaim|Boolean| If `true`, removes the `email` claim from tokens sent to an application when the email address's domain can't be verified. |

+|requireClientServicePrincipal|Boolean| If `true`, requires multitenant applications to have a service principal in the resource tenant as part of authorization checks before they're granted access tokens. This property is only modifiable for multitenant resource applications that rely on access from clients without a service principal and had this behavior as set to `false` by Microsoft. Tenant administrators should respond to security advisories sent through Azure Health Service events and the Microsoft 365 message center.|

+ "blockAzureADGraphAccess": "Boolean",

+> [!NOTE]

+>

+> If the Default Scheduling Policy is enabled at the service level, the values of this resource are limited to those defined in the policy in the [List services](/graph/api/bookingbusiness-list-services) API response. In this case, the client must fall back to the Default Scheduling Policy for the business.

+The business flow template objects are predefined and automatically generated when an authorized administrator onboards the tenant to use the access reviews feature. They include the following access reviews workflows and scopes:

+- Assignments to an application

+- Memberships of a group

+- Memberships of a Microsoft Entra role

+- Memberships of guests to a group

+- Assignments of guests to an application.

+description: "Represents a container for events. It can be a calendar for a user, or the default calendar of a Microsoft 365 group."

+|[List](../api/user-list-calendars.md)|[calendar](calendar.md) collection|Get all the user's calendars, or the calendars in the default or other specific calendar group.|

+|[Create](../api/user-post-calendars.md) |[calendar](calendar.md)| Create a new calendar in the default calendar group or specified calendar group for a user.|

+|[Get](../api/calendar-get.md) | [calendar](calendar.md) |Get the properties and relationships of a **calendar** object. The calendar can be one for a user, or the default calendar of a Microsoft 365 group. |

+|[Update](../api/calendar-update.md) | [calendar](calendar.md) |Update the properties of a **calendar** object. The calendar can be one for a user, or the default calendar of a Microsoft 365 group. |

+|[Delete](../api/calendar-delete.md) | None |Delete calendar object. |

+|[Permanently delete](../api/calendar-permanentdelete.md)|None|Permanently delete the **calendar** folder and remove it from the mailbox. |

+|[Create event](../api/calendar-post-events.md) |[event](event.md)| Create a new event in the default or specified calendar.|

+> [!NOTE]

+> The following known issues are associated with this resource:

+> - [Webhook message processing exception: System.Security.Cryptography.CryptographicException](https://developer.microsoft.com/en-us/graph/known-issues/?search=24752)

+> - [Support for multi-endpoint use case in delta roster notification mode is missing](https://developer.microsoft.com/en-us/graph/known-issues/?search=24894)

+|[Get delta by organizer](../api/callrecording-delta.md) | [callRecording](callrecording.md) collection | Get a set of [callRecording](../resources/callrecording.md) resources that were added for [onlineMeeting](../resources/onlinemeeting.md) instances organized by the specified user.|

+|[Get delta by organizer](../api/calltranscript-delta.md) | [callTranscript](calltranscript.md) collection | Get a set of [callTranscript](../resources/calltranscript.md) resources that were added for [onlineMeeting](../resources/onlinemeeting.md) instances organized by the specified user.|

+|displayName|String|The name of the reaction.|

+|reactionType|String|The reaction type. Supported values include Unicode characters, `custom`, and some backward-compatible reaction types, such as `like`, `angry`, `sad`, `laugh`, `heart`, and `surprised`. |

+ "displayName": "String",

+|[Get frontline access state](../api/cloudpc-getfrontlinecloudpcaccessstate.md)|[frontlineCloudPcAccessState](#frontlinecloudpcaccessstate-values)|Get the access state of the frontline Cloud PC. The possible values are: `unassigned`, `noLicensesAvailable`, `activationFailed`, `active`, `activating`, `standbyMode`, `unknownFutureValue`. The `noLicensesAvailable` member is deprecated and will stop returning on September 30, 2024.|

+|noLicensesAvailable (deprecated)|Indicates that all shared-use licenses are in use. The `noLicensesAvailable` member is deprecated and will stop returning on September 30, 2024.|

+ Title: "cloudPcCrossRegionDisasterRecoverySetting resource type"

+description: "Represents the settings for cross-region disaster recovery on a Cloud PC."

+ms.localizationpriority: medium

+toc. Title: Cloud PC cross-region disaster recovery setting

+# cloudPcCrossRegionDisasterRecoverySetting resource type

+Namespace: microsoft.graph

+Represents the settings for cross-region disaster recovery on a Cloud PC.

+## Properties

+|Property|Type|Description|

+|:|:|:|

+|crossRegionDisasterRecoveryEnabled|Boolean|`True` if an end user is allowed to set up cross-region disaster recovery for Cloud PC; otherwise, `false`. The default value is `false`.|

+|disasterRecoveryNetworkSetting|[cloudPcDisasterRecoveryNetworkSetting](../resources/cloudpcdisasterrecoverynetworksetting.md)|Indicates the network settings of the Cloud PC during a cross-region disaster recovery operation.|

+|maintainCrossRegionRestorePointEnabled|Boolean|Indicates whether Windows 365 maintain the cross-region disaster recovery function generated restore points. If `true`, the Windows 365 stored restore points; `false` indicates that Windows 365 doesn't generate or keep the restore point from the original Cloud PC. If a disaster occurs, the new Cloud PC can only be provisioned using the initial image. This limitation can result in the loss of some user data on the original Cloud PC. The default value is `false`.|

+## Relationships

+None.

+## JSON representation

+The following JSON representation shows the resource type.

+<!-- {

+ "blockType": "resource",

+ "@odata.type": "microsoft.graph.cloudPcCrossRegionDisasterRecoverySetting"

+}

+-->

+``` json

+{

+ "@odata.type": "#microsoft.graph.cloudPcRestorePointSetting",

+ "crossRegionDisasterRecoveryEnabled": "Boolean",

+ "disasterRecoveryNetworkSetting": {"@odata.type": "microsoft.graph.cloudPcDisasterRecoveryNetworkSetting"},

+ "maintainCrossRegionRestorePointEnabled": "Boolean"

+}

+```

+ Title: "cloudPcDisasterRecoveryAzureConnectionSetting resource type"

+description: "Represents the Azure network connection configuration of backup Cloud PCs provisioned for cross-region disaster recovery."

+ms.localizationpriority: medium

+# cloudPcDisasterRecoveryAzureConnectionSetting resource type

+Namespace: microsoft.graph

+Represents the Azure network connection configuration of backup Cloud PCs provisioned for cross-region disaster recovery.

+Inherits from [cloudPcDisasterRecoveryNetworkSetting](../resources/cloudpcdisasterrecoverynetworksetting.md).

+## Properties

+|Property|Type|Description|

+|:|:|:|

+|onPremisesConnectionId|String|Indicates the unique ID of the virtual network that the new Cloud PC joins.|

+## Relationships

+None.

+## JSON representation

+The following JSON representation shows the resource type.

+<!-- {

+ "blockType": "resource",

+ "@odata.type": "microsoft.graph.cloudPcDisasterRecoveryAzureConnectionSetting"

+}

+-->

+``` json

+{

+ "@odata.type": "#microsoft.graph.cloudPcDisasterRecoveryAzureConnectionSetting",

+ "onPremisesConnectionId": "String"

+}

+```

+ Title: "cloudPcDisasterRecoveryMicrosoftHostedNetworkSetting resource type"

+description: "Represents the configuration of Microsoft-hosted network for backup Cloud PCs provisioned for cross-region disaster recovery."

+ms.localizationpriority: medium

+# cloudPcDisasterRecoveryMicrosoftHostedNetworkSetting resource type

+Namespace: microsoft.graph

+Represents the configuration of Microsoft-hosted network for backup Cloud PCs provisioned for cross-region disaster recovery.

+Inherits from [cloudPcDisasterRecoveryNetworkSetting](../resources/cloudpcdisasterrecoverynetworksetting.md).

+## Properties

+|Property|Type|Description|

+|:|:|:|

+|regionGroup|[cloudPcRegionGroup](../resources/cloudpcsupportedregion.md#cloudpcregiongroup-values)|Indicates the logic geographic group this region belongs to. Multiple regions can belong to one region group. When a region group is configured for disaster recovery, the new Cloud PC is assigned to one of the regions within the group based on resource availability. For example, the `europeUnion` region group contains the North Europe and West Europe regions. Possible values are: `default`, `australia`, `canada`, `usCentral`, `usEast`, `usWest`, `france`, `germany`, `europeUnion`, `unitedKingdom`, `japan`, `asia`, `india`, `southAmerica`, `euap`, `usGovernment`, `usGovernmentDOD`, `unknownFutureValue`, `norway`, `switzerland`，`southKorea`. You must use the `Prefer: include-unknown-enum-members` request header to get the following values in this [evolvable enum](/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): `norway`, `switzerland`，`southKorea`.|

+|regionName|String|Indicates the Azure region that the new Cloud PC is assigned to. The Windows 365 service creates and manages the underlying virtual network.|

+## Relationships

+None.

+## JSON representation

+The following JSON representation shows the resource type.

+<!-- {

+ "blockType": "resource",

+ "@odata.type": "microsoft.graph.cloudPcDisasterRecoveryMicrosoftHostedNetworkSetting"

+}

+-->

+``` json

+{

+ "@odata.type": "#microsoft.graph.cloudPcDisasterRecoveryMicrosoftHostedNetworkSetting",

+ "regionGroup": "String",

+ "regionName": "String"

+}

+```

+ Title: "cloudPcDisasterRecoveryNetworkSetting resource type"

+description: "An abstract type that represents the network configuration of backup Cloud PCs provisioned for cross-region disaster recovery."

+ms.localizationpriority: medium

+# cloudPcDisasterRecoveryNetworkSetting resource type

+Namespace: microsoft.graph

+An abstract type that represents the network configuration of backup Cloud PCs provisioned for cross-region disaster recovery.

+Base type of [cloudPcDisasterRecoveryAzureConnectionSetting](../resources/cloudpcdisasterrecoveryazureconnectionsetting.md) and [cloudPcDisasterRecoveryMicrosoftHostedNetworkSetting](../resources/cloudpcdisasterrecoverymicrosofthostednetworksetting.md)

+## Properties

+None.

+## Relationships

+None.

+## JSON representation

+The following JSON representation shows the resource type.

+<!-- {

+ "blockType": "resource",

+ "@odata.type": "microsoft.graph.cloudPcDisasterRecoveryNetworkSetting"

+}

+-->

+``` json

+{

+ "@odata.type": "#microsoft.graph.cloudPcDisasterRecoveryNetworkSetting"

+}

+```

+|crossRegionDisasterRecoverySetting|[cloudPcCrossRegionDisasterRecoverySetting](../resources/cloudpccrossregiondisasterrecoverysetting.md)|Defines whether the user's Cloud PC enables cross-region disaster recovery and specifies the network for the disaster recovery.|

+|resetEnabled|Boolean|Indicates whether an end user is allowed to reset their Cloud PC. When `true`, the user is allowed to reset their Cloud PC. When `false`, end-user initiated reset isn't allowed. The default value is `false`. |

+ "crossRegionDisasterRecoverySetting": {"@odata.type": "microsoft.graph.cloudPcCrossRegionDisasterRecoverySetting"},

+toc. Title: Cloud PC Windows setting

+toc. Title: Cloud PC Windows settings

+|[Delete](../api/community-delete.md)|None|Delete a Viva Engage [community](../resources/community.md) along with all associated Microsoft 365 content, including the connected Microsoft 365 group, OneNote notebook, and Planner plans.|

+| description | String | The description of the community. The maximum length is 1,024 characters. |

+| id | String | The unique identifier of the community. Read-only. Inherited from [entity](../resources/entity.md). |

+|secondaryDepartment|String | Secondary Department Name within a company. |

+ "secondaryDepartment": "String",

+|[Get](../api/contact-get.md) | [contact](contact.md) |Read properties and relationships of contact object.|

+|[Create](../api/user-post-contacts.md) | [contact](contact.md) |Add a contact to the root Contacts folder or to the contacts endpoint of another contact folder.|

+|[Update](../api/contact-update.md) | [contact](contact.md) |Update contact object. |

+|[Delete](../api/contact-delete.md) | None |Delete contact object. |

+|[Permanently delete](../api/contact-permanentdelete.md)|None|Permanently delete a contact and place it in the Purges folder in the Recoverable Items folder in the user's mailbox.|

+|changeKey|String|Identifies the version of the contact. Every time the contact is changed, **changeKey** changes as well, which allows Exchange to apply changes to the correct version of the object.|

+|displayName|String|The contact's display name. You can specify the display name in a [create](../api/user-post-contacts.md) or [update](../api/contact-update.md) operation. Later updates to other properties might cause an automatically generated value to overwrite the displayName value you specified. To preserve a pre-existing value, always include it as displayName in an [update](../api/contact-update.md) operation.|

+|[Get](../api/contactfolder-get.md) | [contactFolder](contactfolder.md) |Get a contact folder by using the contact folder ID.|

+|[Update](../api/contactfolder-update.md) | [contactFolder](contactfolder.md) |Update **contactFolder** object. |

+|[Delete](../api/contactfolder-delete.md) | None |Delete a **contactFolder** object. |

+|[Permanently delete](../api/contactfolder-permanentdelete.md)|None|Permanently delete a contact folder and remove its items from the user's mailbox.|

+|[Get contact delta](../api/contact-delta.md)|[contact](contact.md) collection| Get a set of contact folders that were added, deleted, or removed from the user's mailbox.|

+Indicates details of the device used in a sign-in activity. Includes information like device browser and OS info and if the device is Microsoft Entra ID-managed.

+|browser|String|Indicates the browser information of the used in the sign-in. Populated for devices registered in Microsoft Entra.|

+|deviceId|String|Refers to the unique ID of the device used in the sign-in. Populated for devices registered in Microsoft Entra.|

+|displayName|String|Refers to the name of the device used in the sign-in. Populated for devices registered in Microsoft Entra.|

+|operatingSystem|String|Indicates the OS name and version used in the sign-in.|

+|trustType|String|Indicates information on whether the device used in the sign-in is workplace-joined, Microsoft Entra-joined, domain-joined.|

+description: "The education APIs in Microsoft Graph enhance Microsoft 365 resources and data with information that is relevant for education scenarios, including schools, students, teachers, classes, enrollments, and assignments."

+To call the education APIs in Microsoft Graph, your app needs to acquire an access token. For details about access tokens, see [Get access tokens to call Microsoft Graph](/graph/auth/). Your app also needs the appropriate permissions. For more information, see [Education permissions](/graph/permissions-reference#education-permissions).

+- [educationTeacher](educationteacher.md) - Represents a user with the primary role of 'Teacher'.

+- [educationStudent](educationstudent.md) - Represents a user with the primary role of 'student'.

+## Classwork

+You can use Classwork as a one-stop shop to create and organize class resources, including assignments, OneNote Class Notebook pages, web links, files, and Teams channels. This means you no longer have to navigate multiple apps and platforms to find what you need. With Classwork, you can curate a view of content and resources that helps your students navigate the class and see everything in one place.

+The Classwork API provides the following key resources:

+- [educationModule](educationmodule.md) - A module is associated with a class. Represents a group of individual learning resources that are organized in a systematic way.

+- [educationModuleResource](educationmoduleresource.md) - A wrapper object that stores the resources associated with a module. The student is unable to update this resource, which is a handout from the teacher to the student with nothing to be turned in.

+The following lists show the scenarios supported by the Classwork API.

+### Modules

+The **educationModule** resource supports the following scenarios:

+- [List modules](../api/educationclass-list-modules.md)

+- [Create module](../api/educationclass-post-module.md)

+- [Get module](../api/educationmodule-get.md)

+- [Update module](../api/educationmodule-update.md)

+- [Delete module](../api/educationmodule-delete.md)

+- [Pin module](../api/educationmodule-pin.md)

+- [Unpin module](../api/educationmodule-unpin.md)

+- [Publish module](../api/educationmodule-publish.md)

+- [Set up module resources folder](../api/educationmodule-setupresourcesfolder.md)

+### Module resources

+The **educationModuleResource** resource supports the following scenarios:

+- [List module resources](../api/educationmodule-list-resources.md)

+- [Create module resource](../api/educationmodule-post-resources.md)

+- [Get module resource](../api/educationmoduleresource-get.md)

+- [Update module resource](../api/educationmoduleresource-update.md)

+- [Delete resource from module](../api/educationmoduleresource-delete.md)

+### Common use cases

+The following table shows some common use cases for the module-related education APIs.

+| Use case | Description | See also |

+|:|:--|:-|

+| Create a module | Only teachers in a class can create a module. Modules start in the draft state, which means that students don't see the modules until publication. | [Create educationModule](../api/educationclass-post-module.md) |

+| List modules | A teacher or an application with application permissions can see all module objects for the class. Students can only see published modules. | [List class modules](../api/educationclass-list-modules.md) |

+| Publish a module | Changes the state of an **educationModule** from its original `draft` status to the `published` status. | [educationModule: publish](../api/educationmodule-publish.md) |

+| Create a resource in a module | Only teachers can perform this operation. | [Create educationModuleResource](../api/educationmodule-post-resources.md) |

+| List module resources | Get all the **educationModuleResource** objects associated with a module. Only teachers, students, and applications with application permissions can perform this operation. | [List module resources](../api/educationmodule-list-resources.md) |

+|excusedBy|[identitySet](identityset.md)|The user that marked the submission as excused.|

+|excusedDateTime|DateTimeOffset|Moment in time when the submission was moved to the excused state. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|

+|reassignedBy|[identitySet](identityset.md)|User who moved the status of this submission to reassigned.|

+|reassignedDateTime|DateTimeOffset|Moment in time when the submission was reassigned. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|

+|resourcesFolderUrl|String|Folder where all file resources for this submission need to be stored.|

+ "excusedBy": {"@odata.type":"microsoft.graph.identitySet"},

+ "excusedDateTime": "String (timestamp)",

+|[List communities](../api/employeeexperience-list-communities.md)|[community](../resources/community.md) collection|Get a list of the Viva Engage [community](../resources/community.md) objects and their properties.|

+ Title: "Use the Microsoft Graph API to work with Viva Engage"

+# Use the Microsoft Graph API to work with Viva Engage

+For guidance on how to handle throttling in Microsoft Graph, see [Microsoft Graph throttling guidance](/graph/throttling).

+When an async operation is initiated, the method returns a `202 Accepted` response code and an `Operation-Location` header that contains the location of the **engagementAsyncOperation**. Periodically check the status of the operation by making a GET request to this location; wait >30 seconds between checks. When the request completes successfully, the operation **status** indicates `succeeded` and the **resourceLocation** points to the created or modified resource.

+### complianceStatus values

+|Member|

+|:|

+|compliant|

+|noncomplaint|

+|unknownFutureValue|

+### policyStatus values

+|Member|

+|:|

+|enabled|

+|disabled|

+|unknownFutureValue|

+### securityRequirementState values

+|Member|

+|:|

+|active|

+|preview|

+|unknownFutureValue|

+### securityRequirementType values

+|Member|

+|:|

+|mfaEnforcedForAdmins|

+|mfaEnforcedForAdminsOfCustomers|

+|securityAlertsPromptlyResolved|

+|securityContactProvided|

+|spendingBudgetSetForCustomerAzureSubscriptions|

+|unknownFutureValue|

+### provisionState values

+### approvalOperationStatus values

+### approverRole values

+### approvalItemState values

+### approvalItemType values

+### responseFeedbackType values

+### responseEmotionType values

+### virtualEventRegistrationPredefinedQuestionLabel values

+### fileStorageContainerOwnershipType values

+### groupAccessType values

+### fileStorageContainerStatus values

+### siteLockState values

+### userDefaultAuthenticationMethod values

+### applicationKeyUsage values

+### applicationKeyType values

+### plannerTaskCompletionRequirements values

+### plannerApprovalStatus values

+### applicationKeyOrigin values

+### authenticationAttributeCollectionInputType values

+### userType values

+### assignmentType values

+### courseStatus values

+### usqState values

+### userPurpose values

+### releaseType values

+### requiredLicenses values

+### recommendationCategory values

+### recommendationFeatureAreas values

+### recommendationPriority values

+### recommendationStatus values

+### recommendationType values

+### layoutTemplateType values

+### conditionalAccessExternalTenantsMembershipKind values

+### conditionalAccessGuestOrExternalUserTypes values

+### teamTemplateAudience values

+### decisionItemPrincipalResourceMembershipType values

+### signInFrequencyAuthenticationType values

+### signInFrequencyInterval values

+### authenticationProtocol values

+### federatedIdpMfaBehavior values

+### promptLoginBehavior values

+### bookingsAvailabilityStatus values

+### accessPackageCustomExtensionHandlerStatus values

+### accessPackageSubjectLifecycle values

+### customExtensionCalloutInstanceStatus values

+### accessPackageCustomExtensionStage values

+### accessReviewHistoryStatus values

+### accessReviewHistoryDecisionFilter values

+### crossTenantAccessPolicyTargetConfigurationAccessType values

+### crossTenantAccessPolicyTargetType values

+### multiTenantOrganizationMemberProcessingStatus values

+### multiTenantOrganizationMemberRole values

+### multiTenantOrganizationMemberState values

+### multiTenantOrganizationState values

+### templateApplicationLevel values

+### approvalFilterByCurrentUserOptions values

+### accessPackageFilterByCurrentUserOptions values

+### userSignInRecommendationScope values

+### incomingTokenType values

+| refreshToken |

+### protocolType values

+### accessReviewInstanceDecisionItemFilterByCurrentUserOptions values

+### accessReviewStageFilterByCurrentUserOptions values

+### continuousAccessEvaluationMode values

+### msiType values

+### multiFactorAuthConfiguration values

+### policyScope values

+### appManagementRestrictionState values

+### appCredentialRestrictionType values

+### appKeyCredentialRestrictionType values

+### synchronizationSecret values

+### synchronizationScheduleState values

+### synchronizationStatusCode values

+### synchronizationTaskExecutionResult values

+### quarantineReason values

+### attributeMappingSourceType values

+### filterMode values

+### lifecycleEventType values

+### changeType values

+### countryLookupMethodType values

+### approvalState values

+### roleSummaryStatus values

+### dataPolicyOperationStatus values

+### conditionalAccessClientApp values

+### consentRequestFilterByCurrentUserOptions values

+### attributeType values

+### scopeOperatorType values

+### synchronizationJobRestartScope values

+### synchronizationMetadata values

+### mutability values

+### directoryDefinitionDiscoverabilities values

+### objectDefinitionMetadata values

+### connectorGroupRegion values

+### connectorGroupType values

+### onPremisesPublishingType values

+### agentStatus values

+### connectorStatus values

+### callType values

+### tone values

+### callState values

+### routingPolicy values

+### meetingCapabilities values

+### onlineMeetingRole values

+### autoAdmittedUsersType values

+### mediaState values

+### callDirection values

+### modality values

+### endpointType values

+### kerberosSignOnMappingAttributeType values

+### externalAuthenticationType values

+### recipientScopeType values

+### appliedConditionalAccessPolicyResult values

+### microsoftAuthenticatorAuthenticationMode values

+### authenticationMethodFeature values

+### authMethodsType values

+### defaultMfaMethodType values

+### clientCredentialType values

+### azureADLicenseType values

+### conditionalAccessConditions values

+### conditionalAccessStatus values

+### featureType values

+### groupType values

+### includedUserRoles values

+### includedUserTypes values

+### initiatorType values

+### migrationStatus values

+### networkType values

+### operationResult values

+### provisioningResult values

+### provisioningStepType values

+### registrationAuthMethod values

+### registrationStatusType values

+### signInIdentifierType values

+### signInUserType values

+### requirementProvider values

+### riskDetail values

+### riskEventType values

+### usageAuthMethod values

+### authenticationAppAdminConfiguration values

+### authenticationAppEvaluation values

+### authenticationAppPolicyStatus values

+### authenticationMethodKeyStrength values

+### authenticationMethodPlatform values

+### authenticationContextDetail values

+### educationAddedStudentAction values

+### educationAddToCalendarOptions values

+### educationModuleStatus values

+### educationAssignmentStatus values

+### educationSubmissionStatus values

+### educationFeedbackResourceOutcomeStatus values

+### externalEmailOtpState values

+### expirationRequirement values

+### replyRestriction values

+### userNewMessageRestriction values

+### volumeType values

+### allowedAudiences values

+### attestationLevel values

+### emailType values

+### authenticationMethodSignInState values

+### authenticationPhoneType values

+### authenticationMethodTargetType values

+### authenticationMethodState values

+### fido2RestrictionEnforcementType values

+### x509CertificateAuthenticationMode values

+### x509CertificateAffinityLevel values

+### x509CertificateRuleType values

+### x509CertificateIssuerHintsState values

+### anniversaryType values

+### skillProficiencyLevel values

+### languageProficiencyLevel values

+### personRelationship values

+### attachmentType values

+### analyticsActivityType values

+### entityTypes values

+### searchAlterationType values

+### bucketAggregationSortProperty values

+### contactRelationship values

+### scheduleEntityTheme values

+### timeOffReasonIconType values

+### timeCardState values

+### scheduleChangeState values

+### scheduleChangeRequestActor values

+### windowsSettingType values

+### workforceIntegrationEncryptionProtocol values

+### workforceIntegrationSupportedEntities values

+### confirmedBy values

+### timeZoneStandard values

+### freeBusyStatus values

+### physicalAddressType values

+### attendeeType values

+### externalAudienceScope values

+### automaticRepliesStatus values

+### calendarColor values

+### educationSynchronizationProfileState values

+### educationSynchronizationStatus values

+### educationExternalSource values

+### educationGender values

+### eventType values

+### sensitivity values

+### importance values

+### educationUserRole values

+### meetingMessageType values

+### followupFlagStatus values

+### inferenceClassificationType values

+### iosNotificationAlertType values

+### deviceEnrollmentFailureReason values

+### bodyType values

+### locationType values

+### locationUniqueIdType values

+### messageActionFlag values

+### onenoteUserRole values

+### operationStatus values

+### onenotePatchActionType values

+### onenotePatchInsertPosition values

+### phoneType values

+### plannerPreviewType values

+### status values

+### weekIndex values

+### dayOfWeek values

+### recurrencePatternType values

+### recurrenceRangeType values

+### onenoteSourceService values

+### responseType values

+### activityDomain values

+### websiteType values

+### categoryColor values

+### alertFeedback values

+### fileHashType values

+### connectionDirection values

+### connectionStatus values

+### processIntegrityLevel values

+### registryHive values

+### registryOperation values

+### registryValueType values

+### alertSeverity values

+### alertStatus values

+### emailRole values

+### logonType values

+### userAccountSecurityType values

+### chatMessagePolicyViolationDlpActionType values

+### scopeOperatorMultiValuedComparisonType values

+### riskLevel values

+### riskState values

+### advancedConfigState values

+### referenceAttachmentPermission values

+### referenceAttachmentProvider values

+### exchangeIdFormat values

+### attributeDefinitionMetadata values

+### attributeFlowBehavior values

+### attributeFlowType values

+### objectFlowTypes values

+### objectMappingMetadata values

+### chatMessageType values

+### chatMessageImportance values

+### stagedFeatureName values

+### tokenIssuerType values

+### riskDetectionTimingType values

+### activityType values

+### chatMessagePolicyViolationUserActionType values

+### chatMessagePolicyViolationVerdictDetailsType values

+### entityType values

+### onlineMeetingProviderType values

+### delegateMeetingMessageDeliveryOptions values

+### calendarRoleType values

+### contentFormat values

+### contentState values

+### assignmentMethod values

+### actionSource values

+### contentAlignment values

+### watermarkLayout values

+### conditionalAccessPolicyState values

+### conditionalAccessGrantControl values

+### perUserMfaState values

+### conditionalAccessRule values

+### signInAccessType values

+### signinFrequencyType values

+### originalTransferMethods values

+### tokenProtectionStatus values

+### conditionalAccessAudienceReason values

+### persistentBrowserSessionMode values

+### cloudAppSecuritySessionControlType values

+### conditionalAccessDevicePlatform values

+### priority values

+### templateScenarios values

+### threatAssessmentContentType values

+### threatExpectedAssessment values

+### threatCategory values

+### threatAssessmentStatus values

+### threatAssessmentRequestSource values

+### threatAssessmentResultType values

+### mailDestinationRoutingReason values

+### threatAssessmentRequestPivotProperty values

+### userFlowType values

+### openIdConnectResponseMode values

+### wellknownListName values

+### taskStatus values

+### columnTypes values

+### contentModelType values

+### documentProcessingJobStatus values

+### documentProcessingJobType values

+### connectedOrganizationState values

+### identityUserFlowAttributeDataType values

+### identityUserFlowAttributeType values

+### permissionClassificationType values

+### permissionType values

+### identityUserFlowAttributeInputType values

+### teamworkActivityTopicSource values

+### cloudPcProvisioningPolicyImageType values

+### cloudPcPolicySettingType values

+### chatType values

+### singleSignOnMode values

+### plannerContainerType values

+### plannerPlanContextType values

+### plannerContextState values

+### plannerExternalTaskSourceDisplayType values

+### plannerCreationSourceKind values

+### teamsAppInstallationScope values

+### assignmentScheduleFilterByCurrentUserOptions values

+### assignmentScheduleInstanceFilterByCurrentUserOptions values

+### assignmentScheduleRequestFilterByCurrentUserOptions values

+### eligibilityScheduleFilterByCurrentUserOptions values

+### eligibilityScheduleInstanceFilterByCurrentUserOptions values

+### eligibilityScheduleRequestFilterByCurrentUserOptions values

+### privilegedAccessGroupAssignmentType values

+### privilegedAccessGroupMemberType values

+### privilegedAccessGroupRelationships values

+### scheduleRequestActions values

+### roleAssignmentScheduleRequestFilterByCurrentUserOptions values

+### roleAssignmentScheduleFilterByCurrentUserOptions values

+### roleAssignmentScheduleInstanceFilterByCurrentUserOptions values

+### roleEligibilityScheduleRequestFilterByCurrentUserOptions values

+### roleEligibilityScheduleFilterByCurrentUserOptions values

+### roleEligibilityScheduleInstanceFilterByCurrentUserOptions values

+### cloudPcAuditActivityOperationType values