openapi: 3.1.0 info: title: Microsoft Graph Devices description: Needs a description. paths: /devices: description: Provides operations to manage the collection of device entities. get: tags: - Devices.device summary: Microsoft Graph List devices description: Retrieve a list of device objects registered in the organization. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/device-list?view=graph-rest-1.0 operationId: devices.device.ListDevice parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.deviceCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - Devices.device summary: Microsoft Graph Create device description: Create and register a new device in the organization. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-post-devices?view=graph-rest-1.0 operationId: devices.device.CreateDevice requestBody: description: New entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' required: true responses: 2XX: description: Created entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /devices/{device-id}: description: Provides operations to manage the collection of device entities. get: tags: - Devices.device summary: Microsoft Graph Get device description: Get the properties and relationships of a device object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/device-get?view=graph-rest-1.0 operationId: devices.device.GetDevice parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - Devices.device summary: Microsoft Graph Update device description: >- Update the properties of a registered device. Only certain properties of a device can be updated through approved Mobile Device Managment (MDM) apps. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-update?view=graph-rest-1.0 operationId: devices.device.UpdateDevice requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - Devices.device summary: Microsoft Graph Delete device description: Delete a registered device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-delete?view=graph-rest-1.0 operationId: devices.device.DeleteDevice parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/extensions: description: >- Provides operations to manage the extensions property of the microsoft.graph.device entity. get: tags: - Devices.extension summary: Microsoft Graph Get extensions from devices description: >- The collection of open extensions defined for the device. Read-only. Nullable. operationId: devices.ListExtensions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.extensionCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - Devices.extension summary: Microsoft Graph Create new navigation property to extensions for devices operationId: devices.CreateExtensions requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/extensions/{extension-id}: description: >- Provides operations to manage the extensions property of the microsoft.graph.device entity. get: tags: - Devices.extension summary: Microsoft Graph Get extensions from devices description: >- The collection of open extensions defined for the device. Read-only. Nullable. operationId: devices.GetExtensions parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - Devices.extension summary: Microsoft Graph Update the navigation property extensions in devices operationId: devices.UpdateExtensions requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - Devices.extension summary: Microsoft Graph Delete navigation property extensions for devices operationId: devices.DeleteExtensions parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: extension-id in: path description: The unique identifier of extension required: true schema: type: string x-ms-docs-key-type: extension /devices/{device-id}/extensions/$count: description: Provides operations to count the resources in the collection. get: tags: - Devices.extension summary: Microsoft Graph Get the number of the resource operationId: devices.extensions.GetCount-40b0 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/memberOf: description: >- Provides operations to manage the memberOf property of the microsoft.graph.device entity. get: tags: - devices.directoryObject summary: Microsoft Graph List device memberships description: >- Get groups and administrative units that this device is a direct member of. This operation is not transitive. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-memberof?view=graph-rest-1.0 operationId: devices.ListMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/memberOf/{directoryObject-id}: description: >- Provides operations to manage the memberOf property of the microsoft.graph.device entity. get: tags: - devices.directoryObject summary: Microsoft Graph Get memberOf from devices description: >- Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand. operationId: devices.GetMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/memberOf/{directoryObject-id}/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit operationId: devices.GetMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/memberOf/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - devices.directoryObject summary: Microsoft Graph List device memberships description: >- Get groups and administrative units that this device is a direct member of. This operation is not transitive. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-memberof?view=graph-rest-1.0 operationId: devices.GetMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/memberOf/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.memberOf.GetCount-bd14 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/memberOf/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.administrativeUnit in the microsoft.graph.directoryObject collection operationId: devices.ListMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.administrativeUnitCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/memberOf/graph.administrativeUnit/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.MemberOf.GetCount.AsAdministrativeUnit-dd3f parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/memberOf/graph.group: description: Casts the previous resource to group. get: tags: - devices.directoryObject summary: Microsoft Graph List device memberships description: >- Get groups and administrative units that this device is a direct member of. This operation is not transitive. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-memberof?view=graph-rest-1.0 operationId: devices.ListMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/memberOf/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.MemberOf.GetCount.AsGroup-3872 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/checkMemberGroups: description: Provides operations to call the checkMemberGroups method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action checkMemberGroups description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 operationId: devices.device.checkMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: groupIds: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/checkMemberObjects: description: Provides operations to call the checkMemberObjects method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action checkMemberObjects operationId: devices.device.checkMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/getMemberGroups: description: Provides operations to call the getMemberGroups method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action getMemberGroups description: >- Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmembergroups?view=graph-rest-1.0 operationId: devices.device.getMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/getMemberObjects: description: Provides operations to call the getMemberObjects method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action getMemberObjects description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 operationId: devices.device.getMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/restore: description: Provides operations to call the restore method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action restore description: "Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user If an item is accidentally deleted, you can fully restore the item. Additionally, restoring an application doesn't automatically restore the associated service principal automatically. You must call this API to explicitly restore the deleted service principal. A recently deleted item remains available for up to 30 days. After 30 days, the item is permanently deleted." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-restore?view=graph-rest-1.0 operationId: devices.device.restore responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners: description: >- Provides operations to manage the registeredOwners property of the microsoft.graph.device entity. get: tags: - devices.directoryObject summary: Microsoft Graph List registeredOwners description: >- Retrieve a list of users that are registered owners of the device. A registered owner is the user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Currently, there can be only one owner. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-registeredowners?view=graph-rest-1.0 operationId: devices.ListRegisteredOwners parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/{directoryObject-id}/$ref: description: Provides operations to manage the collection of device entities. delete: tags: - devices.directoryObject summary: Microsoft Graph Delete registeredOwner description: Remove a user as a registered owner of the device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-delete-registeredowners?view=graph-rest-1.0 operationId: devices.registeredOwners.DeleteRefDirectoryObject parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredOwners/{directoryObject-id}/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment operationId: devices.GetRegisteredOwners.AsAppRoleAssignment parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredOwners/{directoryObject-id}/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint operationId: devices.GetRegisteredOwners.AsEndpoint parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredOwners/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: devices.GetRegisteredOwners.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredOwners/{directoryObject-id}/graph.user: description: Casts the previous resource to user. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.user operationId: devices.GetRegisteredOwners.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.user' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredOwners/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.registeredOwners.GetCount-d4e7 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/$ref: description: Provides operations to manage the collection of device entities. get: tags: - devices.directoryObject summary: Microsoft Graph List registeredOwners description: >- Retrieve a list of users that are registered owners of the device. A registered owner is the user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Currently, there can be only one owner. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-registeredowners?view=graph-rest-1.0 operationId: devices.ListRefRegisteredOwners parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - devices.directoryObject summary: Microsoft Graph Create registeredOwner description: Add a user as a registered owner of the device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-post-registeredowners?view=graph-rest-1.0 operationId: devices.CreateRefRegisteredOwners requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - devices.directoryObject summary: Microsoft Graph Delete registeredOwner description: Remove a user as a registered owner of the device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-delete-registeredowners?view=graph-rest-1.0 operationId: devices.DeleteRefRegisteredOwners parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.appRoleAssignment in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredOwners.AsAppRoleAssignment parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.appRoleAssignment/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredOwners.GetCount.AsAppRoleAssignment-6c67 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.endpoint in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredOwners.AsEndpoint parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.endpointCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.endpoint/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredOwners.GetCount.AsEndpoint-81ea parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredOwners.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredOwners.GetCount.AsServicePrincipal-bf43 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.user: description: Casts the previous resource to user. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.user in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredOwners.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.userCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredOwners/graph.user/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredOwners.GetCount.AsUser-8c65 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers: description: >- Provides operations to manage the registeredUsers property of the microsoft.graph.device entity. get: tags: - devices.directoryObject summary: Microsoft Graph List registeredUsers description: >- Retrieve a list of users that are registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-registeredusers?view=graph-rest-1.0 operationId: devices.ListRegisteredUsers parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/{directoryObject-id}/$ref: description: Provides operations to manage the collection of device entities. delete: tags: - devices.directoryObject summary: Microsoft Graph Delete registeredUser description: Remove a user as a registered user of the device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-delete-registeredusers?view=graph-rest-1.0 operationId: devices.registeredUsers.DeleteRefDirectoryObject parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredUsers/{directoryObject-id}/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment operationId: devices.GetRegisteredUsers.AsAppRoleAssignment parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredUsers/{directoryObject-id}/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint operationId: devices.GetRegisteredUsers.AsEndpoint parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredUsers/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: devices.GetRegisteredUsers.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredUsers/{directoryObject-id}/graph.user: description: Casts the previous resource to user. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.user operationId: devices.GetRegisteredUsers.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.user' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/registeredUsers/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.registeredUsers.GetCount-e934 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/$ref: description: Provides operations to manage the collection of device entities. get: tags: - devices.directoryObject summary: Microsoft Graph List registeredUsers description: >- Retrieve a list of users that are registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-registeredusers?view=graph-rest-1.0 operationId: devices.ListRefRegisteredUsers parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - devices.directoryObject summary: Microsoft Graph Create registeredUser description: Add a registered user for the device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-post-registeredusers?view=graph-rest-1.0 operationId: devices.CreateRefRegisteredUsers requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - devices.directoryObject summary: Microsoft Graph Delete registeredUser description: Remove a user as a registered user of the device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-delete-registeredusers?view=graph-rest-1.0 operationId: devices.DeleteRefRegisteredUsers parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.appRoleAssignment in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredUsers.AsAppRoleAssignment parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.appRoleAssignment/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredUsers.GetCount.AsAppRoleAssignment-7afb parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.endpoint in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredUsers.AsEndpoint parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.endpointCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.endpoint/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredUsers.GetCount.AsEndpoint-38fb parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredUsers.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredUsers.GetCount.AsServicePrincipal-c21e parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.user: description: Casts the previous resource to user. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.user in the microsoft.graph.directoryObject collection operationId: devices.ListRegisteredUsers.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.userCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/registeredUsers/graph.user/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.RegisteredUsers.GetCount.AsUser-ab49 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/transitiveMemberOf: description: >- Provides operations to manage the transitiveMemberOf property of the microsoft.graph.device entity. get: tags: - devices.directoryObject summary: Microsoft Graph List device transitive memberships description: >- Get the groups and administrative units that the device is a member of. This API request is transitive, and will also return all groups and administrative units the device is a nested member of. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-transitivememberof?view=graph-rest-1.0 operationId: devices.ListTransitiveMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/transitiveMemberOf/{directoryObject-id}: description: >- Provides operations to manage the transitiveMemberOf property of the microsoft.graph.device entity. get: tags: - devices.directoryObject summary: Microsoft Graph Get transitiveMemberOf from devices description: >- Groups and administrative units that the device is a member of. This operation is transitive. Supports $expand. operationId: devices.GetTransitiveMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/transitiveMemberOf/{directoryObject-id}/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit operationId: devices.GetTransitiveMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/transitiveMemberOf/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - devices.directoryObject summary: Microsoft Graph List device transitive memberships description: >- Get the groups and administrative units that the device is a member of. This API request is transitive, and will also return all groups and administrative units the device is a nested member of. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-transitivememberof?view=graph-rest-1.0 operationId: devices.GetTransitiveMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /devices/{device-id}/transitiveMemberOf/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.transitiveMemberOf.GetCount-5cbd parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/transitiveMemberOf/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - devices.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.administrativeUnit in the microsoft.graph.directoryObject collection operationId: devices.ListTransitiveMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.administrativeUnitCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/transitiveMemberOf/graph.administrativeUnit/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.TransitiveMemberOf.GetCount.AsAdministrativeUnit-24c9 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/transitiveMemberOf/graph.group: description: Casts the previous resource to group. get: tags: - devices.directoryObject summary: Microsoft Graph List device transitive memberships description: >- Get the groups and administrative units that the device is a member of. This API request is transitive, and will also return all groups and administrative units the device is a nested member of. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-list-transitivememberof?view=graph-rest-1.0 operationId: devices.ListTransitiveMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices/{device-id}/transitiveMemberOf/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - devices.directoryObject summary: Microsoft Graph Get the number of the resource operationId: devices.TransitiveMemberOf.GetCount.AsGroup-bca9 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: device-id in: path description: The unique identifier of device required: true schema: type: string x-ms-docs-key-type: device /devices(deviceId='{deviceId}'): description: Provides operations to manage the collection of device entities. get: tags: - Devices.device summary: Microsoft Graph Get device description: Get the properties and relationships of a device object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/device-get?view=graph-rest-1.0 operationId: devices.device.GetDeviceByDeviceId parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - Devices.device summary: Microsoft Graph Update device description: >- Update the properties of a registered device. Only certain properties of a device can be updated through approved Mobile Device Managment (MDM) apps. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-update?view=graph-rest-1.0 operationId: devices.device.UpdateDeviceByDeviceId requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - Devices.device summary: Microsoft Graph Delete device description: Delete a registered device. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/device-delete?view=graph-rest-1.0 operationId: devices.device.DeleteDeviceByDeviceId parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: deviceId in: path description: Alternate key of device required: true schema: type: string nullable: true /devices/$count: description: Provides operations to count the resources in the collection. get: tags: - Devices.device summary: Microsoft Graph Get the number of the resource operationId: devices.GetCount-3489 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /devices/delta(): description: Provides operations to call the delta method. get: tags: - devices.device.Functions summary: Microsoft Graph Invoke function delta description: >- Get newly created, updated, or deleted devices without performing a full read of the entire resource collection. For more information, see Use delta query to track changes in Microsoft Graph data for details. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/device-delta?view=graph-rest-1.0 operationId: devices.delta parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of device type: object allOf: - $ref: '#/components/schemas/BaseDeltaFunctionResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-grouped-path: - /devices/delta() /devices/getAvailableExtensionProperties: description: Provides operations to call the getAvailableExtensionProperties method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action getAvailableExtensionProperties description: >- Return all directory extension definitions that are registered in a directory, including through multitenant apps. The following entities support extension properties: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getavailableextensionproperties?view=graph-rest-1.0 operationId: devices.getAvailableExtensionProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: isSyncedFromOnPremises: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of extensionProperty type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.extensionProperty 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /devices/getByIds: description: Provides operations to call the getByIds method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action getByIds description: >- Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getbyids?view=graph-rest-1.0 operationId: devices.getByIds requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string types: type: array items: type: string nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /devices/validateProperties: description: Provides operations to call the validateProperties method. post: tags: - devices.device.Actions summary: Microsoft Graph Invoke action validateProperties description: "Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:\r\n1. Validate the prefix and suffix naming policy\r\n2. Validate the custom banned words policy\r\n3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-validateproperties?view=graph-rest-1.0 operationId: devices.validateProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: entityType: type: string nullable: true displayName: type: string nullable: true mailNickname: type: string nullable: true onBehalfOfUserId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid nullable: true required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action components: schemas: microsoft.graph.device: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: device required: - '@odata.type' type: object properties: accountEnabled: type: boolean description: >- true if the account is enabled; otherwise, false. Required. Default is true. Supports $filter (eq, ne, not, in). Only callers with at least the Cloud Device Administrator role can set this property. nullable: true alternativeSecurityIds: type: array items: $ref: '#/components/schemas/microsoft.graph.alternativeSecurityId' description: >- For internal use only. Not nullable. Supports $filter (eq, not, ge, le). approximateLastSignInDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null values) and $orderby. format: date-time nullable: true complianceExpirationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The timestamp when the device is no longer deemed compliant. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. format: date-time nullable: true deviceCategory: type: string description: >- User-defined property set by Intune to automatically add devices to groups and simplify managing devices. nullable: true deviceId: type: string description: >- Unique identifier set by Azure Device Registration Service at the time of registration. This alternate key can be used to reference the device object. Supports $filter (eq, ne, not, startsWith). nullable: true deviceMetadata: type: string description: For internal use only. Set to null. nullable: true deviceOwnership: type: string description: >- Ownership of the device. Intune sets this property. The possible values are: unknown, company, personal. nullable: true deviceVersion: maximum: 2147483647 minimum: -2147483648 type: number description: For internal use only. format: int32 nullable: true displayName: type: string description: >- The display name for the device. Maximum length is 256 characters. Required. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true enrollmentProfileName: type: string description: >- Enrollment profile applied to the device. For example, Apple Device Enrollment Profile, Device enrollment - Corporate device identifiers, or Windows Autopilot profile name. This property is set by Intune. nullable: true enrollmentType: type: string description: >- Enrollment type of the device. Intune sets this property. The possible values are: unknown, userEnrollment, deviceEnrollmentManager, appleBulkWithUser, appleBulkWithoutUser, windowsAzureADJoin, windowsBulkUserless, windowsAutoEnrollment, windowsBulkAzureDomainJoin, windowsCoManagement, windowsAzureADJoinUsingDeviceAuth,appleUserEnrollment, appleUserEnrollmentWithServiceAccount. NOTE: This property might return other values apart from those listed. nullable: true isCompliant: type: boolean description: >- true if the device complies with Mobile Device Management (MDM) policies; otherwise, false. Read-only. This can only be updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). nullable: true isManaged: type: boolean description: >- true if the device is managed by a Mobile Device Management (MDM) app; otherwise, false. This can only be updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). nullable: true isManagementRestricted: type: boolean description: >- Indicates whether the device is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a device that's a member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isRooted: type: boolean description: >- true if the device is rooted or jail-broken. This property can only be updated by Intune. nullable: true managementType: type: string description: >- The management channel of the device. This property is set by Intune. The possible values are: eas, mdm, easMdm, intuneClient, easIntuneClient, configurationManagerClient, configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, jamf, googleCloudDevicePolicyController. nullable: true manufacturer: type: string description: Manufacturer of the device. Read-only. nullable: true mdmAppId: type: string description: >- Application identifier used to register device into MDM. Read-only. Supports $filter (eq, ne, not, startsWith). nullable: true model: type: string description: Model of the device. Read-only. nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The last time at which the object was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z Read-only. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesSecurityIdentifier: type: string description: >- The on-premises security identifier (SID) for the user who was synchronized from on-premises to the cloud. Read-only. Returned only on $select. Supports $filter (eq). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory (default). Read-only. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true operatingSystem: type: string description: >- The type of operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null values). nullable: true operatingSystemVersion: type: string description: >- The version of the operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null values). nullable: true physicalIds: type: array items: type: string description: >- For internal use only. Not nullable. Supports $filter (eq, not, ge, le, startsWith,/$count eq 0, /$count ne 0). profileType: type: string description: >- The profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. nullable: true registrationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Date and time of when the device was registered. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. format: date-time nullable: true systemLabels: type: array items: type: string description: >- List of labels applied to the device by the system. Supports $filter (/$count eq 0, /$count ne 0). trustType: type: string description: >- Type of trust for the joined device. Read-only. Possible values: Workplace (indicates bring your own personal devices), AzureAd (Cloud-only joined devices), ServerAd (on-premises domain joined devices joined to Microsoft Entra ID). For more information, see Introduction to device management in Microsoft Entra ID. Supports $filter (eq, ne, not, in). nullable: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the device. Read-only. Nullable. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true registeredOwners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true registeredUsers: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Collection of registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups and administrative units that the device is a member of. This operation is transitive. Supports $expand. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.device' x-ms-discriminator-value: '#microsoft.graph.device' microsoft.graph.extension: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: extension required: - '@odata.type' type: object properties: '@odata.type': type: string discriminator: propertyName: '@odata.type' mapping: '#microsoft.graph.openTypeExtension': '#/components/schemas/microsoft.graph.openTypeExtension' microsoft.graph.directoryObject: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: directoryObject required: - '@odata.type' type: object properties: deletedDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Date and time when this object was deleted. Always null when the object hasn't been deleted. format: date-time nullable: true '@odata.type': type: string discriminator: propertyName: '@odata.type' mapping: '#microsoft.graph.administrativeUnit': '#/components/schemas/microsoft.graph.administrativeUnit' '#microsoft.graph.application': '#/components/schemas/microsoft.graph.application' '#microsoft.graph.appRoleAssignment': '#/components/schemas/microsoft.graph.appRoleAssignment' '#microsoft.graph.certificateAuthorityDetail': '#/components/schemas/microsoft.graph.certificateAuthorityDetail' '#microsoft.graph.certificateBasedAuthPki': '#/components/schemas/microsoft.graph.certificateBasedAuthPki' '#microsoft.graph.contract': '#/components/schemas/microsoft.graph.contract' '#microsoft.graph.device': '#/components/schemas/microsoft.graph.device' '#microsoft.graph.directoryObjectPartnerReference': >- #/components/schemas/microsoft.graph.directoryObjectPartnerReference '#microsoft.graph.directoryRole': '#/components/schemas/microsoft.graph.directoryRole' '#microsoft.graph.directoryRoleTemplate': '#/components/schemas/microsoft.graph.directoryRoleTemplate' '#microsoft.graph.endpoint': '#/components/schemas/microsoft.graph.endpoint' '#microsoft.graph.extensionProperty': '#/components/schemas/microsoft.graph.extensionProperty' '#microsoft.graph.group': '#/components/schemas/microsoft.graph.group' '#microsoft.graph.groupSettingTemplate': '#/components/schemas/microsoft.graph.groupSettingTemplate' '#microsoft.graph.multiTenantOrganizationMember': >- #/components/schemas/microsoft.graph.multiTenantOrganizationMember '#microsoft.graph.organization': '#/components/schemas/microsoft.graph.organization' '#microsoft.graph.orgContact': '#/components/schemas/microsoft.graph.orgContact' '#microsoft.graph.policyBase': '#/components/schemas/microsoft.graph.policyBase' '#microsoft.graph.appManagementPolicy': '#/components/schemas/microsoft.graph.appManagementPolicy' '#microsoft.graph.authorizationPolicy': '#/components/schemas/microsoft.graph.authorizationPolicy' '#microsoft.graph.crossTenantAccessPolicy': '#/components/schemas/microsoft.graph.crossTenantAccessPolicy' '#microsoft.graph.identitySecurityDefaultsEnforcementPolicy': >- #/components/schemas/microsoft.graph.identitySecurityDefaultsEnforcementPolicy '#microsoft.graph.permissionGrantPolicy': '#/components/schemas/microsoft.graph.permissionGrantPolicy' '#microsoft.graph.stsPolicy': '#/components/schemas/microsoft.graph.stsPolicy' '#microsoft.graph.activityBasedTimeoutPolicy': '#/components/schemas/microsoft.graph.activityBasedTimeoutPolicy' '#microsoft.graph.claimsMappingPolicy': '#/components/schemas/microsoft.graph.claimsMappingPolicy' '#microsoft.graph.homeRealmDiscoveryPolicy': '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' '#microsoft.graph.tokenIssuancePolicy': '#/components/schemas/microsoft.graph.tokenIssuancePolicy' '#microsoft.graph.tokenLifetimePolicy': '#/components/schemas/microsoft.graph.tokenLifetimePolicy' '#microsoft.graph.tenantAppManagementPolicy': '#/components/schemas/microsoft.graph.tenantAppManagementPolicy' '#microsoft.graph.resourceSpecificPermissionGrant': >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant '#microsoft.graph.servicePrincipal': '#/components/schemas/microsoft.graph.servicePrincipal' '#microsoft.graph.user': '#/components/schemas/microsoft.graph.user' microsoft.graph.administrativeUnit: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: administrativeUnit required: - '@odata.type' type: object properties: description: type: string description: >- An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search. nullable: true displayName: type: string description: >- Display name for the administrative unit. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true isMemberManagementRestricted: type: boolean description: >- true if members of this administrative unit should be treated as sensitive, which requires specific permissions to manage. If not set, the default value is null and the default behavior is false. Use this property to define administrative units with roles that don't inherit from tenant-level administrators, and where the management of individual member objects is limited to administrators scoped to a restricted management administrative unit. This property is immutable and can't be changed later. For more information on how to work with restricted management administrative units, see Restricted management administrative units in Microsoft Entra ID. nullable: true membershipRule: type: string description: >- The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic administrative units and dynamic groups, see Manage rules for dynamic membership groups in Microsoft Entra ID. nullable: true membershipRuleProcessingState: type: string description: >- Controls whether the dynamic membership rule is actively processed. Set to On to activate the dynamic membership rule, or Paused to stop updating membership dynamically. nullable: true membershipType: type: string description: >- Indicates the membership type for the administrative unit. The possible values are: dynamic, assigned. If not set, the default value is null and the default behavior is assigned. nullable: true visibility: type: string description: >- Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership. If not set, the default value is null and the default behavior is public. When set to HiddenMembership, only members of the administrative unit can list other members of the administrative unit. nullable: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for this administrative unit. Nullable. x-ms-navigationProperty: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Users and groups that are members of this administrative unit. Supports $expand. x-ms-navigationProperty: true scopedRoleMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' description: Scoped-role members of this administrative unit. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.administrativeUnit' x-ms-discriminator-value: '#microsoft.graph.administrativeUnit' microsoft.graph.group: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: group required: - '@odata.type' type: object properties: allowExternalSenders: type: boolean description: >- Indicates if people external to the organization can send messages to the group. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true assignedLabels: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLabel' description: >- The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. Returned only on $select. This property can be updated only in delegated scenarios where the caller requires both the Microsoft Graph permission and a supported administrator role. assignedLicenses: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLicense' description: >- The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq). Read-only. autoSubscribeNewMembers: type: boolean description: >- Indicates if new members added to the group are autosubscribed to receive email notifications. You can set this property in a PATCH request for the group; don't set it in the initial POST request that creates the group. Default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true classification: type: string description: >- Describes a classification for the group (such as low, medium, or high business impact). Valid values for this property are defined by creating a ClassificationList setting value, based on the template definition.Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group was created. The value can't be modified and is automatically populated when the group is created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. format: date-time nullable: true description: type: string description: >- An optional description for the group. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true displayName: type: string description: >- The display name for the group. This property is required when a group is created and can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true expirationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group is set to expire. It's null for security groups, but for Microsoft 365 groups, it represents when the group is set to expire as defined in the groupLifecyclePolicy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. format: date-time nullable: true groupTypes: type: array items: type: string description: >- Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; otherwise, it's either a security group or a distribution group. For details, see groups overview.If the collection includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. Supports $filter (eq, not). hasMembersWithLicenseErrors: type: boolean description: >- Indicates whether there are members in this group that have license errors from its group-based license assignment. This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have members with license errors (that is, filter for this property being true). See an example. Supports $filter (eq). nullable: true hideFromAddressLists: type: boolean description: >- True if the group isn't displayed in certain parts of the Outlook UI: the Address Book, address lists for selecting message recipients, and the Browse Groups dialog for searching groups; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true hideFromOutlookClients: type: boolean description: >- True if the group isn't displayed in Outlook clients, such as Outlook for Windows and Outlook on the web; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true isArchived: type: boolean description: >- When a group is associated with a team, this property determines whether the team is in read-only mode.To read this property, use the /group/{groupId}/team endpoint or the Get team API. To update this property, use the archiveTeam and unarchiveTeam APIs. nullable: true isAssignableToRole: type: boolean description: >- Indicates whether this group can be assigned to a Microsoft Entra role. Optional. This property can only be set while creating the group and is immutable. If set to true, the securityEnabled property must also be set to true, visibility must be Hidden, and the group can't be a dynamic group (that is, groupTypes can't contain DynamicMembership). Only callers with at least the Privileged Role Administrator role can set this property. The caller must also be assigned the RoleManagement.ReadWrite.Directory permission to set this property or update the membership of such groups. For more, see Using a group to manage Microsoft Entra role assignmentsUsing this feature requires a Microsoft Entra ID P1 license. Returned by default. Supports $filter (eq, ne, not). nullable: true isManagementRestricted: type: boolean description: >- Indicates whether the group is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a group member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isSubscribedByMail: type: boolean description: >- Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true licenseProcessingState: anyOf: - $ref: '#/components/schemas/microsoft.graph.licenseProcessingState' - type: object nullable: true description: >- Indicates the status of the group license assignment to all group members. The default value is false. Read-only. Possible values: QueuedForProcessing, ProcessingInProgress, and ProcessingComplete.Returned only on $select. Read-only. mail: type: string description: >- The SMTP address for the group, for example, 'serviceadmins@contoso.com'. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true mailEnabled: type: boolean description: >- Specifies whether the group is mail-enabled. Required. Returned by default. Supports $filter (eq, ne, not). nullable: true mailNickname: type: string description: >- The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the ASCII character set 0 - 127 except the following characters: @ () / [] ' ; : <> , SPACE. Required. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true membershipRule: type: string description: >- The rule that determines members for this group if the group is a dynamic group (groupTypes contains DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). nullable: true membershipRuleProcessingState: type: string description: >- Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by default. Supports $filter (eq, ne, not, in). nullable: true onPremisesDomainName: type: string description: >- Contains the on-premises domain FQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Indicates the last time at which the group was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesNetBiosName: type: string description: >- Contains the on-premises netBios name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. nullable: true onPremisesProvisioningErrors: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesProvisioningError description: >- Errors when using Microsoft synchronization product during provisioning. Returned by default. Supports $filter (eq, not). onPremisesSamAccountName: type: string description: >- Contains the on-premises SAM account name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith). Read-only. nullable: true onPremisesSecurityIdentifier: type: string description: >- Contains the on-premises security identifier (SID) for the group synchronized from on-premises to the cloud. Read-only. Returned by default. Supports $filter (eq including on null values). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this group is synced from an on-premises directory; false if this group was originally synced from an on-premises directory but is no longer synced; null if this object has never synced from an on-premises directory (default). Returned by default. Read-only. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true preferredDataLocation: type: string description: >- The preferred data location for the Microsoft 365 group. By default, the group inherits the group creator's preferred data location. To set this property, the calling app must be granted the Directory.ReadWrite.All permission and the user be assigned at least one of the following Microsoft Entra roles: User Account Administrator Directory Writer Exchange Administrator SharePoint Administrator For more information about this property, see OneDrive Online Multi-Geo. Nullable. Returned by default. nullable: true preferredLanguage: type: string description: >- The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example, en-US. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true proxyAddresses: type: array items: type: string description: >- Email addresses for the group that direct to the same group mailbox. For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. The any operator is required to filter expressions on multi-valued properties. Returned by default. Read-only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). renewedDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group was last renewed. This value can't be modified directly and is only updated via the renew service action. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. format: date-time nullable: true securityEnabled: type: boolean description: >- Specifies whether the group is a security group. Required. Returned by default. Supports $filter (eq, ne, not, in). nullable: true securityIdentifier: type: string description: >- Security identifier of the group, used in Windows scenarios. Read-only. Returned by default. nullable: true serviceProvisioningErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.serviceProvisioningError' description: >- Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a group object. Supports $filter (eq, not, for isResolved and serviceInstance). theme: type: string description: >- Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange, or Red. Returned by default. nullable: true uniqueName: type: string description: >- The unique identifier that can be assigned to a group and used as an alternate key. Immutable. Read-only. nullable: true unseenCount: maximum: 2147483647 minimum: -2147483648 type: number description: >- Count of conversations that received new posts since the signed-in user last visited the group. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). format: int32 nullable: true visibility: type: string description: >- Specifies the group join policy and group content visibility for groups. The possible values are: Private, Public, or HiddenMembership. HiddenMembership can be set only for Microsoft 365 groups when the groups are created. It can't be updated later. Other values of visibility can be updated after group creation. If visibility value isn't specified during group creation on Microsoft Graph, a security group is created as Private by default, and the Microsoft 365 group is Public. Groups assignable to roles are always Private. To learn more, see group visibility options. Returned by default. Nullable. nullable: true acceptedSenders: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The list of users or groups allowed to create posts or calendar events in this group. If this list is nonempty, then only users or groups listed here are allowed to post. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- Represents the app roles granted to a group for an application. Supports $expand. x-ms-navigationProperty: true calendar: anyOf: - $ref: '#/components/schemas/microsoft.graph.calendar' - type: object nullable: true description: The group's calendar. Read-only. x-ms-navigationProperty: true calendarView: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The calendar view for the calendar. Read-only. x-ms-navigationProperty: true conversations: type: array items: $ref: '#/components/schemas/microsoft.graph.conversation' description: The group's conversations. x-ms-navigationProperty: true createdOnBehalfOf: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The user (or application) that created the group. NOTE: This property isn't set if the user is an administrator. Read-only. x-ms-navigationProperty: true drive: anyOf: - $ref: '#/components/schemas/microsoft.graph.drive' - type: object nullable: true description: The group's default drive. Read-only. x-ms-navigationProperty: true drives: type: array items: $ref: '#/components/schemas/microsoft.graph.drive' description: The group's drives. Read-only. x-ms-navigationProperty: true events: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The group's calendar events. x-ms-navigationProperty: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the group. Read-only. Nullable. x-ms-navigationProperty: true groupLifecyclePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.groupLifecyclePolicy' description: >- The collection of lifecycle policies for this group. Read-only. Nullable. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups that this group is a member of. HTTP Methods: GET (supported for all groups). Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The members of this group, who can be users, devices, other groups, or service principals. Supports the List members, Add member, and Remove member operations. Nullable. Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=members($select=id,userPrincipalName,displayName). x-ms-navigationProperty: true membersWithLicenseErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- A list of group members with license errors from this group-based license assignment. Read-only. x-ms-navigationProperty: true onenote: anyOf: - $ref: '#/components/schemas/microsoft.graph.onenote' - type: object nullable: true x-ms-navigationProperty: true onPremisesSyncBehavior: anyOf: - $ref: '#/components/schemas/microsoft.graph.onPremisesSyncBehavior' - type: object nullable: true x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The owners of the group who can be users or service principals. Limited to 100 owners. Nullable. If this property isn't specified when creating a Microsoft 365 group the calling user (admin or non-admin) is automatically assigned as the group owner. A non-admin user can't explicitly add themselves to this collection when they're creating the group. For more information, see the related known issue. For security groups, the admin user isn't automatically added to this collection. For more information, see the related known issue. Supports $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1); Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=owners($select=id,userPrincipalName,displayName). x-ms-navigationProperty: true permissionGrants: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant x-ms-navigationProperty: true photo: anyOf: - $ref: '#/components/schemas/microsoft.graph.profilePhoto' - type: object nullable: true description: The group's profile photo x-ms-navigationProperty: true photos: type: array items: $ref: '#/components/schemas/microsoft.graph.profilePhoto' description: The profile photos owned by the group. Read-only. Nullable. x-ms-navigationProperty: true planner: anyOf: - $ref: '#/components/schemas/microsoft.graph.plannerGroup' - type: object nullable: true description: >- Entry-point to Planner resource that might exist for a Unified Group. x-ms-navigationProperty: true rejectedSenders: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The list of users or groups not allowed to create posts or calendar events in this group. Nullable x-ms-navigationProperty: true settings: type: array items: $ref: '#/components/schemas/microsoft.graph.groupSetting' description: >- Settings that can govern this group's behavior, like whether members can invite guests to the group. Nullable. x-ms-navigationProperty: true sites: type: array items: $ref: '#/components/schemas/microsoft.graph.site' description: >- The list of SharePoint sites in this group. Access the default site with /sites/root. x-ms-navigationProperty: true team: anyOf: - $ref: '#/components/schemas/microsoft.graph.team' - type: object nullable: true description: The team associated with this group. x-ms-navigationProperty: true threads: type: array items: $ref: '#/components/schemas/microsoft.graph.conversationThread' description: The group's conversation threads. Nullable. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups that a group is a member of, either directly or through nested membership. Nullable. x-ms-navigationProperty: true transitiveMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: The direct and transitive members of a group. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.group' description: Represents a Microsoft Entra group. x-ms-discriminator-value: '#microsoft.graph.group' BaseCollectionPaginationCountResponse: title: Base collection pagination and count responses type: object properties: '@odata.count': type: integer format: int64 nullable: true '@odata.nextLink': type: string nullable: true microsoft.graph.appRoleAssignment: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: appRoleAssignment required: - '@odata.type' type: object properties: appRoleId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- The identifier (id) for the app role that's assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application hasn't declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create. format: uuid createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The time when the app role assignment was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. format: date-time nullable: true principalDisplayName: type: string description: >- The display name of the user, group, or service principal that was granted the app role assignment. Maximum length is 256 characters. Read-only. Supports $filter (eq and startswith). nullable: true principalId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- The unique identifier (id) for the user, security group, or service principal being granted the app role. Security groups with dynamic memberships are supported. Required on create. format: uuid nullable: true principalType: type: string description: >- The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only. nullable: true resourceDisplayName: type: string description: >- The display name of the resource app's service principal to which the assignment is made. Maximum length is 256 characters. nullable: true resourceId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only). format: uuid nullable: true '@odata.type': type: string default: '#microsoft.graph.appRoleAssignment' x-ms-discriminator-value: '#microsoft.graph.appRoleAssignment' microsoft.graph.endpoint: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: endpoint required: - '@odata.type' type: object properties: capability: type: string providerId: type: string nullable: true providerName: type: string nullable: true providerResourceId: type: string nullable: true uri: type: string '@odata.type': type: string default: '#microsoft.graph.endpoint' x-ms-discriminator-value: '#microsoft.graph.endpoint' microsoft.graph.servicePrincipal: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: servicePrincipal required: - '@odata.type' type: object properties: accountEnabled: type: boolean description: >- true if the service principal account is enabled; otherwise, false. If set to false, then no users are able to sign in to this app, even if they're assigned to it. Supports $filter (eq, ne, not, in). nullable: true addIns: type: array items: $ref: '#/components/schemas/microsoft.graph.addIn' description: >- Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its 'FileHandler' functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on. alternativeNames: type: array items: type: string description: >- Used to retrieve service principals by subscription, identify resource group and full resource IDs for managed identities. Supports $filter (eq, not, ge, le, startsWith). appDescription: type: string description: The description exposed by the associated application. nullable: true appDisplayName: type: string description: >- The display name exposed by the associated application. Maximum length is 256 characters. nullable: true appId: type: string description: >- The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, not, in, startsWith). nullable: true applicationTemplateId: type: string description: >- Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the service principal wasn't created from an application template. nullable: true appOwnerOrganizationId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Contains the tenant ID where the application is registered. This is applicable only to service principals backed by applications. Supports $filter (eq, ne, NOT, ge, le). format: uuid nullable: true appRoleAssignmentRequired: type: boolean description: >- Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter (eq, ne, NOT). appRoles: type: array items: $ref: '#/components/schemas/microsoft.graph.appRole' description: >- The roles exposed by the application that's linked to this service principal. For more information, see the appRoles property definition on the application entity. Not nullable. customSecurityAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeValue - type: object nullable: true description: >- An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role. description: type: string description: >- Free text field to provide an internal end-user facing description of the service principal. End-user portals such MyApps displays the application description in this field. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true disabledByMicrosoftStatus: type: string description: >- Specifies whether Microsoft has disabled the registered application. The possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). nullable: true displayName: type: string description: >- The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true homepage: type: string description: Home page or landing page of the application. nullable: true info: anyOf: - $ref: '#/components/schemas/microsoft.graph.informationalUrl' - type: object nullable: true description: >- Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values). keyCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.keyCredential' description: >- The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, le). loginUrl: type: string description: >- Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL. nullable: true logoutUrl: type: string description: >- Specifies the URL that the Microsoft's authorization service uses to sign out a user using OpenID Connect front-channel, back-channel, or SAML sign out protocols. nullable: true notes: type: string description: >- Free text field to capture information about the service principal, typically used for operational purposes. Maximum allowed size is 1,024 characters. nullable: true notificationEmailAddresses: type: array items: type: string description: >- Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery applications. oauth2PermissionScopes: type: array items: $ref: '#/components/schemas/microsoft.graph.permissionScope' description: >- The delegated permissions exposed by the application. For more information, see the oauth2PermissionScopes property on the application entity's api property. Not nullable. passwordCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.passwordCredential' description: >- The collection of password credentials associated with the application. Not nullable. preferredSingleSignOnMode: type: string description: >- Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. Note: This field might be null for older SAML apps and for OIDC applications where it isn't set automatically. nullable: true preferredTokenSigningKeyThumbprint: type: string description: >- This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which certificate is used to sign the SAML responses. For applications that aren't SAML, don't write or otherwise rely on this property. nullable: true replyUrls: type: array items: type: string description: >- The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable. resourceSpecificApplicationPermissions: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermission description: >- The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for Teams apps accessing to specific chats and teams using Microsoft Graph. Read-only. samlSingleSignOnSettings: anyOf: - $ref: >- #/components/schemas/microsoft.graph.samlSingleSignOnSettings - type: object nullable: true description: The collection for settings related to saml single sign-on. servicePrincipalNames: type: array items: type: string description: >- Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the 'aud' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith). servicePrincipalType: type: string description: >- Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren't issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can't be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn't have an associated app registration. The appId value doesn't associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use. nullable: true signInAudience: type: string description: >- Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values are:AzureADMyOrg: Users with a Microsoft work or school account in my organization's Microsoft Entra tenant (single-tenant).AzureADMultipleOrgs: Users with a Microsoft work or school account in any organization's Microsoft Entra tenant (multitenant).AzureADandPersonalMicrosoftAccount: Users with a personal Microsoft account, or a work or school account in any organization's Microsoft Entra tenant.PersonalMicrosoftAccount: Users with a personal Microsoft account only. nullable: true tags: type: array items: type: string description: >- Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated application entity's tags property.Supports $filter (eq, not, ge, le, startsWith). tokenEncryptionKeyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. format: uuid nullable: true verifiedPublisher: anyOf: - $ref: '#/components/schemas/microsoft.graph.verifiedPublisher' - type: object nullable: true description: >- Specifies the verified publisher of the application that's linked to this service principal. appManagementPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.appManagementPolicy' description: The appManagementPolicy applied to this application. x-ms-navigationProperty: true appRoleAssignedTo: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- App role assignments for this app or service, granted to users, groups, and other service principals. Supports $expand. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- App role assignment for another app or service, granted to this service principal. Supports $expand. x-ms-navigationProperty: true claimsMappingPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.claimsMappingPolicy' description: >- The claimsMappingPolicies assigned to this service principal. Supports $expand. x-ms-navigationProperty: true createdObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects created by this service principal. Read-only. Nullable. x-ms-navigationProperty: true delegatedPermissionClassifications: type: array items: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification x-ms-navigationProperty: true endpoints: type: array items: $ref: '#/components/schemas/microsoft.graph.endpoint' x-ms-navigationProperty: true federatedIdentityCredentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential description: >- Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0). x-ms-navigationProperty: true homeRealmDiscoveryPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' description: >- The homeRealmDiscoveryPolicies assigned to this service principal. Supports $expand. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true oauth2PermissionGrants: type: array items: $ref: '#/components/schemas/microsoft.graph.oAuth2PermissionGrant' description: >- Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. Read-only. Nullable. x-ms-navigationProperty: true ownedObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that this service principal owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. x-ms-navigationProperty: true remoteDesktopSecurityConfiguration: anyOf: - $ref: >- #/components/schemas/microsoft.graph.remoteDesktopSecurityConfiguration - type: object nullable: true description: >- The remoteDesktopSecurityConfiguration object applied to this service principal. Supports $filter (eq) for isRemoteDesktopProtocolEnabled property. x-ms-navigationProperty: true synchronization: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronization' - type: object nullable: true description: >- Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. x-ms-navigationProperty: true tokenIssuancePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenIssuancePolicy' description: The tokenIssuancePolicies assigned to this service principal. x-ms-navigationProperty: true tokenLifetimePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenLifetimePolicy' description: The tokenLifetimePolicies assigned to this service principal. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.servicePrincipal' x-ms-discriminator-value: '#microsoft.graph.servicePrincipal' microsoft.graph.user: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: user required: - '@odata.type' type: object properties: aboutMe: type: string description: >- A freeform text entry field for the user to describe themselves. Returned only on $select. nullable: true accountEnabled: type: boolean description: >- true if the account is enabled; otherwise, false. This property is required when a user is created. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true ageGroup: type: string description: >- Sets the age group of the user. Allowed values: null, Minor, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true assignedLicenses: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLicense' description: >- The licenses that are assigned to the user, including inherited (group-based) licenses. This property doesn't differentiate between directly assigned and inherited licenses. Use the licenseAssignmentStates property to identify the directly assigned and inherited licenses. Not nullable. Returned only on $select. Supports $filter (eq, not, /$count eq 0, /$count ne 0). assignedPlans: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedPlan' description: >- The plans that are assigned to the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq and not). authorizationInfo: anyOf: - $ref: '#/components/schemas/microsoft.graph.authorizationInfo' - type: object nullable: true birthday: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. format: date-time businessPhones: type: array items: type: string description: >- The telephone numbers for the user. NOTE: Although it's a string collection, only one number can be set for this property. Read-only for users synced from the on-premises directory. Returned by default. Supports $filter (eq, not, ge, le, startsWith). city: type: string description: >- The city where the user is located. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true companyName: type: string description: >- The name of the company that the user is associated with. This property can be useful for describing the company that a guest comes from. The maximum length is 64 characters.Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true consentProvidedForMinor: type: string description: >- Sets whether consent was obtained for minors. Allowed values: null, Granted, Denied, and NotRequired. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true country: type: string description: >- The country or region where the user is located; for example, US or UK. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time the user was created, in ISO 8601 format and UTC. The value can't be modified and is automatically populated when the entity is created. Nullable. For on-premises users, the value represents when they were first created in Microsoft Entra ID. Property is null for some users created before June 2018 and on-premises users that were synced to Microsoft Entra ID before June 2018. Read-only. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). format: date-time nullable: true creationType: type: string description: >- Indicates whether the user account was created through one of the following methods: As a regular school or work account (null). As an external account (Invitation). As a local account for an Azure Active Directory B2C tenant (LocalAccount). Through self-service sign-up by an internal user using email verification (EmailVerified). Through self-service sign-up by a guest signing up through a link that is part of a user flow (SelfServiceSignUp). Read-only.Returned only on $select. Supports $filter (eq, ne, not, in). nullable: true customSecurityAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeValue - type: object nullable: true description: >- An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). The filter value is case-sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role. department: type: string description: >- The name of the department in which the user works. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, and eq on null values). nullable: true deviceEnrollmentLimit: maximum: 2147483647 minimum: -2147483648 type: number description: >- The limit on the maximum number of devices that the user is permitted to enroll. Allowed values are 5 or 1000. format: int32 displayName: type: string description: >- The name displayed in the address book for the user. This value is usually the combination of the user's first name, middle initial, and family name. This property is required when a user is created and it can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values), $orderby, and $search. nullable: true employeeHireDate: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the user was hired or will start work in a future hire. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). format: date-time nullable: true employeeId: type: string description: >- The employee identifier assigned to the user by the organization. The maximum length is 16 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true employeeLeaveDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the user left or will leave the organization. To read this property, the calling app must be assigned the User-LifeCycleInfo.Read.All permission. To write this property, the calling app must be assigned the User.Read.All and User-LifeCycleInfo.ReadWrite.All permissions. To read this property in delegated scenarios, the admin needs at least one of the following Microsoft Entra roles: Lifecycle Workflows Administrator (least privilege), Global Reader. To write this property in delegated scenarios, the admin needs the Global Administrator role. Supports $filter (eq, ne, not , ge, le, in). For more information, see Configure the employeeLeaveDateTime property for a user. format: date-time nullable: true employeeOrgData: anyOf: - $ref: '#/components/schemas/microsoft.graph.employeeOrgData' - type: object nullable: true description: >- Represents organization data (for example, division and costCenter) associated with a user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). employeeType: type: string description: >- Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith). nullable: true externalUserState: type: string description: >- For a guest invited to the tenant using the invitation API, this property represents the invited user's invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. Returned only on $select. Supports $filter (eq, ne, not , in). nullable: true externalUserStateChangeDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Shows the timestamp for the latest change to the externalUserState property. Returned only on $select. Supports $filter (eq, ne, not , in). format: date-time nullable: true faxNumber: type: string description: >- The fax number of the user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true givenName: type: string description: >- The given name (first name) of the user. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true hireDate: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. Note: This property is specific to SharePoint in Microsoft 365. We recommend using the native employeeHireDate property to set and update hire date values using Microsoft Graph APIs. format: date-time identities: type: array items: $ref: '#/components/schemas/microsoft.graph.objectIdentity' description: >- Represents the identities that can be used to sign in to this user account. Microsoft (also known as a local account), organizations, or social identity providers such as Facebook, Google, and Microsoft can provide identity and tie it to a user account. It might contain multiple items with the same signInType value. Returned only on $select. Supports $filter (eq) with limitations. imAddresses: type: array items: type: string nullable: true description: >- The instant message voice-over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith). interests: type: array items: type: string nullable: true description: >- A list for the user to describe their interests. Returned only on $select. isManagementRestricted: type: boolean description: >- true if the user is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a user who is a member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isResourceAccount: type: boolean description: Don't use – reserved for future use. nullable: true jobTitle: type: string description: >- The user's job title. Maximum length is 128 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true lastPasswordChangeDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The time when this Microsoft Entra user last changed their password or when their password was created, whichever date the latest action was performed. The date and time information uses ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. format: date-time nullable: true legalAgeGroupClassification: type: string description: >- Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, Undefined, MinorWithOutParentalConsent, MinorWithParentalConsent, MinorNoParentalConsentRequired, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. nullable: true licenseAssignmentStates: type: array items: $ref: '#/components/schemas/microsoft.graph.licenseAssignmentState' description: >- State of license assignments for this user. Also indicates licenses that are directly assigned or the user inherited through group memberships. Read-only. Returned only on $select. mail: type: string description: >- The SMTP address for the user, for example, jeff@contoso.com. Changes to this property update the user's proxyAddresses collection to include the value as an SMTP address. This property can't contain accent characters. NOTE: We don't recommend updating this property for Azure AD B2C user profiles. Use the otherMails property instead. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith, and eq on null values). nullable: true mailboxSettings: anyOf: - $ref: '#/components/schemas/microsoft.graph.mailboxSettings' - type: object nullable: true description: >- Settings for the primary mailbox of the signed-in user. You can get or update settings for sending automatic replies to incoming messages, locale, and time zone. Returned only on $select. mailNickname: type: string description: >- The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true mobilePhone: type: string description: >- The primary cellular telephone number for the user. Read-only for users synced from the on-premises directory. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) and $search. nullable: true mySite: type: string description: The URL for the user's site. Returned only on $select. nullable: true officeLocation: type: string description: >- The office location in the user's place of business. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true onPremisesDistinguishedName: type: string description: >- Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. nullable: true onPremisesDomainName: type: string description: >- Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. nullable: true onPremisesExtensionAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.onPremisesExtensionAttributes - type: object nullable: true description: >- Contains extensionAttributes1-15 for the user. These extension attributes are also known as Exchange custom attributes 1-15. Each attribute can store up to 1024 characters. For an onPremisesSyncEnabled user, the source of authority for this set of properties is the on-premises and is read-only. For a cloud-only user (where onPremisesSyncEnabled is false), these properties can be set during the creation or update of a user object. For a cloud-only user previously synced from on-premises Active Directory, these properties are read-only in Microsoft Graph but can be fully managed through the Exchange Admin Center or the Exchange Online V2 module in PowerShell. Returned only on $select. Supports $filter (eq, ne, not, in). onPremisesImmutableId: type: string description: >- This property is used to associate an on-premises Active Directory user account to their Microsoft Entra user object. This property must be specified when creating a new user account in the Graph if you're using a federated domain for the user's userPrincipalName (UPN) property. NOTE: The $ and _ characters can't be used when specifying this property. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Indicates the last time at which the object was synced with the on-premises directory; for example: 2013-02-16T03:04:54Z. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesProvisioningErrors: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesProvisioningError description: >- Errors when using Microsoft synchronization product during provisioning. Returned only on $select. Supports $filter (eq, not, ge, le). onPremisesSamAccountName: type: string description: >- Contains the on-premises samAccountName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). nullable: true onPremisesSecurityIdentifier: type: string description: >- Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. Read-only. Returned only on $select. Supports $filter (eq including on null values). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this user object is currently being synced from an on-premises Active Directory (AD); otherwise the user isn't being synced and can be managed in Microsoft Entra ID. Read-only. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true onPremisesUserPrincipalName: type: string description: >- Contains the on-premises userPrincipalName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). nullable: true otherMails: type: array items: type: string description: >- A list of other email addresses for the user; for example: ['bob@contoso.com', 'Robert@fabrikam.com']. Can store up to 250 values, each with a limit of 250 characters. NOTE: This property can't contain accent characters. Returned only on $select. Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0). passwordPolicies: type: string description: >- Specifies password policies for the user. This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two might be specified together; for example: DisablePasswordExpiration, DisableStrongPassword. Returned only on $select. For more information on the default password policies, see Microsoft Entra password policies. Supports $filter (ne, not, and eq on null values). nullable: true passwordProfile: anyOf: - $ref: '#/components/schemas/microsoft.graph.passwordProfile' - type: object nullable: true description: >- Specifies the password profile for the user. The profile contains the user's password. This property is required when a user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies property. By default, a strong password is required. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). To update this property: User-PasswordProfile.ReadWrite.All is the least privileged permission to update this property. In delegated scenarios, the User Administrator Microsoft Entra role is the least privileged admin role supported to update this property for nonadmin users. Privileged Authentication Administrator is the least privileged role that's allowed to update this property for all administrators in the tenant. In general, the signed-in user must have a higher privileged administrator role as indicated in Who can reset passwords. In app-only scenarios, the calling app must be assigned a supported permission and at least the User Administrator Microsoft Entra role. pastProjects: type: array items: type: string nullable: true description: >- A list for the user to enumerate their past projects. Returned only on $select. postalCode: type: string description: >- The postal code for the user's postal address. The postal code is specific to the user's country or region. In the United States of America, this attribute contains the ZIP code. Maximum length is 40 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true preferredDataLocation: type: string description: >- The preferred data location for the user. For more information, see OneDrive Online Multi-Geo. nullable: true preferredLanguage: type: string description: >- The preferred language for the user. The preferred language format is based on RFC 4646. The name is a combination of an ISO 639 two-letter lowercase culture code associated with the language, and an ISO 3166 two-letter uppercase subculture code associated with the country or region. Example: 'en-US', or 'es-ES'. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) nullable: true preferredName: type: string description: >- The preferred name for the user. Not Supported. This attribute returns an empty string.Returned only on $select. nullable: true print: anyOf: - $ref: '#/components/schemas/microsoft.graph.userPrint' - type: object nullable: true provisionedPlans: type: array items: $ref: '#/components/schemas/microsoft.graph.provisionedPlan' description: >- The plans that are provisioned for the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le). proxyAddresses: type: array items: type: string description: >- For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. Changes to the mail property update this collection to include the value as an SMTP address. For more information, see mail and proxyAddresses properties. The proxy address prefixed with SMTP (capitalized) is the primary proxy address, while those addresses prefixed with smtp are the secondary proxy addresses. For Azure AD B2C accounts, this property has a limit of 10 unique addresses. Read-only in Microsoft Graph; you can update this property only through the Microsoft 365 admin center. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). responsibilities: type: array items: type: string nullable: true description: >- A list for the user to enumerate their responsibilities. Returned only on $select. schools: type: array items: type: string nullable: true description: >- A list for the user to enumerate the schools they attended. Returned only on $select. securityIdentifier: type: string description: >- Security identifier (SID) of the user, used in Windows scenarios. Read-only. Returned by default. Supports $select and $filter (eq, not, ge, le, startsWith). nullable: true serviceProvisioningErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.serviceProvisioningError' description: >- Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a user object. Supports $filter (eq, not, for isResolved and serviceInstance). showInAddressList: type: boolean description: >- Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead. Represents whether the user should be included in the Outlook global address list. See Known issue. nullable: true signInActivity: anyOf: - $ref: '#/components/schemas/microsoft.graph.signInActivity' - type: object nullable: true description: >- Get the last signed-in date and request ID of the sign-in for a given user. Read-only.Returned only on $select. Supports $filter (eq, ne, not, ge, le) but not with any other filterable properties. Note: Details for this property require a Microsoft Entra ID P1 or P2 license and the AuditLog.Read.All permission.This property isn't returned for a user who never signed in or last signed in before April 2020. signInSessionsValidFromDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Any refresh tokens or session tokens (session cookies) issued before this time are invalid. Applications get an error when using an invalid refresh or session token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application needs to acquire a new refresh token by requesting the authorized endpoint. Read-only. Use revokeSignInSessions to reset. Returned only on $select. format: date-time nullable: true skills: type: array items: type: string nullable: true description: >- A list for the user to enumerate their skills. Returned only on $select. state: type: string description: >- The state or province in the user's address. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true streetAddress: type: string description: >- The street address of the user's place of business. Maximum length is 1,024 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true surname: type: string description: >- The user's surname (family name or last name). Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true usageLocation: type: string description: >- A two-letter country code (ISO standard 3166). Required for users that are assigned licenses due to legal requirements to check for availability of services in countries/regions. Examples include: US, JP, and GB. Not nullable. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true userPrincipalName: type: string description: >- The user principal name (UPN) of the user. The UPN is an Internet-style sign-in name for the user based on the Internet standard RFC 822. By convention, this value should map to the user's email name. The general format is alias@domain, where the domain must be present in the tenant's collection of verified domains. This property is required when a user is created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization.NOTE: This property can't contain accent characters. Only the following characters are allowed A - Z, a - z, 0 - 9, ' . - _ ! # ^ ~. For the complete list of allowed characters, see username policies. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith) and $orderby. nullable: true userType: type: string description: >- A string value that can be used to classify user types in your directory. The possible values are Member and Guest. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). NOTE: For more information about the permissions for members and guests, see What are the default user permissions in Microsoft Entra ID? nullable: true activities: type: array items: $ref: '#/components/schemas/microsoft.graph.userActivity' description: The user's activities across devices. Read-only. Nullable. x-ms-navigationProperty: true agreementAcceptances: type: array items: $ref: '#/components/schemas/microsoft.graph.agreementAcceptance' description: >- The user's terms of use acceptance statuses. Read-only. Nullable. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- Represents the app roles a user is granted for an application. Supports $expand. x-ms-navigationProperty: true authentication: anyOf: - $ref: '#/components/schemas/microsoft.graph.authentication' - type: object nullable: true description: The authentication methods that are supported for the user. x-ms-navigationProperty: true calendar: anyOf: - $ref: '#/components/schemas/microsoft.graph.calendar' - type: object nullable: true description: The user's primary calendar. Read-only. x-ms-navigationProperty: true calendarGroups: type: array items: $ref: '#/components/schemas/microsoft.graph.calendarGroup' description: The user's calendar groups. Read-only. Nullable. x-ms-navigationProperty: true calendars: type: array items: $ref: '#/components/schemas/microsoft.graph.calendar' description: The user's calendars. Read-only. Nullable. x-ms-navigationProperty: true calendarView: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The calendar view for the calendar. Read-only. Nullable. x-ms-navigationProperty: true chats: type: array items: $ref: '#/components/schemas/microsoft.graph.chat' x-ms-navigationProperty: true cloudClipboard: anyOf: - $ref: '#/components/schemas/microsoft.graph.cloudClipboardRoot' - type: object nullable: true x-ms-navigationProperty: true cloudPCs: type: array items: $ref: '#/components/schemas/microsoft.graph.cloudPC' description: The user's Cloud PCs. Read-only. Nullable. x-ms-navigationProperty: true contactFolders: type: array items: $ref: '#/components/schemas/microsoft.graph.contactFolder' description: The user's contacts folders. Read-only. Nullable. x-ms-navigationProperty: true contacts: type: array items: $ref: '#/components/schemas/microsoft.graph.contact' description: The user's contacts. Read-only. Nullable. x-ms-navigationProperty: true createdObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: Directory objects that the user created. Read-only. Nullable. x-ms-navigationProperty: true dataSecurityAndGovernance: anyOf: - $ref: >- #/components/schemas/microsoft.graph.userDataSecurityAndGovernance - type: object nullable: true description: >- The data security and governance settings for the user. Read-only. Nullable. x-ms-navigationProperty: true deviceManagementTroubleshootingEvents: type: array items: $ref: >- #/components/schemas/microsoft.graph.deviceManagementTroubleshootingEvent description: The list of troubleshooting events for this user. x-ms-navigationProperty: true directReports: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The users and contacts that report to the user. (The users and contacts that have their manager property set to this user.) Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true drive: anyOf: - $ref: '#/components/schemas/microsoft.graph.drive' - type: object nullable: true description: The user's OneDrive. Read-only. x-ms-navigationProperty: true drives: type: array items: $ref: '#/components/schemas/microsoft.graph.drive' description: A collection of drives available for this user. Read-only. x-ms-navigationProperty: true employeeExperience: anyOf: - $ref: '#/components/schemas/microsoft.graph.employeeExperienceUser' - type: object nullable: true x-ms-navigationProperty: true events: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: >- The user's events. Default is to show Events under the Default Calendar. Read-only. Nullable. x-ms-navigationProperty: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the user. Read-only. Supports $expand. Nullable. x-ms-navigationProperty: true followedSites: type: array items: $ref: '#/components/schemas/microsoft.graph.site' x-ms-navigationProperty: true inferenceClassification: anyOf: - $ref: '#/components/schemas/microsoft.graph.inferenceClassification' - type: object nullable: true description: >- Relevance classification of the user's messages based on explicit designations that override inferred relevance or importance. x-ms-navigationProperty: true insights: anyOf: - $ref: '#/components/schemas/microsoft.graph.itemInsights' - type: object nullable: true description: >- Represents relationships between a user and items such as OneDrive for work or school documents, calculated using advanced analytics and machine learning techniques. Read-only. Nullable. x-ms-navigationProperty: true joinedTeams: type: array items: $ref: '#/components/schemas/microsoft.graph.team' x-ms-navigationProperty: true licenseDetails: type: array items: $ref: '#/components/schemas/microsoft.graph.licenseDetails' description: A collection of this user's license details. Read-only. x-ms-navigationProperty: true mailFolders: type: array items: $ref: '#/components/schemas/microsoft.graph.mailFolder' description: The user's mail folders. Read-only. Nullable. x-ms-navigationProperty: true managedAppRegistrations: type: array items: $ref: '#/components/schemas/microsoft.graph.managedAppRegistration' description: Zero or more managed app registrations that belong to the user. x-ms-navigationProperty: true managedDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.managedDevice' description: The managed devices associated with the user. x-ms-navigationProperty: true manager: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The user or contact that is this user's manager. Read-only. Supports $expand. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups and directory roles that the user is a member of. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true messages: type: array items: $ref: '#/components/schemas/microsoft.graph.message' description: The messages in a mailbox or folder. Read-only. Nullable. x-ms-navigationProperty: true oauth2PermissionGrants: type: array items: $ref: '#/components/schemas/microsoft.graph.oAuth2PermissionGrant' x-ms-navigationProperty: true onenote: anyOf: - $ref: '#/components/schemas/microsoft.graph.onenote' - type: object nullable: true x-ms-navigationProperty: true onlineMeetings: type: array items: $ref: '#/components/schemas/microsoft.graph.onlineMeeting' description: >- Information about a meeting, including the URL used to join a meeting, the attendees list, and the description. x-ms-navigationProperty: true outlook: anyOf: - $ref: '#/components/schemas/microsoft.graph.outlookUser' - type: object nullable: true x-ms-navigationProperty: true ownedDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Devices the user owns. Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true ownedObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects the user owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true people: type: array items: $ref: '#/components/schemas/microsoft.graph.person' description: People that are relevant to the user. Read-only. Nullable. x-ms-navigationProperty: true permissionGrants: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant description: List all resource-specific permission grants of a user. x-ms-navigationProperty: true photo: anyOf: - $ref: '#/components/schemas/microsoft.graph.profilePhoto' - type: object nullable: true description: The user's profile photo. Read-only. x-ms-navigationProperty: true photos: type: array items: $ref: '#/components/schemas/microsoft.graph.profilePhoto' description: >- The collection of the user's profile photos in different sizes. Read-only. x-ms-navigationProperty: true planner: anyOf: - $ref: '#/components/schemas/microsoft.graph.plannerUser' - type: object nullable: true description: >- Entry-point to the Planner resource that might exist for a user. Read-only. x-ms-navigationProperty: true presence: anyOf: - $ref: '#/components/schemas/microsoft.graph.presence' - type: object nullable: true x-ms-navigationProperty: true registeredDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Devices that are registered for the user. Read-only. Nullable. Supports $expand and returns up to 100 objects. x-ms-navigationProperty: true scopedRoleMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' x-ms-navigationProperty: true settings: anyOf: - $ref: '#/components/schemas/microsoft.graph.userSettings' - type: object nullable: true x-ms-navigationProperty: true solutions: anyOf: - $ref: '#/components/schemas/microsoft.graph.userSolutionRoot' - type: object nullable: true description: >- The identifier that relates the user to the working time schedule triggers. Read-Only. Nullable x-ms-navigationProperty: true sponsors: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The users and groups responsible for this guest's privileges in the tenant and keeping the guest's information and access updated. (HTTP Methods: GET, POST, DELETE.). Supports $expand. x-ms-navigationProperty: true teamwork: anyOf: - $ref: '#/components/schemas/microsoft.graph.userTeamwork' - type: object nullable: true description: >- A container for Microsoft Teams features available for the user. Read-only. Nullable. x-ms-navigationProperty: true todo: anyOf: - $ref: '#/components/schemas/microsoft.graph.todo' - type: object nullable: true description: Represents the To Do services available to a user. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups, including nested groups, and directory roles that a user is a member of. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.user' description: Represents a Microsoft Entra user account. x-ms-discriminator-value: '#microsoft.graph.user' BaseDeltaFunctionResponse: title: Base delta function response type: object properties: '@odata.nextLink': type: string nullable: true '@odata.deltaLink': type: string nullable: true parameters: top: name: $top in: query description: Show only the first n items style: form explode: false schema: minimum: 0 type: integer example: 50 skip: name: $skip in: query description: Skip the first n items style: form explode: false schema: minimum: 0 type: integer search: name: $search in: query description: Search items by search phrases style: form explode: false schema: type: string filter: name: $filter in: query description: Filter items by property values style: form explode: false schema: type: string count: name: $count in: query description: Include count of items style: form explode: false schema: type: boolean examples: {} responses: microsoft.graph.deviceCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceCollectionResponse' error: description: error content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.ODataErrors.ODataError' microsoft.graph.extensionCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extensionCollectionResponse' ODataCountResponse: description: The count of the resource content: text/plain: schema: $ref: '#/components/schemas/ODataCountResponse' microsoft.graph.groupCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.groupCollectionResponse' StringCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/StringCollectionResponse' microsoft.graph.endpointCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpointCollectionResponse' microsoft.graph.userCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.userCollectionResponse' tags: - name: Devices.device - name: devices.device.Actions - name: devices.device.Functions - name: devices.directoryObject - name: Devices.extension