openapi: 3.1.0 info: title: Microsoft Graph Directory description: Needs a description. paths: /auditLogs/directoryAudits: description: >- Provides operations to manage the directoryAudits property of the microsoft.graph.auditLogRoot entity. get: tags: - auditLogs.directoryAudit summary: Microsoft Graph List directoryAudits description: >- Get the list of audit logs generated by Microsoft Entra ID. This includes audit logs generated by various services within Microsoft Entra ID, including user, app, device and group Management, privileged identity management (PIM), access reviews, terms of use, identity protection, password management (self-service and admin password resets), and self- service group management, and so on. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryaudit-list?view=graph-rest-1.0 operationId: auditLogs.ListDirectoryAudits parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryAuditCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - auditLogs.directoryAudit summary: Microsoft Graph Create new navigation property to directoryAudits for auditLogs operationId: auditLogs.CreateDirectoryAudits requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryAudit' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryAudit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /auditLogs/directoryAudits/{directoryAudit-id}: description: >- Provides operations to manage the directoryAudits property of the microsoft.graph.auditLogRoot entity. get: tags: - auditLogs.directoryAudit summary: Microsoft Graph Get directoryAudit description: >- Get a specific Microsoft Entra audit log item. This includes an audit log item generated by various services within Microsoft Entra ID like user, application, device and group management, privileged identity management (PIM), access reviews, terms of use, identity protection, password management (self-service and admin password resets), self-service group management, and so on. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryaudit-get?view=graph-rest-1.0 operationId: auditLogs.GetDirectoryAudits parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryAudit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - auditLogs.directoryAudit summary: Microsoft Graph Update the navigation property directoryAudits in auditLogs operationId: auditLogs.UpdateDirectoryAudits requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryAudit' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryAudit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - auditLogs.directoryAudit summary: Microsoft Graph Delete navigation property directoryAudits for auditLogs operationId: auditLogs.DeleteDirectoryAudits parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryAudit-id in: path description: The unique identifier of directoryAudit required: true schema: type: string x-ms-docs-key-type: directoryAudit /auditLogs/directoryAudits/$count: description: Provides operations to count the resources in the collection. get: tags: - auditLogs.directoryAudit summary: Microsoft Graph Get the number of the resource operationId: auditLogs.directoryAudits.GetCount-fedb parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory: description: Provides operations to manage the directory singleton. get: tags: - Directory.directory summary: Microsoft Graph Get directory operationId: directory.directory.GetDirectory parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directory' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - Directory.directory summary: Microsoft Graph Update directory operationId: directory.directory.UpdateDirectory requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directory' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directory' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/administrativeUnits: description: >- Provides operations to manage the administrativeUnits property of the microsoft.graph.directory entity. get: tags: - directory.administrativeUnit summary: Microsoft Graph List administrativeUnits description: Retrieve a list of administrativeUnit objects. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-list-administrativeunits?view=graph-rest-1.0 operationId: directory.ListAdministrativeUnits parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.administrativeUnitCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.administrativeUnit summary: Microsoft Graph Create administrativeUnit description: Create a new administrativeUnit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-post-administrativeunits?view=graph-rest-1.0 operationId: directory.CreateAdministrativeUnits requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/administrativeUnits/{administrativeUnit-id}: description: >- Provides operations to manage the administrativeUnits property of the microsoft.graph.directory entity. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get administrativeUnit description: >- Retrieve the properties and relationships of an administrativeUnit object. The administrativeUnit resource supports extensions, which also allows you to use the GET operation to get custom properties and extension data in an administrativeUnit instance. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-get?view=graph-rest-1.0 operationId: directory.GetAdministrativeUnits parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.administrativeUnit summary: Microsoft Graph Update administrativeUnit description: Update the properties of an administrativeUnit object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-update?view=graph-rest-1.0 operationId: directory.UpdateAdministrativeUnits requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.administrativeUnit summary: Microsoft Graph Delete administrativeUnit description: Delete an administrativeUnit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-delete?view=graph-rest-1.0 operationId: directory.DeleteAdministrativeUnits parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/extensions: description: >- Provides operations to manage the extensions property of the microsoft.graph.administrativeUnit entity. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get extensions from directory description: >- The collection of open extensions defined for this administrative unit. Nullable. operationId: directory.administrativeUnits.ListExtensions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.extensionCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.administrativeUnit summary: Microsoft Graph Create new navigation property to extensions for directory operationId: directory.administrativeUnits.CreateExtensions requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/extensions/{extension-id}: description: >- Provides operations to manage the extensions property of the microsoft.graph.administrativeUnit entity. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get extensions from directory description: >- The collection of open extensions defined for this administrative unit. Nullable. operationId: directory.administrativeUnits.GetExtensions parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.administrativeUnit summary: Microsoft Graph Update the navigation property extensions in directory operationId: directory.administrativeUnits.UpdateExtensions requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extension' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.administrativeUnit summary: Microsoft Graph Delete navigation property extensions for directory operationId: directory.administrativeUnits.DeleteExtensions parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: extension-id in: path description: The unique identifier of extension required: true schema: type: string x-ms-docs-key-type: extension /directory/administrativeUnits/{administrativeUnit-id}/extensions/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.extensions.GetCount-48cb parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members: description: >- Provides operations to manage the members property of the microsoft.graph.administrativeUnit entity. get: tags: - directory.administrativeUnit summary: Microsoft Graph List members description: >- Use this API to get the members list (users, groups, or devices) in an administrative unit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-list-members?view=graph-rest-1.0 operationId: directory.administrativeUnits.ListMembers parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.administrativeUnit summary: Microsoft Graph Add a member description: >- Use this API to add a member (user, group, or device) to an administrative unit. Currently it's only possible to add one member at a time to an administrative unit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-post-members?view=graph-rest-1.0 operationId: directory.administrativeUnits.CreateMembers requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/$ref: description: Provides operations to manage the collection of directory entities. delete: tags: - directory.administrativeUnit summary: Microsoft Graph Remove a member description: >- Use this API to remove a member (user, group, or device) from an administrative unit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-delete-members?view=graph-rest-1.0 operationId: directory.administrativeUnits.members.DeleteRefDirectoryObject parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.application: description: Casts the previous resource to application. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.application operationId: directory.administrativeUnits.GetMembers.AsApplication parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.application' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.device: description: Casts the previous resource to device. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.device operationId: directory.administrativeUnits.GetMembers.AsDevice parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.group operationId: directory.administrativeUnits.GetMembers.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.orgContact: description: Casts the previous resource to orgContact. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact operationId: directory.administrativeUnits.GetMembers.AsOrgContact parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.orgContact' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: directory.administrativeUnits.GetMembers.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.user: description: Casts the previous resource to user. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.user operationId: directory.administrativeUnits.GetMembers.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.user' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/administrativeUnits/{administrativeUnit-id}/members/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.members.GetCount-777a parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/$ref: description: Provides operations to manage the collection of directory entities. get: tags: - directory.administrativeUnit summary: Microsoft Graph List members description: >- Use this API to get the members list (users, groups, or devices) in an administrative unit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-list-members?view=graph-rest-1.0 operationId: directory.administrativeUnits.ListRefMembers parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.administrativeUnit summary: Microsoft Graph Add a member description: >- Use this API to add a member (user, group, or device) to an administrative unit. Currently it's only possible to add one member at a time to an administrative unit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-post-members?view=graph-rest-1.0 operationId: directory.administrativeUnits.CreateRefMembers requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.administrativeUnit summary: Microsoft Graph Remove a member description: >- Use this API to remove a member (user, group, or device) from an administrative unit. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-delete-members?view=graph-rest-1.0 operationId: directory.administrativeUnits.DeleteRefMembers parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.application: description: Casts the previous resource to application. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the items of type microsoft.graph.application in the microsoft.graph.directoryObject collection operationId: directory.administrativeUnits.ListMembers.AsApplication parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.applicationCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.application/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.Members.GetCount.AsApplication-12bb parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.device: description: Casts the previous resource to device. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the items of type microsoft.graph.device in the microsoft.graph.directoryObject collection operationId: directory.administrativeUnits.ListMembers.AsDevice parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.deviceCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.device/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.Members.GetCount.AsDevice-a313 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.group: description: Casts the previous resource to group. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the items of type microsoft.graph.group in the microsoft.graph.directoryObject collection operationId: directory.administrativeUnits.ListMembers.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.Members.GetCount.AsGroup-af07 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.orgContact: description: Casts the previous resource to orgContact. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the items of type microsoft.graph.orgContact in the microsoft.graph.directoryObject collection operationId: directory.administrativeUnits.ListMembers.AsOrgContact parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.orgContactCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.orgContact/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.Members.GetCount.AsOrgContact-7392 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: directory.administrativeUnits.ListMembers.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.Members.GetCount.AsServicePrincipal-1d41 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.user: description: Casts the previous resource to user. get: tags: - directory.administrativeUnit summary: >- Microsoft Graph Get the items of type microsoft.graph.user in the microsoft.graph.directoryObject collection operationId: directory.administrativeUnits.ListMembers.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.userCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/members/graph.user/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.Members.GetCount.AsUser-5d18 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers: description: >- Provides operations to manage the scopedRoleMembers property of the microsoft.graph.administrativeUnit entity. get: tags: - directory.administrativeUnit summary: Microsoft Graph List scopedRoleMembers description: List Microsoft Entra role assignments with administrative unit scope. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-list-scopedrolemembers?view=graph-rest-1.0 operationId: directory.administrativeUnits.ListScopedRoleMembers parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.scopedRoleMembershipCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.administrativeUnit summary: Microsoft Graph Add a scopedRoleMember description: >- Assign a Microsoft Entra role with administrative unit scope. For a list of roles that can be assigned with administrative unit scope, see Assign Microsoft Entra roles with administrative unit scope. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-post-scopedrolemembers?view=graph-rest-1.0 operationId: directory.administrativeUnits.CreateScopedRoleMembers requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/{scopedRoleMembership-id}: description: >- Provides operations to manage the scopedRoleMembers property of the microsoft.graph.administrativeUnit entity. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get a scopedRoleMember description: Get a Microsoft Entra role assignment with administrative unit scope. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-get-scopedrolemembers?view=graph-rest-1.0 operationId: directory.administrativeUnits.GetScopedRoleMembers parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.administrativeUnit summary: Microsoft Graph Update the navigation property scopedRoleMembers in directory operationId: directory.administrativeUnits.UpdateScopedRoleMembers requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.administrativeUnit summary: Microsoft Graph Remove a scopedRoleMember description: Remove a Microsoft Entra role assignment with administrative unit scope. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/administrativeunit-delete-scopedrolemembers?view=graph-rest-1.0 operationId: directory.administrativeUnits.DeleteScopedRoleMembers parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit - name: scopedRoleMembership-id in: path description: The unique identifier of scopedRoleMembership required: true schema: type: string x-ms-docs-key-type: scopedRoleMembership /directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.scopedRoleMembers.GetCount-cb3a parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: administrativeUnit-id in: path description: The unique identifier of administrativeUnit required: true schema: type: string x-ms-docs-key-type: administrativeUnit /directory/administrativeUnits/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.administrativeUnit summary: Microsoft Graph Get the number of the resource operationId: directory.administrativeUnits.GetCount-a5a1 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/administrativeUnits/delta(): description: Provides operations to call the delta method. get: tags: - directory.administrativeUnit summary: Microsoft Graph Invoke function delta operationId: directory.administrativeUnits.delta parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of administrativeUnit type: object allOf: - $ref: '#/components/schemas/BaseDeltaFunctionResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.administrativeUnit 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/attributeSets: description: >- Provides operations to manage the attributeSets property of the microsoft.graph.directory entity. get: tags: - directory.attributeSet summary: Microsoft Graph List attributeSets description: Get a list of the attributeSet objects and their properties. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-list-attributesets?view=graph-rest-1.0 operationId: directory.ListAttributeSets parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.attributeSetCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.attributeSet summary: Microsoft Graph Create attributeSet description: Create a new attributeSet object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-post-attributesets?view=graph-rest-1.0 operationId: directory.CreateAttributeSets requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.attributeSet' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.attributeSet' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/attributeSets/{attributeSet-id}: description: >- Provides operations to manage the attributeSets property of the microsoft.graph.directory entity. get: tags: - directory.attributeSet summary: Microsoft Graph Get attributeSet description: Read the properties and relationships of an attributeSet object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/attributeset-get?view=graph-rest-1.0 operationId: directory.GetAttributeSets parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.attributeSet' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.attributeSet summary: Microsoft Graph Update attributeSet description: Update the properties of an attributeSet object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/attributeset-update?view=graph-rest-1.0 operationId: directory.UpdateAttributeSets requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.attributeSet' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.attributeSet' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.attributeSet summary: Microsoft Graph Delete navigation property attributeSets for directory operationId: directory.DeleteAttributeSets parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: attributeSet-id in: path description: The unique identifier of attributeSet required: true schema: type: string x-ms-docs-key-type: attributeSet /directory/attributeSets/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.attributeSet summary: Microsoft Graph Get the number of the resource operationId: directory.attributeSets.GetCount-147b parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/customSecurityAttributeDefinitions: description: >- Provides operations to manage the customSecurityAttributeDefinitions property of the microsoft.graph.directory entity. get: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph List customSecurityAttributeDefinitions description: >- Get a list of the customSecurityAttributeDefinition objects and their properties. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-list-customsecurityattributedefinitions?view=graph-rest-1.0 operationId: directory.ListCustomSecurityAttributeDefinitions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.customSecurityAttributeDefinitionCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Create customSecurityAttributeDefinition description: Create a new customSecurityAttributeDefinition object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-post-customsecurityattributedefinitions?view=graph-rest-1.0 operationId: directory.CreateCustomSecurityAttributeDefinitions requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeDefinition required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeDefinition 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}: description: >- Provides operations to manage the customSecurityAttributeDefinitions property of the microsoft.graph.directory entity. get: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Get customSecurityAttributeDefinition description: >- Read the properties and relationships of a customSecurityAttributeDefinition object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/customsecurityattributedefinition-get?view=graph-rest-1.0 operationId: directory.GetCustomSecurityAttributeDefinitions parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeDefinition 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Update customSecurityAttributeDefinition description: Update the properties of a customSecurityAttributeDefinition object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/customsecurityattributedefinition-update?view=graph-rest-1.0 operationId: directory.UpdateCustomSecurityAttributeDefinitions requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeDefinition required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeDefinition 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.customSecurityAttributeDefinition summary: >- Microsoft Graph Delete navigation property customSecurityAttributeDefinitions for directory operationId: directory.DeleteCustomSecurityAttributeDefinitions parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: customSecurityAttributeDefinition-id in: path description: The unique identifier of customSecurityAttributeDefinition required: true schema: type: string x-ms-docs-key-type: customSecurityAttributeDefinition /directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues: description: >- Provides operations to manage the allowedValues property of the microsoft.graph.customSecurityAttributeDefinition entity. get: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph List allowedValues description: Get a list of the allowedValue objects and their properties. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/customsecurityattributedefinition-list-allowedvalues?view=graph-rest-1.0 operationId: directory.customSecurityAttributeDefinitions.ListAllowedValues parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.allowedValueCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Create allowedValue description: Create a new allowedValue object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/customsecurityattributedefinition-post-allowedvalues?view=graph-rest-1.0 operationId: directory.customSecurityAttributeDefinitions.CreateAllowedValues requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.allowedValue' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.allowedValue' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: customSecurityAttributeDefinition-id in: path description: The unique identifier of customSecurityAttributeDefinition required: true schema: type: string x-ms-docs-key-type: customSecurityAttributeDefinition /directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}: description: >- Provides operations to manage the allowedValues property of the microsoft.graph.customSecurityAttributeDefinition entity. get: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Get allowedValue description: Read the properties and relationships of an allowedValue object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/allowedvalue-get?view=graph-rest-1.0 operationId: directory.customSecurityAttributeDefinitions.GetAllowedValues parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.allowedValue' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Update allowedValue description: Update the properties of an allowedValue object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/allowedvalue-update?view=graph-rest-1.0 operationId: directory.customSecurityAttributeDefinitions.UpdateAllowedValues requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.allowedValue' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.allowedValue' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Delete navigation property allowedValues for directory operationId: directory.customSecurityAttributeDefinitions.DeleteAllowedValues parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: customSecurityAttributeDefinition-id in: path description: The unique identifier of customSecurityAttributeDefinition required: true schema: type: string x-ms-docs-key-type: customSecurityAttributeDefinition - name: allowedValue-id in: path description: The unique identifier of allowedValue required: true schema: type: string x-ms-docs-key-type: allowedValue /directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Get the number of the resource operationId: directory.customSecurityAttributeDefinitions.allowedValues.GetCount-c982 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: customSecurityAttributeDefinition-id in: path description: The unique identifier of customSecurityAttributeDefinition required: true schema: type: string x-ms-docs-key-type: customSecurityAttributeDefinition /directory/customSecurityAttributeDefinitions/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.customSecurityAttributeDefinition summary: Microsoft Graph Get the number of the resource operationId: directory.customSecurityAttributeDefinitions.GetCount-ae4b parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems: description: >- Provides operations to manage the deletedItems property of the microsoft.graph.directory entity. get: tags: - directory.directoryObject summary: Microsoft Graph Get deleted item (directory object) description: "Retrieve the properties of a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Retrieve the properties of a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user" operationId: directory.ListDeletedItems parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation /directory/deletedItems/{directoryObject-id}: description: >- Provides operations to manage the deletedItems property of the microsoft.graph.directory entity. get: tags: - directory.directoryObject summary: Microsoft Graph Get deleted item (directory object) description: "Retrieve the properties of a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Retrieve the properties of a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user" externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-get?view=graph-rest-1.0 operationId: directory.GetDeletedItems parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.directoryObject summary: Microsoft Graph Permanently delete an item (directory object) description: "Permanently delete a recently deleted application, group, servicePrincipal, or user object from deleted items. After an item is permanently deleted, it cannot be restored. Permanently delete a recently deleted directory object from deleted items. The following types are supported:\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail After an item is permanently deleted, it cannot be restored. Administrative units cannot be permanently deleted by using the deletedItems API. Soft-deleted administrative units will be permanently deleted 30 days after initial deletion unless they are restored." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-delete?view=graph-rest-1.0 operationId: directory.DeleteDeletedItems parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit operationId: directory.GetDeletedItems.AsAdministrativeUnit parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/graph.application: description: Casts the previous resource to application. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.application operationId: directory.GetDeletedItems.AsApplication parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.application' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/checkMemberGroups: description: Provides operations to call the checkMemberGroups method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action checkMemberGroups description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 operationId: directory.deletedItems.directoryObject.checkMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: groupIds: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/checkMemberObjects: description: Provides operations to call the checkMemberObjects method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action checkMemberObjects operationId: directory.deletedItems.directoryObject.checkMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/graph.device: description: Casts the previous resource to device. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.device operationId: directory.GetDeletedItems.AsDevice parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/getMemberGroups: description: Provides operations to call the getMemberGroups method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action getMemberGroups description: >- Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmembergroups?view=graph-rest-1.0 operationId: directory.deletedItems.directoryObject.getMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/getMemberObjects: description: Provides operations to call the getMemberObjects method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action getMemberObjects description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 operationId: directory.deletedItems.directoryObject.getMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - directory.directoryObject summary: Microsoft Graph List deletedItems (directory objects) description: "Retrieve a list of recently deleted directory objects. Currently, deleted items functionality is only supported for the application, servicePrincipal, group, administrative unit, and user resources. Retrieve a list of recently deleted directory objects from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user" externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-list?view=graph-rest-1.0 operationId: directory.GetDeletedItems.AsGroup parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/restore: description: Provides operations to call the restore method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action restore description: "Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user If an item is accidentally deleted, you can fully restore the item. Additionally, restoring an application doesn't automatically restore the associated service principal automatically. You must call this API to explicitly restore the deleted service principal. A recently deleted item remains available for up to 30 days. After 30 days, the item is permanently deleted." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-restore?view=graph-rest-1.0 operationId: directory.deletedItems.directoryObject.restore responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: directory.GetDeletedItems.AsServicePrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/{directoryObject-id}/graph.user: description: Casts the previous resource to user. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.user operationId: directory.GetDeletedItems.AsUser parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.user' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directory/deletedItems/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directory.deletedItems.GetCount-665f parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.administrativeUnit in the microsoft.graph.directoryObject collection operationId: directory.ListDeletedItems.AsAdministrativeUnit parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.administrativeUnitCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/graph.administrativeUnit/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directory.DeletedItems.GetCount.AsAdministrativeUnit-0f56 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems/graph.application: description: Casts the previous resource to application. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.application in the microsoft.graph.directoryObject collection operationId: directory.ListDeletedItems.AsApplication parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.applicationCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/graph.application/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directory.DeletedItems.GetCount.AsApplication-09ac parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems/graph.device: description: Casts the previous resource to device. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.device in the microsoft.graph.directoryObject collection operationId: directory.ListDeletedItems.AsDevice parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.deviceCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/graph.device/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directory.DeletedItems.GetCount.AsDevice-6f35 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems/getAvailableExtensionProperties: description: Provides operations to call the getAvailableExtensionProperties method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action getAvailableExtensionProperties description: >- Return all directory extension definitions that are registered in a directory, including through multitenant apps. The following entities support extension properties: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getavailableextensionproperties?view=graph-rest-1.0 operationId: directory.deletedItems.getAvailableExtensionProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: isSyncedFromOnPremises: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of extensionProperty type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.extensionProperty 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/getByIds: description: Provides operations to call the getByIds method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action getByIds description: >- Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getbyids?view=graph-rest-1.0 operationId: directory.deletedItems.getByIds requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string types: type: array items: type: string nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/graph.group: description: Casts the previous resource to group. get: tags: - directory.directoryObject summary: Microsoft Graph List deletedItems (directory objects) description: "Retrieve a list of recently deleted directory objects. Currently, deleted items functionality is only supported for the application, servicePrincipal, group, administrative unit, and user resources. Retrieve a list of recently deleted directory objects from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user" externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-list?view=graph-rest-1.0 operationId: directory.ListDeletedItems.AsGroup parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directory.DeletedItems.GetCount.AsGroup-255d parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: directory.ListDeletedItems.AsServicePrincipal parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directory.DeletedItems.GetCount.AsServicePrincipal-6632 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems/graph.user: description: Casts the previous resource to user. get: tags: - directory.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.user in the microsoft.graph.directoryObject collection operationId: directory.ListDeletedItems.AsUser parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.userCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/deletedItems/graph.user/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directory.DeletedItems.GetCount.AsUser-bc15 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/deletedItems/validateProperties: description: Provides operations to call the validateProperties method. post: tags: - directory.directoryObject summary: Microsoft Graph Invoke action validateProperties description: "Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:\r\n1. Validate the prefix and suffix naming policy\r\n2. Validate the custom banned words policy\r\n3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-validateproperties?view=graph-rest-1.0 operationId: directory.deletedItems.validateProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: entityType: type: string nullable: true displayName: type: string nullable: true mailNickname: type: string nullable: true onBehalfOfUserId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid nullable: true required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action /directory/deviceLocalCredentials: description: >- Provides operations to manage the deviceLocalCredentials property of the microsoft.graph.directory entity. get: tags: - directory.deviceLocalCredentialInfo summary: Microsoft Graph List deviceLocalCredentialInfo description: >- Get a list of the deviceLocalCredentialInfo objects and their properties, excluding the credentials property. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-list-devicelocalcredentials?view=graph-rest-1.0 operationId: directory.ListDeviceLocalCredentials parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.deviceLocalCredentialInfoCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.deviceLocalCredentialInfo summary: Microsoft Graph Create new navigation property to deviceLocalCredentials for directory operationId: directory.CreateDeviceLocalCredentials requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceLocalCredentialInfo' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceLocalCredentialInfo' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/deviceLocalCredentials/{deviceLocalCredentialInfo-id}: description: >- Provides operations to manage the deviceLocalCredentials property of the microsoft.graph.directory entity. get: tags: - directory.deviceLocalCredentialInfo summary: Microsoft Graph Get deviceLocalCredentialInfo description: >- Retrieve the properties of a deviceLocalCredentialInfo for a specified device object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/devicelocalcredentialinfo-get?view=graph-rest-1.0 operationId: directory.GetDeviceLocalCredentials parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceLocalCredentialInfo' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.deviceLocalCredentialInfo summary: Microsoft Graph Update the navigation property deviceLocalCredentials in directory operationId: directory.UpdateDeviceLocalCredentials requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceLocalCredentialInfo' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceLocalCredentialInfo' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.deviceLocalCredentialInfo summary: Microsoft Graph Delete navigation property deviceLocalCredentials for directory operationId: directory.DeleteDeviceLocalCredentials parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: deviceLocalCredentialInfo-id in: path description: The unique identifier of deviceLocalCredentialInfo required: true schema: type: string x-ms-docs-key-type: deviceLocalCredentialInfo /directory/deviceLocalCredentials/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.deviceLocalCredentialInfo summary: Microsoft Graph Get the number of the resource operationId: directory.deviceLocalCredentials.GetCount-43fe parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/federationConfigurations: description: >- Provides operations to manage the federationConfigurations property of the microsoft.graph.directory entity. get: tags: - directory.identityProviderBase summary: Microsoft Graph Get federationConfigurations from directory description: >- Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol. operationId: directory.ListFederationConfigurations parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.identityProviderBaseCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.identityProviderBase summary: Microsoft Graph Create new navigation property to federationConfigurations for directory operationId: directory.CreateFederationConfigurations requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.identityProviderBase' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.identityProviderBase' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/federationConfigurations/{identityProviderBase-id}: description: >- Provides operations to manage the federationConfigurations property of the microsoft.graph.directory entity. get: tags: - directory.identityProviderBase summary: Microsoft Graph Get federationConfigurations from directory description: >- Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol. operationId: directory.GetFederationConfigurations parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.identityProviderBase' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.identityProviderBase summary: Microsoft Graph Update the navigation property federationConfigurations in directory operationId: directory.UpdateFederationConfigurations requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.identityProviderBase' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.identityProviderBase' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.identityProviderBase summary: Microsoft Graph Delete samlOrWsFedExternalDomainFederation description: Delete a samlOrWsFedExternalDomainFederation object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/samlorwsfedexternaldomainfederation-delete?view=graph-rest-1.0 operationId: directory.DeleteFederationConfigurations parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: identityProviderBase-id in: path description: The unique identifier of identityProviderBase required: true schema: type: string x-ms-docs-key-type: identityProviderBase /directory/federationConfigurations/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.identityProviderBase summary: Microsoft Graph Get the number of the resource operationId: directory.federationConfigurations.GetCount-1592 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/federationConfigurations/availableProviderTypes(): description: Provides operations to call the availableProviderTypes method. get: tags: - directory.identityProviderBase summary: Microsoft Graph Invoke function availableProviderTypes description: Get all identity providers supported in a directory. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/identityproviderbase-availableprovidertypes?view=graph-rest-1.0 operationId: directory.federationConfigurations.availableProviderTypes parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directory/onPremisesSynchronization: description: >- Provides operations to manage the onPremisesSynchronization property of the microsoft.graph.directory entity. get: tags: - directory.onPremisesDirectorySynchronization summary: Microsoft Graph Get onPremisesDirectorySynchronization description: >- Read the properties and relationships of an onPremisesDirectorySynchronization object. operationId: directory.ListOnPremisesSynchronization parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.onPremisesDirectorySynchronizationCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.onPremisesDirectorySynchronization summary: >- Microsoft Graph Create new navigation property to onPremisesSynchronization for directory operationId: directory.CreateOnPremisesSynchronization requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.onPremisesDirectorySynchronization required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.onPremisesDirectorySynchronization 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/onPremisesSynchronization/{onPremisesDirectorySynchronization-id}: description: >- Provides operations to manage the onPremisesSynchronization property of the microsoft.graph.directory entity. get: tags: - directory.onPremisesDirectorySynchronization summary: Microsoft Graph Get onPremisesDirectorySynchronization description: >- Read the properties and relationships of an onPremisesDirectorySynchronization object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/onpremisesdirectorysynchronization-get?view=graph-rest-1.0 operationId: directory.GetOnPremisesSynchronization parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.onPremisesDirectorySynchronization 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.onPremisesDirectorySynchronization summary: Microsoft Graph Update onPremisesDirectorySynchronization description: Update the properties of an onPremisesDirectorySynchronization object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/onpremisesdirectorysynchronization-update?view=graph-rest-1.0 operationId: directory.UpdateOnPremisesSynchronization requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.onPremisesDirectorySynchronization required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.onPremisesDirectorySynchronization 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.onPremisesDirectorySynchronization summary: Microsoft Graph Delete navigation property onPremisesSynchronization for directory operationId: directory.DeleteOnPremisesSynchronization parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: onPremisesDirectorySynchronization-id in: path description: The unique identifier of onPremisesDirectorySynchronization required: true schema: type: string x-ms-docs-key-type: onPremisesDirectorySynchronization /directory/onPremisesSynchronization/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.onPremisesDirectorySynchronization summary: Microsoft Graph Get the number of the resource operationId: directory.onPremisesSynchronization.GetCount-df9d parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/publicKeyInfrastructure: description: >- Provides operations to manage the publicKeyInfrastructure property of the microsoft.graph.directory entity. get: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Get publicKeyInfrastructure from directory description: >- The collection of public key infrastructure instances for the certificate-based authentication feature for users in a Microsoft Entra tenant. operationId: directory.GetPublicKeyInfrastructure parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.publicKeyInfrastructureRoot 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Update the navigation property publicKeyInfrastructure in directory operationId: directory.UpdatePublicKeyInfrastructure requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.publicKeyInfrastructureRoot' required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.publicKeyInfrastructureRoot 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Delete navigation property publicKeyInfrastructure for directory operationId: directory.DeletePublicKeyInfrastructure parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations: description: >- Provides operations to manage the certificateBasedAuthConfigurations property of the microsoft.graph.publicKeyInfrastructureRoot entity. get: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph List certificateBasedAuthPki objects description: Get a list of the certificateBasedAuthPki objects and their properties. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/publickeyinfrastructureroot-list-certificatebasedauthconfigurations?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure.ListCertificateBasedAuthConfigurations parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.certificateBasedAuthPkiCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Create certificateBasedAuthPki description: Create a new certificateBasedAuthPki object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/publickeyinfrastructureroot-post-certificatebasedauthconfigurations?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.CreateCertificateBasedAuthConfigurations requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}: description: >- Provides operations to manage the certificateBasedAuthConfigurations property of the microsoft.graph.publicKeyInfrastructureRoot entity. get: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Get certificateBasedAuthPki description: >- Read the properties and relationships of a certificateBasedAuthPki object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/certificatebasedauthpki-get?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure.GetCertificateBasedAuthConfigurations parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Update certificateBasedAuthPki description: Update the properties of a certificateBasedAuthPki object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/certificatebasedauthpki-update?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.UpdateCertificateBasedAuthConfigurations requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Delete certificateBasedAuthPki description: Delete a certificateBasedAuthPki object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/publickeyinfrastructureroot-delete-certificatebasedauthconfigurations?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.DeleteCertificateBasedAuthConfigurations parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true schema: type: string x-ms-docs-key-type: certificateBasedAuthPki /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/certificateAuthorities: description: >- Provides operations to manage the certificateAuthorities property of the microsoft.graph.certificateBasedAuthPki entity. get: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph List certificateAuthorityDetail objects description: >- Get a list of the certificateAuthorityDetail objects and their properties. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/certificatebasedauthpki-list-certificateauthorities?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.ListCertificateAuthorities parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.certificateAuthorityDetailCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Create certificateAuthorityDetail description: Create a new certificateAuthorityDetail object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/certificatebasedauthpki-post-certificateauthorities?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.CreateCertificateAuthorities requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.certificateAuthorityDetail 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true schema: type: string x-ms-docs-key-type: certificateBasedAuthPki ? /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/certificateAuthorities/{certificateAuthorityDetail-id} : description: >- Provides operations to manage the certificateAuthorities property of the microsoft.graph.certificateBasedAuthPki entity. get: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Get certificateAuthorities from directory description: >- The collection of certificate authorities contained in this public key infrastructure resource. operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.GetCertificateAuthorities parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.certificateAuthorityDetail 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Update certificateAuthorityDetail externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/certificateauthoritydetail-update?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.UpdateCertificateAuthorities requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.certificateAuthorityDetail 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Delete certificateAuthorityDetail description: Delete a certificateAuthorityDetail object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/certificatebasedauthpki-delete-certificateauthorities?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.DeleteCertificateAuthorities parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - name: certificateAuthorityDetail-id in: path description: The unique identifier of certificateAuthorityDetail required: true schema: type: string x-ms-docs-key-type: certificateAuthorityDetail ? /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/certificateAuthorities/$count : description: Provides operations to count the resources in the collection. get: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Get the number of the resource operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.certificateAuthorities.GetCount-8126 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true schema: type: string x-ms-docs-key-type: certificateBasedAuthPki /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/upload: description: Provides operations to call the upload method. post: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Invoke action upload description: >- Append additional certificate authority details to a certificateBasedAuthPki resource. Only one operation can run at a time and this operation can take up to 30 minutes to complete. To know whether another upload is in progress, call the Get certificateBasedAuthPki. The status property will have the value running. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/certificatebasedauthpki-upload?view=graph-rest-1.0 operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.certificateBasedAuthPki.upload requestBody: description: Action parameters content: application/json: schema: type: object properties: uploadUrl: type: string sha256FileHash: type: string required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true schema: type: string x-ms-docs-key-type: certificateBasedAuthPki /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.publicKeyInfrastructureRoot summary: Microsoft Graph Get the number of the resource operationId: >- directory.publicKeyInfrastructure.certificateBasedAuthConfigurations.GetCount-4154 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directory/subscriptions: description: >- Provides operations to manage the subscriptions property of the microsoft.graph.directory entity. get: tags: - directory.companySubscription summary: Microsoft Graph List subscriptions description: Get the list of commercial subscriptions that an organization acquired. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-list-subscriptions?view=graph-rest-1.0 operationId: directory.ListSubscriptions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.companySubscriptionCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.companySubscription summary: Microsoft Graph Create new navigation property to subscriptions for directory operationId: directory.CreateSubscriptions requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/subscriptions/{companySubscription-id}: description: >- Provides operations to manage the subscriptions property of the microsoft.graph.directory entity. get: tags: - directory.companySubscription summary: Microsoft Graph Get companySubscription description: Get a specific commercial subscription that an organization acquired. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/companysubscription-get?view=graph-rest-1.0 operationId: directory.GetSubscriptions parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.companySubscription summary: Microsoft Graph Update the navigation property subscriptions in directory operationId: directory.UpdateSubscriptions requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.companySubscription summary: Microsoft Graph Delete navigation property subscriptions for directory operationId: directory.DeleteSubscriptions parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: companySubscription-id in: path description: The unique identifier of companySubscription required: true schema: type: string x-ms-docs-key-type: companySubscription x-ms-docs-grouped-path: - >- /directory/subscriptions(commerceSubscriptionId='{commerceSubscriptionId}') /directory/subscriptions(commerceSubscriptionId='{commerceSubscriptionId}'): description: >- Provides operations to manage the subscriptions property of the microsoft.graph.directory entity. get: tags: - directory.companySubscription summary: Microsoft Graph Get companySubscription description: Get a specific commercial subscription that an organization acquired. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/companysubscription-get?view=graph-rest-1.0 operationId: directory.subscriptions.GetByCommerceSubscriptionId parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.companySubscription summary: Microsoft Graph Update the navigation property subscriptions in directory operationId: directory.subscriptions.UpdateByCommerceSubscriptionId requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.companySubscription' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.companySubscription summary: Microsoft Graph Delete navigation property subscriptions for directory operationId: directory.subscriptions.DeleteByCommerceSubscriptionId parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: commerceSubscriptionId in: path description: Alternate key of companySubscription required: true schema: type: string nullable: true x-ms-docs-grouped-path: - /directory/subscriptions/{companySubscription-id} /directory/subscriptions/$count: description: Provides operations to count the resources in the collection. get: tags: - directory.companySubscription summary: Microsoft Graph Get the number of the resource operationId: directory.subscriptions.GetCount-06e4 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directoryObjects: description: Provides operations to manage the collection of directoryObject entities. get: tags: - directoryObjects.directoryObject summary: Microsoft Graph Get entities from directoryObjects operationId: directoryObjects.directoryObject.ListDirectoryObject parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directoryObjects.directoryObject summary: Microsoft Graph Add new entity to directoryObjects operationId: directoryObjects.directoryObject.CreateDirectoryObject requestBody: description: New entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' required: true responses: 2XX: description: Created entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directoryObjects/{directoryObject-id}: description: Provides operations to manage the collection of directoryObject entities. get: tags: - directoryObjects.directoryObject summary: Microsoft Graph Get directoryObject description: Retrieve the properties and relationships of a directoryObject object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-get?view=graph-rest-1.0 operationId: directoryObjects.directoryObject.GetDirectoryObject parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directoryObjects.directoryObject summary: Microsoft Graph Update entity in directoryObjects operationId: directoryObjects.directoryObject.UpdateDirectoryObject requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directoryObjects.directoryObject summary: Microsoft Graph Delete directoryObject description: >- Delete a directory object, for example, a group, user, application, or service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-delete?view=graph-rest-1.0 operationId: directoryObjects.directoryObject.DeleteDirectoryObject parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryObjects/{directoryObject-id}/checkMemberGroups: description: Provides operations to call the checkMemberGroups method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action checkMemberGroups description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 operationId: directoryObjects.directoryObject.checkMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: groupIds: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryObjects/{directoryObject-id}/checkMemberObjects: description: Provides operations to call the checkMemberObjects method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action checkMemberObjects operationId: directoryObjects.directoryObject.checkMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryObjects/{directoryObject-id}/getMemberGroups: description: Provides operations to call the getMemberGroups method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action getMemberGroups description: >- Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmembergroups?view=graph-rest-1.0 operationId: directoryObjects.directoryObject.getMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryObjects/{directoryObject-id}/getMemberObjects: description: Provides operations to call the getMemberObjects method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action getMemberObjects description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 operationId: directoryObjects.directoryObject.getMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryObjects/{directoryObject-id}/restore: description: Provides operations to call the restore method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action restore description: "Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user If an item is accidentally deleted, you can fully restore the item. Additionally, restoring an application doesn't automatically restore the associated service principal automatically. You must call this API to explicitly restore the deleted service principal. A recently deleted item remains available for up to 30 days. After 30 days, the item is permanently deleted." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-restore?view=graph-rest-1.0 operationId: directoryObjects.directoryObject.restore responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryObjects/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryObjects.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryObjects.GetCount-3210 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directoryObjects/delta(): description: Provides operations to call the delta method. get: tags: - directoryObjects.directoryObject.Functions summary: Microsoft Graph Invoke function delta description: >- Get newly created, updated, or deleted directory objects without performing a full read of the entire directoryObject collection. For more information, see Use delta query to track changes in Microsoft Graph data for details. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-delta?view=graph-rest-1.0 operationId: directoryObjects.delta parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseDeltaFunctionResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryObjects/getAvailableExtensionProperties: description: Provides operations to call the getAvailableExtensionProperties method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action getAvailableExtensionProperties description: >- Return all directory extension definitions that are registered in a directory, including through multitenant apps. The following entities support extension properties: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getavailableextensionproperties?view=graph-rest-1.0 operationId: directoryObjects.getAvailableExtensionProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: isSyncedFromOnPremises: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of extensionProperty type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.extensionProperty 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryObjects/getByIds: description: Provides operations to call the getByIds method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action getByIds description: >- Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getbyids?view=graph-rest-1.0 operationId: directoryObjects.getByIds requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string types: type: array items: type: string nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryObjects/validateProperties: description: Provides operations to call the validateProperties method. post: tags: - directoryObjects.directoryObject.Actions summary: Microsoft Graph Invoke action validateProperties description: "Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:\r\n1. Validate the prefix and suffix naming policy\r\n2. Validate the custom banned words policy\r\n3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-validateproperties?view=graph-rest-1.0 operationId: directoryObjects.validateProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: entityType: type: string nullable: true displayName: type: string nullable: true mailNickname: type: string nullable: true onBehalfOfUserId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid nullable: true required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action /directoryRoles: description: Provides operations to manage the collection of directoryRole entities. get: tags: - directoryRoles.directoryRole summary: Microsoft Graph List directoryRoles description: >- List the directory roles that are activated in the tenant. This operation only returns roles that have been activated. A role becomes activated when an admin activates the role using the Activate directoryRole API. Not all built-in roles are initially activated. When assigning a role using the Microsoft Entra admin center, the role activation step is implicitly done on the admin's behalf. To get the full list of roles that are available in Microsoft Entra ID, use List directoryRoleTemplates. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-list?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.ListDirectoryRole parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryRoleCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directoryRoles.directoryRole summary: Microsoft Graph Activate directoryRole description: >- Activate a directory role. To read a directory role or update its members, it must first be activated in the tenant. The Company Administrators and the implicit user directory roles (User, Guest User, and Restricted Guest User roles) are activated by default. To access and assign members to other directory roles, you must first activate it with its corresponding directory role template ID. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-post-directoryroles?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.CreateDirectoryRole requestBody: description: New entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' required: true responses: 2XX: description: Created entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directoryRoles/{directoryRole-id}: description: Provides operations to manage the collection of directoryRole entities. get: tags: - directoryRoles.directoryRole summary: Microsoft Graph Get directoryRole description: >- Retrieve the properties of a directoryRole object. The role must be activated in tenant for a successful response. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-get?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.GetDirectoryRole parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directoryRoles.directoryRole summary: Microsoft Graph Update entity in directoryRoles operationId: directoryRoles.directoryRole.UpdateDirectoryRole requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directoryRoles.directoryRole summary: Microsoft Graph Delete entity from directoryRoles operationId: directoryRoles.directoryRole.DeleteDirectoryRole parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members: description: >- Provides operations to manage the members property of the microsoft.graph.directoryRole entity. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph List members of a directory role description: >- Retrieve the list of principals that are assigned to the directory role. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-list-members?view=graph-rest-1.0 operationId: directoryRoles.ListMembers parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/{directoryObject-id}/$ref: description: Provides operations to manage the collection of directoryRole entities. delete: tags: - directoryRoles.directoryObject summary: Microsoft Graph Remove directory role member description: >- Remove a member from a directoryRole. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-delete-member?view=graph-rest-1.0 operationId: directoryRoles.members.DeleteRefDirectoryObject parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryRoles/{directoryRole-id}/members/{directoryObject-id}/graph.application: description: Casts the previous resource to application. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.application operationId: directoryRoles.GetMembers.AsApplication parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.application' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryRoles/{directoryRole-id}/members/{directoryObject-id}/graph.device: description: Casts the previous resource to device. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.device operationId: directoryRoles.GetMembers.AsDevice parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.device' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryRoles/{directoryRole-id}/members/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.group operationId: directoryRoles.GetMembers.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryRoles/{directoryRole-id}/members/{directoryObject-id}/graph.orgContact: description: Casts the previous resource to orgContact. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact operationId: directoryRoles.GetMembers.AsOrgContact parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.orgContact' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryRoles/{directoryRole-id}/members/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: directoryRoles.GetMembers.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryRoles/{directoryRole-id}/members/{directoryObject-id}/graph.user: description: Casts the previous resource to user. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.user operationId: directoryRoles.GetMembers.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.user' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /directoryRoles/{directoryRole-id}/members/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.members.GetCount-5361 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/$ref: description: Provides operations to manage the collection of directoryRole entities. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph List members of a directory role description: >- Retrieve the list of principals that are assigned to the directory role. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-list-members?view=graph-rest-1.0 operationId: directoryRoles.ListRefMembers parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directoryRoles.directoryObject summary: Microsoft Graph Add directory role member description: >- Create a new directory role member. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-post-members?view=graph-rest-1.0 operationId: directoryRoles.CreateRefMembers requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directoryRoles.directoryObject summary: Microsoft Graph Remove directory role member description: >- Remove a member from a directoryRole. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-delete-member?view=graph-rest-1.0 operationId: directoryRoles.DeleteRefMembers parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.application: description: Casts the previous resource to application. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.application in the microsoft.graph.directoryObject collection operationId: directoryRoles.ListMembers.AsApplication parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.applicationCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.application/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.Members.GetCount.AsApplication-290c parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.device: description: Casts the previous resource to device. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.device in the microsoft.graph.directoryObject collection operationId: directoryRoles.ListMembers.AsDevice parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.deviceCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.device/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.Members.GetCount.AsDevice-e712 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.group: description: Casts the previous resource to group. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.group in the microsoft.graph.directoryObject collection operationId: directoryRoles.ListMembers.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.Members.GetCount.AsGroup-b36f parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.orgContact: description: Casts the previous resource to orgContact. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.orgContact in the microsoft.graph.directoryObject collection operationId: directoryRoles.ListMembers.AsOrgContact parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.orgContactCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.orgContact/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.Members.GetCount.AsOrgContact-3e36 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: directoryRoles.ListMembers.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.Members.GetCount.AsServicePrincipal-b8f5 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.user: description: Casts the previous resource to user. get: tags: - directoryRoles.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.user in the microsoft.graph.directoryObject collection operationId: directoryRoles.ListMembers.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.userCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/members/graph.user/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryObject summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.Members.GetCount.AsUser-af1f parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/checkMemberGroups: description: Provides operations to call the checkMemberGroups method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action checkMemberGroups description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.checkMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: groupIds: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/checkMemberObjects: description: Provides operations to call the checkMemberObjects method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action checkMemberObjects operationId: directoryRoles.directoryRole.checkMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/getMemberGroups: description: Provides operations to call the getMemberGroups method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action getMemberGroups description: >- Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmembergroups?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.getMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/getMemberObjects: description: Provides operations to call the getMemberObjects method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action getMemberObjects description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.getMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/restore: description: Provides operations to call the restore method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action restore description: "Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user If an item is accidentally deleted, you can fully restore the item. Additionally, restoring an application doesn't automatically restore the associated service principal automatically. You must call this API to explicitly restore the deleted service principal. A recently deleted item remains available for up to 30 days. After 30 days, the item is permanently deleted." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-restore?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.restore responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/scopedMembers: description: >- Provides operations to manage the scopedMembers property of the microsoft.graph.directoryRole entity. get: tags: - directoryRoles.scopedRoleMembership summary: Microsoft Graph List scopedMembers for a directory role description: Retrieve a list of scopedRoleMembership objects for a directory role. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-list-scopedmembers?view=graph-rest-1.0 operationId: directoryRoles.ListScopedMembers parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.scopedRoleMembershipCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directoryRoles.scopedRoleMembership summary: Microsoft Graph Create new navigation property to scopedMembers for directoryRoles operationId: directoryRoles.CreateScopedMembers requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles/{directoryRole-id}/scopedMembers/{scopedRoleMembership-id}: description: >- Provides operations to manage the scopedMembers property of the microsoft.graph.directoryRole entity. get: tags: - directoryRoles.scopedRoleMembership summary: Microsoft Graph Get scopedMembers from directoryRoles description: >- Members of this directory role that are scoped to administrative units. Read-only. Nullable. operationId: directoryRoles.GetScopedMembers parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directoryRoles.scopedRoleMembership summary: Microsoft Graph Update the navigation property scopedMembers in directoryRoles operationId: directoryRoles.UpdateScopedMembers requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directoryRoles.scopedRoleMembership summary: Microsoft Graph Delete navigation property scopedMembers for directoryRoles operationId: directoryRoles.DeleteScopedMembers parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole - name: scopedRoleMembership-id in: path description: The unique identifier of scopedRoleMembership required: true schema: type: string x-ms-docs-key-type: scopedRoleMembership /directoryRoles/{directoryRole-id}/scopedMembers/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.scopedRoleMembership summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.scopedMembers.GetCount-b2b2 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: directoryRole-id in: path description: The unique identifier of directoryRole required: true schema: type: string x-ms-docs-key-type: directoryRole /directoryRoles(roleTemplateId='{roleTemplateId}'): description: Provides operations to manage the collection of directoryRole entities. get: tags: - directoryRoles.directoryRole summary: Microsoft Graph Get directoryRole description: >- Retrieve the properties of a directoryRole object. The role must be activated in tenant for a successful response. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-get?view=graph-rest-1.0 operationId: directoryRoles.directoryRole.GetDirectoryRoleByRoleTemplateId parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directoryRoles.directoryRole summary: Microsoft Graph Update entity in directoryRoles by roleTemplateId operationId: directoryRoles.directoryRole.UpdateDirectoryRoleByRoleTemplateId requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directoryRoles.directoryRole summary: Microsoft Graph Delete entity from directoryRoles by roleTemplateId operationId: directoryRoles.directoryRole.DeleteDirectoryRoleByRoleTemplateId parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: roleTemplateId in: path description: Alternate key of directoryRole required: true schema: type: string nullable: true /directoryRoles/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoles.directoryRole summary: Microsoft Graph Get the number of the resource operationId: directoryRoles.GetCount-ad68 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directoryRoles/delta(): description: Provides operations to call the delta method. get: tags: - directoryRoles.directoryRole.Functions summary: Microsoft Graph Invoke function delta description: >- Get newly created, updated, or deleted directory roles without having to perform a full read of the entire resource collection. For more information, see Use delta query to track changes in Microsoft Graph data for details. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryrole-delta?view=graph-rest-1.0 operationId: directoryRoles.delta parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryRole type: object allOf: - $ref: '#/components/schemas/BaseDeltaFunctionResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-grouped-path: - /directoryRoles/delta() /directoryRoles/getAvailableExtensionProperties: description: Provides operations to call the getAvailableExtensionProperties method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action getAvailableExtensionProperties description: >- Return all directory extension definitions that are registered in a directory, including through multitenant apps. The following entities support extension properties: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getavailableextensionproperties?view=graph-rest-1.0 operationId: directoryRoles.getAvailableExtensionProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: isSyncedFromOnPremises: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of extensionProperty type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.extensionProperty 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryRoles/getByIds: description: Provides operations to call the getByIds method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action getByIds description: >- Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getbyids?view=graph-rest-1.0 operationId: directoryRoles.getByIds requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string types: type: array items: type: string nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryRoles/validateProperties: description: Provides operations to call the validateProperties method. post: tags: - directoryRoles.directoryRole.Actions summary: Microsoft Graph Invoke action validateProperties description: "Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:\r\n1. Validate the prefix and suffix naming policy\r\n2. Validate the custom banned words policy\r\n3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-validateproperties?view=graph-rest-1.0 operationId: directoryRoles.validateProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: entityType: type: string nullable: true displayName: type: string nullable: true mailNickname: type: string nullable: true onBehalfOfUserId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid nullable: true required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action /directoryRoleTemplates: description: >- Provides operations to manage the collection of directoryRoleTemplate entities. get: tags: - directoryRoleTemplates.directoryRoleTemplate summary: Microsoft Graph List directoryRoleTemplates description: Retrieve a list of directoryRoleTemplate objects. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryroletemplate-list?view=graph-rest-1.0 operationId: directoryRoleTemplates.directoryRoleTemplate.ListDirectoryRoleTemplate parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryRoleTemplateCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directoryRoleTemplates.directoryRoleTemplate summary: Microsoft Graph Add new entity to directoryRoleTemplates operationId: directoryRoleTemplates.directoryRoleTemplate.CreateDirectoryRoleTemplate requestBody: description: New entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRoleTemplate' required: true responses: 2XX: description: Created entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRoleTemplate' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directoryRoleTemplates/{directoryRoleTemplate-id}: description: >- Provides operations to manage the collection of directoryRoleTemplate entities. get: tags: - directoryRoleTemplates.directoryRoleTemplate summary: Microsoft Graph Get directoryRoleTemplate description: >- Retrieve the properties and relationships of a directoryroletemplate object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryroletemplate-get?view=graph-rest-1.0 operationId: directoryRoleTemplates.directoryRoleTemplate.GetDirectoryRoleTemplate parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRoleTemplate' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directoryRoleTemplates.directoryRoleTemplate summary: Microsoft Graph Update entity in directoryRoleTemplates operationId: directoryRoleTemplates.directoryRoleTemplate.UpdateDirectoryRoleTemplate requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRoleTemplate' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRoleTemplate' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directoryRoleTemplates.directoryRoleTemplate summary: Microsoft Graph Delete entity from directoryRoleTemplates operationId: directoryRoleTemplates.directoryRoleTemplate.DeleteDirectoryRoleTemplate parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: directoryRoleTemplate-id in: path description: The unique identifier of directoryRoleTemplate required: true schema: type: string x-ms-docs-key-type: directoryRoleTemplate /directoryRoleTemplates/{directoryRoleTemplate-id}/checkMemberGroups: description: Provides operations to call the checkMemberGroups method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action checkMemberGroups description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 operationId: directoryRoleTemplates.directoryRoleTemplate.checkMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: groupIds: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRoleTemplate-id in: path description: The unique identifier of directoryRoleTemplate required: true schema: type: string x-ms-docs-key-type: directoryRoleTemplate /directoryRoleTemplates/{directoryRoleTemplate-id}/checkMemberObjects: description: Provides operations to call the checkMemberObjects method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action checkMemberObjects operationId: directoryRoleTemplates.directoryRoleTemplate.checkMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRoleTemplate-id in: path description: The unique identifier of directoryRoleTemplate required: true schema: type: string x-ms-docs-key-type: directoryRoleTemplate /directoryRoleTemplates/{directoryRoleTemplate-id}/getMemberGroups: description: Provides operations to call the getMemberGroups method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action getMemberGroups description: >- Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmembergroups?view=graph-rest-1.0 operationId: directoryRoleTemplates.directoryRoleTemplate.getMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRoleTemplate-id in: path description: The unique identifier of directoryRoleTemplate required: true schema: type: string x-ms-docs-key-type: directoryRoleTemplate /directoryRoleTemplates/{directoryRoleTemplate-id}/getMemberObjects: description: Provides operations to call the getMemberObjects method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action getMemberObjects description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 operationId: directoryRoleTemplates.directoryRoleTemplate.getMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: directoryRoleTemplate-id in: path description: The unique identifier of directoryRoleTemplate required: true schema: type: string x-ms-docs-key-type: directoryRoleTemplate /directoryRoleTemplates/{directoryRoleTemplate-id}/restore: description: Provides operations to call the restore method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action restore description: "Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user If an item is accidentally deleted, you can fully restore the item. Additionally, restoring an application doesn't automatically restore the associated service principal automatically. You must call this API to explicitly restore the deleted service principal. A recently deleted item remains available for up to 30 days. After 30 days, the item is permanently deleted." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-restore?view=graph-rest-1.0 operationId: directoryRoleTemplates.directoryRoleTemplate.restore responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: directoryRoleTemplate-id in: path description: The unique identifier of directoryRoleTemplate required: true schema: type: string x-ms-docs-key-type: directoryRoleTemplate /directoryRoleTemplates/$count: description: Provides operations to count the resources in the collection. get: tags: - directoryRoleTemplates.directoryRoleTemplate summary: Microsoft Graph Get the number of the resource operationId: directoryRoleTemplates.GetCount-ed85 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /directoryRoleTemplates/delta(): description: Provides operations to call the delta method. get: tags: - directoryRoleTemplates.directoryRoleTemplate.Functions summary: Microsoft Graph Invoke function delta description: >- Get newly created, updated, or deleted directory objects without performing a full read of the entire directoryObject collection. For more information, see Use delta query to track changes in Microsoft Graph data for details. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-delta?view=graph-rest-1.0 operationId: directoryRoleTemplates.delta parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseDeltaFunctionResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryRoleTemplates/getAvailableExtensionProperties: description: Provides operations to call the getAvailableExtensionProperties method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action getAvailableExtensionProperties description: >- Return all directory extension definitions that are registered in a directory, including through multitenant apps. The following entities support extension properties: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getavailableextensionproperties?view=graph-rest-1.0 operationId: directoryRoleTemplates.getAvailableExtensionProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: isSyncedFromOnPremises: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of extensionProperty type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.extensionProperty 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryRoleTemplates/getByIds: description: Provides operations to call the getByIds method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action getByIds description: >- Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getbyids?view=graph-rest-1.0 operationId: directoryRoleTemplates.getByIds requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string types: type: array items: type: string nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryRoleTemplates/validateProperties: description: Provides operations to call the validateProperties method. post: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Microsoft Graph Invoke action validateProperties description: "Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:\r\n1. Validate the prefix and suffix naming policy\r\n2. Validate the custom banned words policy\r\n3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-validateproperties?view=graph-rest-1.0 operationId: directoryRoleTemplates.validateProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: entityType: type: string nullable: true displayName: type: string nullable: true mailNickname: type: string nullable: true onBehalfOfUserId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid nullable: true required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action /roleManagement/directory: description: >- Provides operations to manage the directory property of the microsoft.graph.roleManagement entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directory from roleManagement operationId: roleManagement.GetDirectory parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.rbacApplication' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update the navigation property directory in roleManagement operationId: roleManagement.UpdateDirectory requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.rbacApplication' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.rbacApplication' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete navigation property directory for roleManagement operationId: roleManagement.DeleteDirectory parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /roleManagement/directory/resourceNamespaces: description: >- Provides operations to manage the resourceNamespaces property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get resourceNamespaces from roleManagement operationId: roleManagement.directory.ListResourceNamespaces parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRbacResourceNamespaceCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Create new navigation property to resourceNamespaces for roleManagement operationId: roleManagement.directory.CreateResourceNamespaces requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRbacResourceNamespace required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRbacResourceNamespace 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/resourceNamespaces /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}: description: >- Provides operations to manage the resourceNamespaces property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get resourceNamespaces from roleManagement operationId: roleManagement.directory.GetResourceNamespaces parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRbacResourceNamespace 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update the navigation property resourceNamespaces in roleManagement operationId: roleManagement.directory.UpdateResourceNamespaces requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRbacResourceNamespace required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRbacResourceNamespace 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete navigation property resourceNamespaces for roleManagement operationId: roleManagement.directory.DeleteResourceNamespaces parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRbacResourceNamespace-id in: path description: The unique identifier of unifiedRbacResourceNamespace required: true schema: type: string x-ms-docs-key-type: unifiedRbacResourceNamespace x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id} /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions: description: >- Provides operations to manage the resourceActions property of the microsoft.graph.unifiedRbacResourceNamespace entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get resourceActions from roleManagement operationId: roleManagement.directory.resourceNamespaces.ListResourceActions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRbacResourceActionCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Create new navigation property to resourceActions for roleManagement operationId: roleManagement.directory.resourceNamespaces.CreateResourceActions requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRbacResourceAction' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRbacResourceAction' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRbacResourceNamespace-id in: path description: The unique identifier of unifiedRbacResourceNamespace required: true schema: type: string x-ms-docs-key-type: unifiedRbacResourceNamespace x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions ? /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id} : description: >- Provides operations to manage the resourceActions property of the microsoft.graph.unifiedRbacResourceNamespace entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get resourceActions from roleManagement operationId: roleManagement.directory.resourceNamespaces.GetResourceActions parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRbacResourceAction' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update the navigation property resourceActions in roleManagement operationId: roleManagement.directory.resourceNamespaces.UpdateResourceActions requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRbacResourceAction' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRbacResourceAction' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete navigation property resourceActions for roleManagement operationId: roleManagement.directory.resourceNamespaces.DeleteResourceActions parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRbacResourceNamespace-id in: path description: The unique identifier of unifiedRbacResourceNamespace required: true schema: type: string x-ms-docs-key-type: unifiedRbacResourceNamespace - name: unifiedRbacResourceAction-id in: path description: The unique identifier of unifiedRbacResourceAction required: true schema: type: string x-ms-docs-key-type: unifiedRbacResourceAction x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/{unifiedRbacResourceAction-id} /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespace-id}/resourceActions/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: >- roleManagement.directory.resourceNamespaces.resourceActions.GetCount-1b0d parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: unifiedRbacResourceNamespace-id in: path description: The unique identifier of unifiedRbacResourceNamespace required: true schema: type: string x-ms-docs-key-type: unifiedRbacResourceNamespace /roleManagement/directory/resourceNamespaces/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.resourceNamespaces.GetCount-2247 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleAssignments: description: >- Provides operations to manage the roleAssignments property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List unifiedRoleAssignments description: "Get a list of unifiedRoleAssignment objects for the RBAC provider. The following RBAC providers are currently supported:\r\n- directory (Microsoft Entra ID)\r\n- entitlement management (Microsoft Entra entitlement management)" externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roleassignments?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleAssignments parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleAssignmentCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Create unifiedRoleAssignment description: Create a new unifiedRoleAssignment object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-post-roleassignments?view=graph-rest-1.0 operationId: roleManagement.directory.CreateRoleAssignments requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleAssignment' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleAssignments /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}: description: >- Provides operations to manage the roleAssignments property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleAssignment description: >- Retrieve the properties and relationships of a unifiedRoleAssignment object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignment-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleAssignments parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update the navigation property roleAssignments in roleManagement operationId: roleManagement.directory.UpdateRoleAssignments requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleAssignment' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete unifiedRoleAssignment description: Delete a unifiedRoleAssignment object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignment-delete?view=graph-rest-1.0 operationId: roleManagement.directory.DeleteRoleAssignments parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignment-id in: path description: The unique identifier of unifiedRoleAssignment required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignment x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id} /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/appScope: description: >- Provides operations to manage the appScope property of the microsoft.graph.unifiedRoleAssignment entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get appScope from roleManagement description: >- Read-only property with details of the app specific scope when the assignment scope is app specific. Containment entity. Supports $expand for the entitlement provider only. operationId: roleManagement.directory.roleAssignments.GetAppScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update the navigation property appScope in roleManagement operationId: roleManagement.directory.roleAssignments.UpdateAppScope requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete navigation property appScope for roleManagement operationId: roleManagement.directory.roleAssignments.DeleteAppScope parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignment-id in: path description: The unique identifier of unifiedRoleAssignment required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignment x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/appScope /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleAssignment entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment. Read-only. Supports $expand for the directory provider. operationId: roleManagement.directory.roleAssignments.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignment-id in: path description: The unique identifier of unifiedRoleAssignment required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignment x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/directoryScope /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/principal: description: >- Provides operations to manage the principal property of the microsoft.graph.unifiedRoleAssignment entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get principal from roleManagement description: >- Referencing the assigned principal. Read-only. Supports $expand except for the Exchange provider. operationId: roleManagement.directory.roleAssignments.GetPrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignment-id in: path description: The unique identifier of unifiedRoleAssignment required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignment x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/principal /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition: description: >- Provides operations to manage the roleDefinition property of the microsoft.graph.unifiedRoleAssignment entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get roleDefinition from roleManagement description: The roleDefinition the assignment is for. Supports $expand. operationId: roleManagement.directory.roleAssignments.GetRoleDefinition parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignment-id in: path description: The unique identifier of unifiedRoleAssignment required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignment x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/roleDefinition /roleManagement/directory/roleAssignments/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleAssignments.GetCount-bd5b parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleAssignmentScheduleInstances: description: >- Provides operations to manage the roleAssignmentScheduleInstances property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List roleAssignmentScheduleInstances description: >- Get the instances of active role assignments in your tenant. The active assignments include those made through assignments and activation requests, and directly through the role assignments API. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roleassignmentscheduleinstances?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleAssignmentScheduleInstances parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleAssignmentScheduleInstanceCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Create new navigation property to roleAssignmentScheduleInstances for roleManagement operationId: roleManagement.directory.CreateRoleAssignmentScheduleInstances requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleInstance required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleAssignmentScheduleInstances /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}: description: >- Provides operations to manage the roleAssignmentScheduleInstances property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleAssignmentScheduleInstance description: Get the instance of an active role assignment. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignmentscheduleinstance-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleAssignmentScheduleInstances parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Update the navigation property roleAssignmentScheduleInstances in roleManagement operationId: roleManagement.directory.UpdateRoleAssignmentScheduleInstances requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleInstance required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Delete navigation property roleAssignmentScheduleInstances for roleManagement operationId: roleManagement.directory.DeleteRoleAssignmentScheduleInstances parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleInstance-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id} /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/activatedUsing: description: >- Provides operations to manage the activatedUsing property of the microsoft.graph.unifiedRoleAssignmentScheduleInstance entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get activatedUsing from roleManagement description: >- If the request is from an eligible administrator to activate a role, this parameter shows the related eligible assignment for that activation. Otherwise, it's null. Supports $expand and $select nested in $expand. operationId: >- roleManagement.directory.roleAssignmentScheduleInstances.GetActivatedUsing parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleInstance-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/activatedUsing /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/appScope: description: >- Provides operations to manage the appScope property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get appScope from roleManagement description: >- Read-only property with details of the app-specific scope when the assignment or role eligibility is scoped to an app. Nullable. operationId: roleManagement.directory.roleAssignmentScheduleInstances.GetAppScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleInstance-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/appScope - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/appScope - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/appScope /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment or role eligibility. Read-only. operationId: >- roleManagement.directory.roleAssignmentScheduleInstances.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleInstance-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/principal: description: >- Provides operations to manage the principal property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get principal from roleManagement description: >- The principal that's getting a role assignment or role eligibility through the request. operationId: roleManagement.directory.roleAssignmentScheduleInstances.GetPrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleInstance-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/principal - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/principal - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/principal /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/roleDefinition: description: >- Provides operations to manage the roleDefinition property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get roleDefinition from roleManagement description: >- Detailed information for the roleDefinition object that is referenced through the roleDefinitionId property. operationId: >- roleManagement.directory.roleAssignmentScheduleInstances.GetRoleDefinition parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleInstance-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/roleDefinition /roleManagement/directory/roleAssignmentScheduleInstances/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleAssignmentScheduleInstances.GetCount-e055 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}'): description: Provides operations to call the filterByCurrentUser method. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke function filterByCurrentUser description: Get the instances of active role assignments for the calling principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignmentscheduleinstance-filterbycurrentuser?view=graph-rest-1.0 operationId: >- roleManagement.directory.roleAssignmentScheduleInstances.filterByCurrentUser parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of unifiedRoleAssignmentScheduleInstance type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: 'on' in: path description: 'Usage: on=''{on}''' required: true schema: $ref: >- #/components/schemas/microsoft.graph.roleAssignmentScheduleInstanceFilterByCurrentUserOptions x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/filterByCurrentUser(on='{on}') /roleManagement/directory/roleAssignmentScheduleRequests: description: >- Provides operations to manage the roleAssignmentScheduleRequests property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List roleAssignmentScheduleRequests description: >- Retrieve the requests for active role assignments to principals. The active assignments include those made through assignments and activation requests, and directly through the role assignments API. The role assignments can be permanently active with or without an expiry date, or temporarily active after user activation of eligible assignments. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roleassignmentschedulerequests?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleAssignmentScheduleRequests parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleAssignmentScheduleRequestCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Create roleAssignmentScheduleRequests description: >- In PIM, carry out the following operations through the unifiedRoleAssignmentScheduleRequest object: To call this API to update, renew, and extend assignments for yourself, you must have multifactor authentication (MFA) enforced, and running the query in a session in which they were challenged for MFA. See Enable per-user Microsoft Entra multifactor authentication to secure sign-in events. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-post-roleassignmentschedulerequests?view=graph-rest-1.0 operationId: roleManagement.directory.CreateRoleAssignmentScheduleRequests requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleRequest required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleAssignmentScheduleRequests /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}: description: >- Provides operations to manage the roleAssignmentScheduleRequests property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleAssignmentScheduleRequest description: >- In PIM, read the details of a request for an active and persistent role assignment made through the unifiedRoleAssignmentScheduleRequest object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignmentschedulerequest-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleAssignmentScheduleRequests parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Update the navigation property roleAssignmentScheduleRequests in roleManagement operationId: roleManagement.directory.UpdateRoleAssignmentScheduleRequests requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleRequest required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Delete navigation property roleAssignmentScheduleRequests for roleManagement operationId: roleManagement.directory.DeleteRoleAssignmentScheduleRequests parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id} /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/activatedUsing: description: >- Provides operations to manage the activatedUsing property of the microsoft.graph.unifiedRoleAssignmentScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get activatedUsing from roleManagement description: >- If the request is from an eligible administrator to activate a role, this parameter will show the related eligible assignment for that activation. Otherwise, it's null. Supports $expand and $select nested in $expand. operationId: >- roleManagement.directory.roleAssignmentScheduleRequests.GetActivatedUsing parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/activatedUsing /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/appScope: description: >- Provides operations to manage the appScope property of the microsoft.graph.unifiedRoleAssignmentScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get appScope from roleManagement description: >- Read-only property with details of the app-specific scope when the assignment is scoped to an app. Nullable. Supports $expand. operationId: roleManagement.directory.roleAssignmentScheduleRequests.GetAppScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/appScope /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleAssignmentScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment. Read-only. Supports $expand. operationId: >- roleManagement.directory.roleAssignmentScheduleRequests.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel: description: Provides operations to call the cancel method. post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke action cancel description: >- Immediately cancel a unifiedRoleAssignmentScheduleRequest object that is in a Granted status, and have the system automatically delete the canceled request after 30 days. After calling this action, the status of the canceled unifiedRoleAssignmentScheduleRequest changes to Canceled. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignmentschedulerequest-cancel?view=graph-rest-1.0 operationId: >- roleManagement.directory.roleAssignmentScheduleRequests.unifiedRoleAssignmentScheduleRequest.cancel responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/principal: description: >- Provides operations to manage the principal property of the microsoft.graph.unifiedRoleAssignmentScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get principal from roleManagement description: >- The principal that's getting a role assignment through the request. Supports $expand and $select nested in $expand for id only. operationId: roleManagement.directory.roleAssignmentScheduleRequests.GetPrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/principal /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/roleDefinition: description: >- Provides operations to manage the roleDefinition property of the microsoft.graph.unifiedRoleAssignmentScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get roleDefinition from roleManagement description: >- Detailed information for the unifiedRoleDefinition object that is referenced through the roleDefinitionId property. Supports $expand and $select nested in $expand. operationId: >- roleManagement.directory.roleAssignmentScheduleRequests.GetRoleDefinition parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/roleDefinition /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/targetSchedule: description: >- Provides operations to manage the targetSchedule property of the microsoft.graph.unifiedRoleAssignmentScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get targetSchedule from roleManagement description: >- The schedule for an eligible role assignment that is referenced through the targetScheduleId property. Supports $expand and $select nested in $expand. operationId: >- roleManagement.directory.roleAssignmentScheduleRequests.GetTargetSchedule parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/targetSchedule /roleManagement/directory/roleAssignmentScheduleRequests/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleAssignmentScheduleRequests.GetCount-6fe6 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}'): description: Provides operations to call the filterByCurrentUser method. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke function filterByCurrentUser description: >- In PIM, retrieve the requests for active role assignments for a particular principal. The principal can be the creator or approver of the unifiedRoleAssignmentScheduleRequest object, or they can be the target of the assignment. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignmentschedulerequest-filterbycurrentuser?view=graph-rest-1.0 operationId: >- roleManagement.directory.roleAssignmentScheduleRequests.filterByCurrentUser parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of unifiedRoleAssignmentScheduleRequest type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: 'on' in: path description: 'Usage: on=''{on}''' required: true schema: $ref: >- #/components/schemas/microsoft.graph.roleAssignmentScheduleRequestFilterByCurrentUserOptions x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/filterByCurrentUser(on='{on}') /roleManagement/directory/roleAssignmentSchedules: description: >- Provides operations to manage the roleAssignmentSchedules property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List roleAssignmentSchedules description: Get the schedules for active role assignment operations. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roleassignmentschedules?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleAssignmentSchedules parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleAssignmentScheduleCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Create new navigation property to roleAssignmentSchedules for roleManagement operationId: roleManagement.directory.CreateRoleAssignmentSchedules requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleAssignmentSchedules /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}: description: >- Provides operations to manage the roleAssignmentSchedules property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleAssignmentSchedule description: Retrieve the schedule for an active role assignment operation. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignmentschedule-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleAssignmentSchedules parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update the navigation property roleAssignmentSchedules in roleManagement operationId: roleManagement.directory.UpdateRoleAssignmentSchedules requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete navigation property roleAssignmentSchedules for roleManagement operationId: roleManagement.directory.DeleteRoleAssignmentSchedules parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentSchedule-id in: path description: The unique identifier of unifiedRoleAssignmentSchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentSchedule x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id} /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/activatedUsing: description: >- Provides operations to manage the activatedUsing property of the microsoft.graph.unifiedRoleAssignmentSchedule entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get activatedUsing from roleManagement description: >- If the request is from an eligible administrator to activate a role, this parameter shows the related eligible assignment for that activation. Otherwise, it's null. Supports $expand. operationId: roleManagement.directory.roleAssignmentSchedules.GetActivatedUsing parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentSchedule-id in: path description: The unique identifier of unifiedRoleAssignmentSchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentSchedule x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/activatedUsing /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope: description: >- Provides operations to manage the appScope property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get appScope from roleManagement description: >- Read-only property with details of the app-specific scope when the role eligibility or assignment is scoped to an app. Nullable. operationId: roleManagement.directory.roleAssignmentSchedules.GetAppScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentSchedule-id in: path description: The unique identifier of unifiedRoleAssignmentSchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentSchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the role eligibility or assignment. Read-only. operationId: roleManagement.directory.roleAssignmentSchedules.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentSchedule-id in: path description: The unique identifier of unifiedRoleAssignmentSchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentSchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal: description: >- Provides operations to manage the principal property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get principal from roleManagement description: >- The principal that's getting a role assignment or that's eligible for a role through the request. operationId: roleManagement.directory.roleAssignmentSchedules.GetPrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentSchedule-id in: path description: The unique identifier of unifiedRoleAssignmentSchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentSchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition: description: >- Provides operations to manage the roleDefinition property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get roleDefinition from roleManagement description: >- Detailed information for the roleDefinition object that is referenced through the roleDefinitionId property. operationId: roleManagement.directory.roleAssignmentSchedules.GetRoleDefinition parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentSchedule-id in: path description: The unique identifier of unifiedRoleAssignmentSchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentSchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition /roleManagement/directory/roleAssignmentSchedules/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleAssignmentSchedules.GetCount-6f04 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='{on}'): description: Provides operations to call the filterByCurrentUser method. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke function filterByCurrentUser description: >- Retrieve the schedules for active role assignment operations for which the signed-in user is the principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleassignmentschedule-filterbycurrentuser?view=graph-rest-1.0 operationId: roleManagement.directory.roleAssignmentSchedules.filterByCurrentUser parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of unifiedRoleAssignmentSchedule type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: 'on' in: path description: 'Usage: on=''{on}''' required: true schema: $ref: >- #/components/schemas/microsoft.graph.roleAssignmentScheduleFilterByCurrentUserOptions x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/filterByCurrentUser(on='{on}') /roleManagement/directory/roleDefinitions: description: >- Provides operations to manage the roleDefinitions property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List roleDefinitions description: "Get a list of unifiedRoleDefinition objects for the provider. The following RBAC providers are currently supported:\r\n- directory (Microsoft Entra ID)\r\n- entitlement management (Microsoft Entra Entitlement Management)" externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roledefinitions?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleDefinitions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleDefinitionCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Create roleDefinitions description: >- Create a new custom unifiedRoleDefinition object. This feature requires a Microsoft Entra ID P1 or P2 license. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-post-roledefinitions?view=graph-rest-1.0 operationId: roleManagement.directory.CreateRoleDefinitions requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleDefinitions /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}: description: >- Provides operations to manage the roleDefinitions property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleDefinition description: >- Read the properties and relationships of a unifiedRoleDefinition object. The following role-based access control (RBAC) providers are currently supported: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroledefinition-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleDefinitions parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update unifiedRoleDefinition description: >- Update the properties of a unifiedRoleDefinition object. You cannot update built-in roles. This feature requires a Microsoft Entra ID P1 or P2 license. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroledefinition-update?view=graph-rest-1.0 operationId: roleManagement.directory.UpdateRoleDefinitions requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete unifiedRoleDefinition description: >- Delete a unifiedRoleDefinition object. You can't delete built-in roles. This feature requires a Microsoft Entra ID P1 or P2 license. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroledefinition-delete?view=graph-rest-1.0 operationId: roleManagement.directory.DeleteRoleDefinitions parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleDefinition-id in: path description: The unique identifier of unifiedRoleDefinition required: true schema: type: string x-ms-docs-key-type: unifiedRoleDefinition x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id} /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom: description: >- Provides operations to manage the inheritsPermissionsFrom property of the microsoft.graph.unifiedRoleDefinition entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get inheritsPermissionsFrom from roleManagement description: >- Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles (isBuiltIn is true) support this attribute. Supports $expand. operationId: roleManagement.directory.roleDefinitions.ListInheritsPermissionsFrom parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleDefinitionCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Create new navigation property to inheritsPermissionsFrom for roleManagement operationId: roleManagement.directory.roleDefinitions.CreateInheritsPermissionsFrom requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleDefinition-id in: path description: The unique identifier of unifiedRoleDefinition required: true schema: type: string x-ms-docs-key-type: unifiedRoleDefinition x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1}: description: >- Provides operations to manage the inheritsPermissionsFrom property of the microsoft.graph.unifiedRoleDefinition entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get inheritsPermissionsFrom from roleManagement description: >- Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles (isBuiltIn is true) support this attribute. Supports $expand. operationId: roleManagement.directory.roleDefinitions.GetInheritsPermissionsFrom parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: Microsoft Graph Update the navigation property inheritsPermissionsFrom in roleManagement operationId: roleManagement.directory.roleDefinitions.UpdateInheritsPermissionsFrom requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete navigation property inheritsPermissionsFrom for roleManagement operationId: roleManagement.directory.roleDefinitions.DeleteInheritsPermissionsFrom parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleDefinition-id in: path description: The unique identifier of unifiedRoleDefinition required: true schema: type: string x-ms-docs-key-type: unifiedRoleDefinition - name: unifiedRoleDefinition-id1 in: path description: The unique identifier of unifiedRoleDefinition required: true schema: type: string x-ms-docs-key-type: unifiedRoleDefinition x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/{unifiedRoleDefinition-id1} /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}/inheritsPermissionsFrom/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: >- roleManagement.directory.roleDefinitions.inheritsPermissionsFrom.GetCount-f7ad parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: unifiedRoleDefinition-id in: path description: The unique identifier of unifiedRoleDefinition required: true schema: type: string x-ms-docs-key-type: unifiedRoleDefinition /roleManagement/directory/roleDefinitions/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleDefinitions.GetCount-0578 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleEligibilityScheduleInstances: description: >- Provides operations to manage the roleEligibilityScheduleInstances property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List roleEligibilityScheduleInstances description: Get the instances of role eligibilities. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roleeligibilityscheduleinstances?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleEligibilityScheduleInstances parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleEligibilityScheduleInstanceCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Create new navigation property to roleEligibilityScheduleInstances for roleManagement operationId: roleManagement.directory.CreateRoleEligibilityScheduleInstances requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleEligibilityScheduleInstances /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}: description: >- Provides operations to manage the roleEligibilityScheduleInstances property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleEligibilityScheduleInstance description: Get the instance of a role eligibility. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleeligibilityscheduleinstance-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleEligibilityScheduleInstances parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Update the navigation property roleEligibilityScheduleInstances in roleManagement operationId: roleManagement.directory.UpdateRoleEligibilityScheduleInstances requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Delete navigation property roleEligibilityScheduleInstances for roleManagement operationId: roleManagement.directory.DeleteRoleEligibilityScheduleInstances parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleInstance-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id} /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/appScope: description: >- Provides operations to manage the appScope property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get appScope from roleManagement description: >- Read-only property with details of the app-specific scope when the assignment or role eligibility is scoped to an app. Nullable. operationId: roleManagement.directory.roleEligibilityScheduleInstances.GetAppScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleInstance-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/appScope - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/appScope - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/appScope /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment or role eligibility. Read-only. operationId: >- roleManagement.directory.roleEligibilityScheduleInstances.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleInstance-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/principal: description: >- Provides operations to manage the principal property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get principal from roleManagement description: >- The principal that's getting a role assignment or role eligibility through the request. operationId: roleManagement.directory.roleEligibilityScheduleInstances.GetPrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleInstance-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/principal - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/principal - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/principal /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/roleDefinition: description: >- Provides operations to manage the roleDefinition property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get roleDefinition from roleManagement description: >- Detailed information for the roleDefinition object that is referenced through the roleDefinitionId property. operationId: >- roleManagement.directory.roleEligibilityScheduleInstances.GetRoleDefinition parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleInstance-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/roleDefinition /roleManagement/directory/roleEligibilityScheduleInstances/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleEligibilityScheduleInstances.GetCount-7642 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}'): description: Provides operations to call the filterByCurrentUser method. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke function filterByCurrentUser description: Get the instances of eligible roles for the calling principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleeligibilityscheduleinstance-filterbycurrentuser?view=graph-rest-1.0 operationId: >- roleManagement.directory.roleEligibilityScheduleInstances.filterByCurrentUser parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of unifiedRoleEligibilityScheduleInstance type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: 'on' in: path description: 'Usage: on=''{on}''' required: true schema: $ref: >- #/components/schemas/microsoft.graph.roleEligibilityScheduleInstanceFilterByCurrentUserOptions x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/filterByCurrentUser(on='{on}') /roleManagement/directory/roleEligibilityScheduleRequests: description: >- Provides operations to manage the roleEligibilityScheduleRequests property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List roleEligibilityScheduleRequests description: >- In PIM, retrieve the requests for role eligibilities for principals made through the unifiedRoleEligibilityScheduleRequest object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roleeligibilityschedulerequests?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleEligibilityScheduleRequests parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleEligibilityScheduleRequestCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Create roleEligibilityScheduleRequest description: >- In PIM, request for a role eligibility for a principal through the unifiedRoleEligibilityScheduleRequest object. This operation allows both admins and eligible users to add, revoke, or extend eligible assignments. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-post-roleeligibilityschedulerequests?view=graph-rest-1.0 operationId: roleManagement.directory.CreateRoleEligibilityScheduleRequests requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleRequest required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleEligibilityScheduleRequests /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}: description: >- Provides operations to manage the roleEligibilityScheduleRequests property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleEligibilityScheduleRequest description: >- In PIM, read the details of a request for for a role eligibility request made through the unifiedRoleEligibilityScheduleRequest object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleeligibilityschedulerequest-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleEligibilityScheduleRequests parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Update the navigation property roleEligibilityScheduleRequests in roleManagement operationId: roleManagement.directory.UpdateRoleEligibilityScheduleRequests requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleRequest required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Delete navigation property roleEligibilityScheduleRequests for roleManagement operationId: roleManagement.directory.DeleteRoleEligibilityScheduleRequests parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id} /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/appScope: description: >- Provides operations to manage the appScope property of the microsoft.graph.unifiedRoleEligibilityScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get appScope from roleManagement description: >- Read-only property with details of the app-specific scope when the role eligibility is scoped to an app. Nullable. Supports $expand. operationId: roleManagement.directory.roleEligibilityScheduleRequests.GetAppScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/appScope /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleEligibilityScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the role eligibility. Read-only. Supports $expand. operationId: >- roleManagement.directory.roleEligibilityScheduleRequests.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel: description: Provides operations to call the cancel method. post: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke action cancel description: >- Immediately cancel a unifiedRoleEligibilityScheduleRequest object whose status is Granted and have the system automatically delete the cancelled request after 30 days. After calling this action, the status of the cancelled unifiedRoleEligibilityScheduleRequest changes to Revoked. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleeligibilityschedulerequest-cancel?view=graph-rest-1.0 operationId: >- roleManagement.directory.roleEligibilityScheduleRequests.unifiedRoleEligibilityScheduleRequest.cancel responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/cancel - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/cancel /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/principal: description: >- Provides operations to manage the principal property of the microsoft.graph.unifiedRoleEligibilityScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get principal from roleManagement description: >- The principal that's getting a role eligibility through the request. Supports $expand. operationId: roleManagement.directory.roleEligibilityScheduleRequests.GetPrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/principal /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/roleDefinition: description: >- Provides operations to manage the roleDefinition property of the microsoft.graph.unifiedRoleEligibilityScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get roleDefinition from roleManagement description: >- Detailed information for the unifiedRoleDefinition object that is referenced through the roleDefinitionId property. Supports $expand. operationId: >- roleManagement.directory.roleEligibilityScheduleRequests.GetRoleDefinition parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/roleDefinition /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/targetSchedule: description: >- Provides operations to manage the targetSchedule property of the microsoft.graph.unifiedRoleEligibilityScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get targetSchedule from roleManagement description: >- The schedule for a role eligibility that is referenced through the targetScheduleId property. Supports $expand. operationId: >- roleManagement.directory.roleEligibilityScheduleRequests.GetTargetSchedule parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/targetSchedule /roleManagement/directory/roleEligibilityScheduleRequests/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleEligibilityScheduleRequests.GetCount-68f0 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}'): description: Provides operations to call the filterByCurrentUser method. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke function filterByCurrentUser description: >- In PIM, retrieve the requests for role eligibilities for a particular principal. The principal can be the creator or approver of the unifiedRoleEligibilityScheduleRequest object, or they can be the target of the role eligibility. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleeligibilityschedulerequest-filterbycurrentuser?view=graph-rest-1.0 operationId: >- roleManagement.directory.roleEligibilityScheduleRequests.filterByCurrentUser parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of unifiedRoleEligibilityScheduleRequest type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleRequest 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: 'on' in: path description: 'Usage: on=''{on}''' required: true schema: $ref: >- #/components/schemas/microsoft.graph.roleEligibilityScheduleRequestFilterByCurrentUserOptions x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/filterByCurrentUser(on='{on}') /roleManagement/directory/roleEligibilitySchedules: description: >- Provides operations to manage the roleEligibilitySchedules property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph List roleEligibilitySchedules description: >- Get the unifiedRoleEligibilitySchedule resources from the roleEligibilitySchedules navigation property. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/rbacapplication-list-roleeligibilityschedules?view=graph-rest-1.0 operationId: roleManagement.directory.ListRoleEligibilitySchedules parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.unifiedRoleEligibilityScheduleCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Create new navigation property to roleEligibilitySchedules for roleManagement operationId: roleManagement.directory.CreateRoleEligibilitySchedules requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation x-ms-docs-grouped-path: - /roleManagement/entitlementManagement/roleEligibilitySchedules /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}: description: >- Provides operations to manage the roleEligibilitySchedules property of the microsoft.graph.rbacApplication entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get unifiedRoleEligibilitySchedule description: Retrieve the schedule for a role eligibility operation. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleeligibilityschedule-get?view=graph-rest-1.0 operationId: roleManagement.directory.GetRoleEligibilitySchedules parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - roleManagement.rbacApplication summary: >- Microsoft Graph Update the navigation property roleEligibilitySchedules in roleManagement operationId: roleManagement.directory.UpdateRoleEligibilitySchedules requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - roleManagement.rbacApplication summary: Microsoft Graph Delete navigation property roleEligibilitySchedules for roleManagement operationId: roleManagement.directory.DeleteRoleEligibilitySchedules parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilitySchedule-id in: path description: The unique identifier of unifiedRoleEligibilitySchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilitySchedule x-ms-docs-grouped-path: - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id} /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope: description: >- Provides operations to manage the appScope property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get appScope from roleManagement description: >- Read-only property with details of the app-specific scope when the role eligibility or assignment is scoped to an app. Nullable. operationId: roleManagement.directory.roleEligibilitySchedules.GetAppScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appScope' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilitySchedule-id in: path description: The unique identifier of unifiedRoleEligibilitySchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilitySchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/appScope - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/appScope /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the role eligibility or assignment. Read-only. operationId: roleManagement.directory.roleEligibilitySchedules.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilitySchedule-id in: path description: The unique identifier of unifiedRoleEligibilitySchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilitySchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal: description: >- Provides operations to manage the principal property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get principal from roleManagement description: >- The principal that's getting a role assignment or that's eligible for a role through the request. operationId: roleManagement.directory.roleEligibilitySchedules.GetPrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilitySchedule-id in: path description: The unique identifier of unifiedRoleEligibilitySchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilitySchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/principal - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/principal /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition: description: >- Provides operations to manage the roleDefinition property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get roleDefinition from roleManagement description: >- Detailed information for the roleDefinition object that is referenced through the roleDefinitionId property. operationId: roleManagement.directory.roleEligibilitySchedules.GetRoleDefinition parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilitySchedule-id in: path description: The unique identifier of unifiedRoleEligibilitySchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilitySchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/roleDefinition - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/roleDefinition /roleManagement/directory/roleEligibilitySchedules/$count: description: Provides operations to count the resources in the collection. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get the number of the resource operationId: roleManagement.directory.roleEligibilitySchedules.GetCount-b25d parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /roleManagement/directory/roleEligibilitySchedules/filterByCurrentUser(on='{on}'): description: Provides operations to call the filterByCurrentUser method. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Invoke function filterByCurrentUser description: >- Retrieve the schedules for role eligibilities for which the signed-in user is the principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/unifiedroleeligibilityschedule-filterbycurrentuser?view=graph-rest-1.0 operationId: roleManagement.directory.roleEligibilitySchedules.filterByCurrentUser parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of unifiedRoleEligibilitySchedule type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: 'on' in: path description: 'Usage: on=''{on}''' required: true schema: $ref: >- #/components/schemas/microsoft.graph.roleEligibilityScheduleFilterByCurrentUserOptions x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/directory/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/filterByCurrentUser(on='{on}') - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/filterByCurrentUser(on='{on}') /roleManagement/entitlementManagement/roleAssignments/{unifiedRoleAssignment-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleAssignment entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment. Read-only. Supports $expand for the directory provider. operationId: roleManagement.entitlementManagement.roleAssignments.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignment-id in: path description: The unique identifier of unifiedRoleAssignment required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignment x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignments/{unifiedRoleAssignment-id}/directoryScope ? /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope : description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment or role eligibility. Read-only. operationId: >- roleManagement.entitlementManagement.roleAssignmentScheduleInstances.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleInstance-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope - >- /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope - >- /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope ? /roleManagement/entitlementManagement/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope : description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleAssignmentScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment. Read-only. Supports $expand. operationId: >- roleManagement.entitlementManagement.roleAssignmentScheduleRequests.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentScheduleRequest-id in: path description: The unique identifier of unifiedRoleAssignmentScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleRequests/{unifiedRoleAssignmentScheduleRequest-id}/directoryScope /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the role eligibility or assignment. Read-only. operationId: >- roleManagement.entitlementManagement.roleAssignmentSchedules.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleAssignmentSchedule-id in: path description: The unique identifier of unifiedRoleAssignmentSchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleAssignmentSchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope - >- /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope - >- /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope ? /roleManagement/entitlementManagement/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope : description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleInstanceBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the assignment or role eligibility. Read-only. operationId: >- roleManagement.entitlementManagement.roleEligibilityScheduleInstances.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleInstance-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleInstance required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleInstance x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope - >- /roleManagement/directory/roleEligibilityScheduleInstances/{unifiedRoleEligibilityScheduleInstance-id}/directoryScope - >- /roleManagement/entitlementManagement/roleAssignmentScheduleInstances/{unifiedRoleAssignmentScheduleInstance-id}/directoryScope ? /roleManagement/entitlementManagement/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope : description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleEligibilityScheduleRequest entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the role eligibility. Read-only. Supports $expand. operationId: >- roleManagement.entitlementManagement.roleEligibilityScheduleRequests.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilityScheduleRequest-id in: path description: The unique identifier of unifiedRoleEligibilityScheduleRequest required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilityScheduleRequest x-ms-docs-grouped-path: - >- /roleManagement/directory/roleEligibilityScheduleRequests/{unifiedRoleEligibilityScheduleRequest-id}/directoryScope /roleManagement/entitlementManagement/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope: description: >- Provides operations to manage the directoryScope property of the microsoft.graph.unifiedRoleScheduleBase entity. get: tags: - roleManagement.rbacApplication summary: Microsoft Graph Get directoryScope from roleManagement description: >- The directory object that is the scope of the role eligibility or assignment. Read-only. operationId: >- roleManagement.entitlementManagement.roleEligibilitySchedules.GetDirectoryScope parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: unifiedRoleEligibilitySchedule-id in: path description: The unique identifier of unifiedRoleEligibilitySchedule required: true schema: type: string x-ms-docs-key-type: unifiedRoleEligibilitySchedule x-ms-docs-grouped-path: - >- /roleManagement/directory/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope - >- /roleManagement/directory/roleEligibilitySchedules/{unifiedRoleEligibilitySchedule-id}/directoryScope - >- /roleManagement/entitlementManagement/roleAssignmentSchedules/{unifiedRoleAssignmentSchedule-id}/directoryScope components: schemas: microsoft.graph.directoryAudit: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: directoryAudit required: - '@odata.type' type: object properties: activityDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ge, le) and $orderby. format: date-time activityDisplayName: type: string description: >- Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). For a list of activities logged, refer to Microsoft Entra audit log categories and activities. Supports $filter (eq, startswith). additionalDetails: type: array items: $ref: '#/components/schemas/microsoft.graph.keyValue' description: Indicates additional details on the activity. category: type: string description: >- Indicates which resource category that's targeted by the activity. For example: UserManagement, GroupManagement, ApplicationManagement, RoleManagement. For a list of categories for activities logged, refer to Microsoft Entra audit log categories and activities. correlationId: type: string description: >- Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. Supports $filter (eq). nullable: true initiatedBy: $ref: '#/components/schemas/microsoft.graph.auditActivityInitiator' loggedByService: type: string description: >- Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. Supports $filter (eq). nullable: true operationType: type: string description: >- Indicates the type of operation that was performed. The possible values include but are not limited to the following: Add, Assign, Update, Unassign, and Delete. nullable: true result: anyOf: - $ref: '#/components/schemas/microsoft.graph.operationResult' - type: object nullable: true description: >- Indicates the result of the activity. The possible values are: success, failure, timeout, unknownFutureValue. resultReason: type: string description: >- Indicates the reason for failure if the result is failure or timeout. nullable: true targetResources: type: array items: $ref: '#/components/schemas/microsoft.graph.targetResource' description: >- Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, Directory, App, Role, Group, Policy or Other. Supports $filter (eq) for id and displayName; and $filter (startswith) for displayName. '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.directoryAudit' microsoft.graph.directory: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: directory required: - '@odata.type' type: object properties: administrativeUnits: type: array items: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' description: Conceptual container for user and group directory objects. x-ms-navigationProperty: true attributeSets: type: array items: $ref: '#/components/schemas/microsoft.graph.attributeSet' description: Group of related custom security attribute definitions. x-ms-navigationProperty: true customSecurityAttributeDefinitions: type: array items: $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeDefinition description: Schema of a custom security attributes (key-value pairs). x-ms-navigationProperty: true deletedItems: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: Recently deleted items. Read-only. Nullable. x-ms-navigationProperty: true deviceLocalCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.deviceLocalCredentialInfo' description: >- The credentials of the device's local administrator account backed up to Microsoft Entra ID. x-ms-navigationProperty: true federationConfigurations: type: array items: $ref: '#/components/schemas/microsoft.graph.identityProviderBase' description: >- Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol. x-ms-navigationProperty: true onPremisesSynchronization: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesDirectorySynchronization description: >- A container for on-premises directory synchronization functionalities that are available for the organization. x-ms-navigationProperty: true publicKeyInfrastructure: anyOf: - $ref: >- #/components/schemas/microsoft.graph.publicKeyInfrastructureRoot - type: object nullable: true description: >- The collection of public key infrastructure instances for the certificate-based authentication feature for users in a Microsoft Entra tenant. x-ms-navigationProperty: true subscriptions: type: array items: $ref: '#/components/schemas/microsoft.graph.companySubscription' description: List of commercial subscriptions that an organization acquired. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.directory' microsoft.graph.administrativeUnit: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: administrativeUnit required: - '@odata.type' type: object properties: description: type: string description: >- An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search. nullable: true displayName: type: string description: >- Display name for the administrative unit. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true isMemberManagementRestricted: type: boolean description: >- true if members of this administrative unit should be treated as sensitive, which requires specific permissions to manage. If not set, the default value is null and the default behavior is false. Use this property to define administrative units with roles that don't inherit from tenant-level administrators, and where the management of individual member objects is limited to administrators scoped to a restricted management administrative unit. This property is immutable and can't be changed later. For more information on how to work with restricted management administrative units, see Restricted management administrative units in Microsoft Entra ID. nullable: true membershipRule: type: string description: >- The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic administrative units and dynamic groups, see Manage rules for dynamic membership groups in Microsoft Entra ID. nullable: true membershipRuleProcessingState: type: string description: >- Controls whether the dynamic membership rule is actively processed. Set to On to activate the dynamic membership rule, or Paused to stop updating membership dynamically. nullable: true membershipType: type: string description: >- Indicates the membership type for the administrative unit. The possible values are: dynamic, assigned. If not set, the default value is null and the default behavior is assigned. nullable: true visibility: type: string description: >- Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership. If not set, the default value is null and the default behavior is public. When set to HiddenMembership, only members of the administrative unit can list other members of the administrative unit. nullable: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for this administrative unit. Nullable. x-ms-navigationProperty: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Users and groups that are members of this administrative unit. Supports $expand. x-ms-navigationProperty: true scopedRoleMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' description: Scoped-role members of this administrative unit. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.administrativeUnit' x-ms-discriminator-value: '#microsoft.graph.administrativeUnit' microsoft.graph.extension: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: extension required: - '@odata.type' type: object properties: '@odata.type': type: string discriminator: propertyName: '@odata.type' mapping: '#microsoft.graph.openTypeExtension': '#/components/schemas/microsoft.graph.openTypeExtension' microsoft.graph.directoryObject: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: directoryObject required: - '@odata.type' type: object properties: deletedDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Date and time when this object was deleted. Always null when the object hasn't been deleted. format: date-time nullable: true '@odata.type': type: string discriminator: propertyName: '@odata.type' mapping: '#microsoft.graph.administrativeUnit': '#/components/schemas/microsoft.graph.administrativeUnit' '#microsoft.graph.application': '#/components/schemas/microsoft.graph.application' '#microsoft.graph.appRoleAssignment': '#/components/schemas/microsoft.graph.appRoleAssignment' '#microsoft.graph.certificateAuthorityDetail': '#/components/schemas/microsoft.graph.certificateAuthorityDetail' '#microsoft.graph.certificateBasedAuthPki': '#/components/schemas/microsoft.graph.certificateBasedAuthPki' '#microsoft.graph.contract': '#/components/schemas/microsoft.graph.contract' '#microsoft.graph.device': '#/components/schemas/microsoft.graph.device' '#microsoft.graph.directoryObjectPartnerReference': >- #/components/schemas/microsoft.graph.directoryObjectPartnerReference '#microsoft.graph.directoryRole': '#/components/schemas/microsoft.graph.directoryRole' '#microsoft.graph.directoryRoleTemplate': '#/components/schemas/microsoft.graph.directoryRoleTemplate' '#microsoft.graph.endpoint': '#/components/schemas/microsoft.graph.endpoint' '#microsoft.graph.extensionProperty': '#/components/schemas/microsoft.graph.extensionProperty' '#microsoft.graph.group': '#/components/schemas/microsoft.graph.group' '#microsoft.graph.groupSettingTemplate': '#/components/schemas/microsoft.graph.groupSettingTemplate' '#microsoft.graph.multiTenantOrganizationMember': >- #/components/schemas/microsoft.graph.multiTenantOrganizationMember '#microsoft.graph.organization': '#/components/schemas/microsoft.graph.organization' '#microsoft.graph.orgContact': '#/components/schemas/microsoft.graph.orgContact' '#microsoft.graph.policyBase': '#/components/schemas/microsoft.graph.policyBase' '#microsoft.graph.appManagementPolicy': '#/components/schemas/microsoft.graph.appManagementPolicy' '#microsoft.graph.authorizationPolicy': '#/components/schemas/microsoft.graph.authorizationPolicy' '#microsoft.graph.crossTenantAccessPolicy': '#/components/schemas/microsoft.graph.crossTenantAccessPolicy' '#microsoft.graph.identitySecurityDefaultsEnforcementPolicy': >- #/components/schemas/microsoft.graph.identitySecurityDefaultsEnforcementPolicy '#microsoft.graph.permissionGrantPolicy': '#/components/schemas/microsoft.graph.permissionGrantPolicy' '#microsoft.graph.stsPolicy': '#/components/schemas/microsoft.graph.stsPolicy' '#microsoft.graph.activityBasedTimeoutPolicy': '#/components/schemas/microsoft.graph.activityBasedTimeoutPolicy' '#microsoft.graph.claimsMappingPolicy': '#/components/schemas/microsoft.graph.claimsMappingPolicy' '#microsoft.graph.homeRealmDiscoveryPolicy': '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' '#microsoft.graph.tokenIssuancePolicy': '#/components/schemas/microsoft.graph.tokenIssuancePolicy' '#microsoft.graph.tokenLifetimePolicy': '#/components/schemas/microsoft.graph.tokenLifetimePolicy' '#microsoft.graph.tenantAppManagementPolicy': '#/components/schemas/microsoft.graph.tenantAppManagementPolicy' '#microsoft.graph.resourceSpecificPermissionGrant': >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant '#microsoft.graph.servicePrincipal': '#/components/schemas/microsoft.graph.servicePrincipal' '#microsoft.graph.user': '#/components/schemas/microsoft.graph.user' microsoft.graph.application: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: application required: - '@odata.type' type: object properties: addIns: type: array items: $ref: '#/components/schemas/microsoft.graph.addIn' description: >- Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams can set the addIns property for its 'FileHandler' functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on. api: anyOf: - $ref: '#/components/schemas/microsoft.graph.apiApplication' - type: object nullable: true description: Specifies settings for an application that implements a web API. appId: type: string description: >- The unique identifier for the application that is assigned to an application by Microsoft Entra ID. Not nullable. Read-only. Alternate key. Supports $filter (eq). nullable: true applicationTemplateId: type: string description: >- Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the app wasn't created from an application template. nullable: true appRoles: type: array items: $ref: '#/components/schemas/microsoft.graph.appRole' description: >- The collection of roles defined for the application. With app role assignments, these roles can be assigned to users, groups, or service principals associated with other applications. Not nullable. authenticationBehaviors: anyOf: - $ref: '#/components/schemas/microsoft.graph.authenticationBehaviors' - type: object nullable: true certification: anyOf: - $ref: '#/components/schemas/microsoft.graph.certification' - type: object nullable: true description: Specifies the certification status of the application. createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time the application was registered. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, in, and eq on null values) and $orderby. format: date-time nullable: true defaultRedirectUri: type: string nullable: true description: type: string description: >- Free text field to provide a description of the application object to end users. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true disabledByMicrosoftStatus: type: string description: >- Specifies whether Microsoft has disabled the registered application. The possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). nullable: true displayName: type: string description: >- The display name for the application. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true groupMembershipClaims: type: string description: >- Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. To set this attribute, use one of the following valid string values: None, SecurityGroup (for security groups and Microsoft Entra roles), All (this gets all of the security groups, distribution groups, and Microsoft Entra directory roles that the signed-in user is a member of). nullable: true identifierUris: type: array items: type: string description: >- Also known as App ID URI, this value is set when an application is used as a resource app. The identifierUris acts as the prefix for the scopes you reference in your API's code, and it must be globally unique across Microsoft Entra ID. For more information on valid identifierUris patterns and best practices, see Microsoft Entra application registration security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). info: anyOf: - $ref: '#/components/schemas/microsoft.graph.informationalUrl' - type: object nullable: true description: >- Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values). isDeviceOnlyAuthSupported: type: boolean description: >- Specifies whether this application supports device authentication without a user. The default is false. nullable: true isFallbackPublicClient: type: boolean description: >- Specifies the fallback application type as public client, such as an installed application running on a mobile device. The default value is false, which means the fallback application type is confidential client such as a web app. There are certain scenarios where Microsoft Entra ID can't determine the client application type. For example, the ROPC flow where it's configured without specifying a redirect URI. In those cases, Microsoft Entra ID interprets the application type based on the value of this property. nullable: true keyCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.keyCredential' description: >- The collection of key credentials associated with the application. Not nullable. Supports $filter (eq, not, ge, le). logo: type: string description: The main logo for the application. Not nullable. format: base64url nativeAuthenticationApisEnabled: anyOf: - $ref: >- #/components/schemas/microsoft.graph.nativeAuthenticationApisEnabled - type: object nullable: true description: >- Specifies whether the Native Authentication APIs are enabled for the application. The possible values are: none and all. Default is none. For more information, see Native Authentication. notes: type: string description: Notes relevant for the management of the application. nullable: true oauth2RequirePostResponse: type: boolean optionalClaims: anyOf: - $ref: '#/components/schemas/microsoft.graph.optionalClaims' - type: object nullable: true description: >- Application developers can configure optional claims in their Microsoft Entra applications to specify the claims that are sent to their application by the Microsoft security token service. For more information, see How to: Provide optional claims to your app. parentalControlSettings: anyOf: - $ref: '#/components/schemas/microsoft.graph.parentalControlSettings' - type: object nullable: true description: Specifies parental control settings for an application. passwordCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.passwordCredential' description: >- The collection of password credentials associated with the application. Not nullable. publicClient: anyOf: - $ref: '#/components/schemas/microsoft.graph.publicClientApplication' - type: object nullable: true description: >- Specifies settings for installed clients such as desktop or mobile devices. publisherDomain: type: string description: >- The verified publisher domain for the application. Read-only. For more information, see How to: Configure an application's publisher domain. Supports $filter (eq, ne, ge, le, startsWith). nullable: true requestSignatureVerification: anyOf: - $ref: >- #/components/schemas/microsoft.graph.requestSignatureVerification - type: object nullable: true description: >- Specifies whether this application requires Microsoft Entra ID to verify the signed authentication requests. requiredResourceAccess: type: array items: $ref: '#/components/schemas/microsoft.graph.requiredResourceAccess' description: >- Specifies the resources that the application needs to access. This property also specifies the set of delegated permissions and application roles that it needs for each of those resources. This configuration of access to the required resources drives the consent experience. No more than 50 resource services (APIs) can be configured. Beginning mid-October 2021, the total number of required permissions must not exceed 400. For more information, see Limits on requested permissions per app. Not nullable. Supports $filter (eq, not, ge, le). samlMetadataUrl: type: string description: >- The URL where the service exposes SAML metadata for federation. This property is valid only for single-tenant applications. Nullable. nullable: true serviceManagementReference: type: string description: >- References application or service contact information from a Service or Asset Management database. Nullable. nullable: true servicePrincipalLockConfiguration: anyOf: - $ref: >- #/components/schemas/microsoft.graph.servicePrincipalLockConfiguration - type: object nullable: true description: >- Specifies whether sensitive properties of a multitenant application should be locked for editing after the application is provisioned in a tenant. Nullable. null by default. signInAudience: type: string description: >- Specifies the Microsoft accounts that are supported for the current application. The possible values are: AzureADMyOrg (default), AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, and PersonalMicrosoftAccount. See more in the table. The value of this object also limits the number of permissions an app can request. For more information, see Limits on requested permissions per app. The value for this property has implications on other app object properties. As a result, if you change this property, you might need to change other properties first. For more information, see Validation differences for signInAudience.Supports $filter (eq, ne, not). nullable: true spa: anyOf: - $ref: '#/components/schemas/microsoft.graph.spaApplication' - type: object nullable: true description: >- Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and access tokens. tags: type: array items: type: string description: >- Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here will also appear in the tags property of any associated service principals.Supports $filter (eq, not, ge, le, startsWith) and $search. tokenEncryptionKeyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. format: uuid nullable: true uniqueName: type: string description: >- The unique identifier that can be assigned to an application and used as an alternate key. Immutable. Read-only. nullable: true verifiedPublisher: anyOf: - $ref: '#/components/schemas/microsoft.graph.verifiedPublisher' - type: object nullable: true description: >- Specifies the verified publisher of the application. For more information about how publisher verification helps support application security, trustworthiness, and compliance, see Publisher verification. web: anyOf: - $ref: '#/components/schemas/microsoft.graph.webApplication' - type: object nullable: true description: Specifies settings for a web application. appManagementPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.appManagementPolicy' description: The appManagementPolicy applied to this application. x-ms-navigationProperty: true createdOnBehalfOf: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: Supports $filter (/$count eq 0, /$count ne 0). Read-only. x-ms-navigationProperty: true extensionProperties: type: array items: $ref: '#/components/schemas/microsoft.graph.extensionProperty' description: >- Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0). x-ms-navigationProperty: true federatedIdentityCredentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential description: >- Federated identities for applications. Supports $expand and $filter (startsWith, /$count eq 0, /$count ne 0). x-ms-navigationProperty: true homeRealmDiscoveryPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that are owners of this application. The owners are a set of nonadmin users or service principals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. x-ms-navigationProperty: true synchronization: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronization' - type: object nullable: true description: >- Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. x-ms-navigationProperty: true tokenIssuancePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenIssuancePolicy' x-ms-navigationProperty: true tokenLifetimePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenLifetimePolicy' x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.application' x-ms-discriminator-value: '#microsoft.graph.application' microsoft.graph.device: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: device required: - '@odata.type' type: object properties: accountEnabled: type: boolean description: >- true if the account is enabled; otherwise, false. Required. Default is true. Supports $filter (eq, ne, not, in). Only callers with at least the Cloud Device Administrator role can set this property. nullable: true alternativeSecurityIds: type: array items: $ref: '#/components/schemas/microsoft.graph.alternativeSecurityId' description: >- For internal use only. Not nullable. Supports $filter (eq, not, ge, le). approximateLastSignInDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null values) and $orderby. format: date-time nullable: true complianceExpirationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The timestamp when the device is no longer deemed compliant. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. format: date-time nullable: true deviceCategory: type: string description: >- User-defined property set by Intune to automatically add devices to groups and simplify managing devices. nullable: true deviceId: type: string description: >- Unique identifier set by Azure Device Registration Service at the time of registration. This alternate key can be used to reference the device object. Supports $filter (eq, ne, not, startsWith). nullable: true deviceMetadata: type: string description: For internal use only. Set to null. nullable: true deviceOwnership: type: string description: >- Ownership of the device. Intune sets this property. The possible values are: unknown, company, personal. nullable: true deviceVersion: maximum: 2147483647 minimum: -2147483648 type: number description: For internal use only. format: int32 nullable: true displayName: type: string description: >- The display name for the device. Maximum length is 256 characters. Required. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true enrollmentProfileName: type: string description: >- Enrollment profile applied to the device. For example, Apple Device Enrollment Profile, Device enrollment - Corporate device identifiers, or Windows Autopilot profile name. This property is set by Intune. nullable: true enrollmentType: type: string description: >- Enrollment type of the device. Intune sets this property. The possible values are: unknown, userEnrollment, deviceEnrollmentManager, appleBulkWithUser, appleBulkWithoutUser, windowsAzureADJoin, windowsBulkUserless, windowsAutoEnrollment, windowsBulkAzureDomainJoin, windowsCoManagement, windowsAzureADJoinUsingDeviceAuth,appleUserEnrollment, appleUserEnrollmentWithServiceAccount. NOTE: This property might return other values apart from those listed. nullable: true isCompliant: type: boolean description: >- true if the device complies with Mobile Device Management (MDM) policies; otherwise, false. Read-only. This can only be updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). nullable: true isManaged: type: boolean description: >- true if the device is managed by a Mobile Device Management (MDM) app; otherwise, false. This can only be updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). nullable: true isManagementRestricted: type: boolean description: >- Indicates whether the device is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a device that's a member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isRooted: type: boolean description: >- true if the device is rooted or jail-broken. This property can only be updated by Intune. nullable: true managementType: type: string description: >- The management channel of the device. This property is set by Intune. The possible values are: eas, mdm, easMdm, intuneClient, easIntuneClient, configurationManagerClient, configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, jamf, googleCloudDevicePolicyController. nullable: true manufacturer: type: string description: Manufacturer of the device. Read-only. nullable: true mdmAppId: type: string description: >- Application identifier used to register device into MDM. Read-only. Supports $filter (eq, ne, not, startsWith). nullable: true model: type: string description: Model of the device. Read-only. nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The last time at which the object was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z Read-only. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesSecurityIdentifier: type: string description: >- The on-premises security identifier (SID) for the user who was synchronized from on-premises to the cloud. Read-only. Returned only on $select. Supports $filter (eq). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory (default). Read-only. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true operatingSystem: type: string description: >- The type of operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null values). nullable: true operatingSystemVersion: type: string description: >- The version of the operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null values). nullable: true physicalIds: type: array items: type: string description: >- For internal use only. Not nullable. Supports $filter (eq, not, ge, le, startsWith,/$count eq 0, /$count ne 0). profileType: type: string description: >- The profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. nullable: true registrationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Date and time of when the device was registered. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. format: date-time nullable: true systemLabels: type: array items: type: string description: >- List of labels applied to the device by the system. Supports $filter (/$count eq 0, /$count ne 0). trustType: type: string description: >- Type of trust for the joined device. Read-only. Possible values: Workplace (indicates bring your own personal devices), AzureAd (Cloud-only joined devices), ServerAd (on-premises domain joined devices joined to Microsoft Entra ID). For more information, see Introduction to device management in Microsoft Entra ID. Supports $filter (eq, ne, not, in). nullable: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the device. Read-only. Nullable. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true registeredOwners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true registeredUsers: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Collection of registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups and administrative units that the device is a member of. This operation is transitive. Supports $expand. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.device' x-ms-discriminator-value: '#microsoft.graph.device' microsoft.graph.group: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: group required: - '@odata.type' type: object properties: allowExternalSenders: type: boolean description: >- Indicates if people external to the organization can send messages to the group. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true assignedLabels: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLabel' description: >- The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. Returned only on $select. This property can be updated only in delegated scenarios where the caller requires both the Microsoft Graph permission and a supported administrator role. assignedLicenses: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLicense' description: >- The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq). Read-only. autoSubscribeNewMembers: type: boolean description: >- Indicates if new members added to the group are autosubscribed to receive email notifications. You can set this property in a PATCH request for the group; don't set it in the initial POST request that creates the group. Default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true classification: type: string description: >- Describes a classification for the group (such as low, medium, or high business impact). Valid values for this property are defined by creating a ClassificationList setting value, based on the template definition.Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group was created. The value can't be modified and is automatically populated when the group is created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. format: date-time nullable: true description: type: string description: >- An optional description for the group. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true displayName: type: string description: >- The display name for the group. This property is required when a group is created and can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true expirationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group is set to expire. It's null for security groups, but for Microsoft 365 groups, it represents when the group is set to expire as defined in the groupLifecyclePolicy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. format: date-time nullable: true groupTypes: type: array items: type: string description: >- Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; otherwise, it's either a security group or a distribution group. For details, see groups overview.If the collection includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. Supports $filter (eq, not). hasMembersWithLicenseErrors: type: boolean description: >- Indicates whether there are members in this group that have license errors from its group-based license assignment. This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have members with license errors (that is, filter for this property being true). See an example. Supports $filter (eq). nullable: true hideFromAddressLists: type: boolean description: >- True if the group isn't displayed in certain parts of the Outlook UI: the Address Book, address lists for selecting message recipients, and the Browse Groups dialog for searching groups; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true hideFromOutlookClients: type: boolean description: >- True if the group isn't displayed in Outlook clients, such as Outlook for Windows and Outlook on the web; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true isArchived: type: boolean description: >- When a group is associated with a team, this property determines whether the team is in read-only mode.To read this property, use the /group/{groupId}/team endpoint or the Get team API. To update this property, use the archiveTeam and unarchiveTeam APIs. nullable: true isAssignableToRole: type: boolean description: >- Indicates whether this group can be assigned to a Microsoft Entra role. Optional. This property can only be set while creating the group and is immutable. If set to true, the securityEnabled property must also be set to true, visibility must be Hidden, and the group can't be a dynamic group (that is, groupTypes can't contain DynamicMembership). Only callers with at least the Privileged Role Administrator role can set this property. The caller must also be assigned the RoleManagement.ReadWrite.Directory permission to set this property or update the membership of such groups. For more, see Using a group to manage Microsoft Entra role assignmentsUsing this feature requires a Microsoft Entra ID P1 license. Returned by default. Supports $filter (eq, ne, not). nullable: true isManagementRestricted: type: boolean description: >- Indicates whether the group is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a group member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isSubscribedByMail: type: boolean description: >- Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true licenseProcessingState: anyOf: - $ref: '#/components/schemas/microsoft.graph.licenseProcessingState' - type: object nullable: true description: >- Indicates the status of the group license assignment to all group members. The default value is false. Read-only. Possible values: QueuedForProcessing, ProcessingInProgress, and ProcessingComplete.Returned only on $select. Read-only. mail: type: string description: >- The SMTP address for the group, for example, 'serviceadmins@contoso.com'. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true mailEnabled: type: boolean description: >- Specifies whether the group is mail-enabled. Required. Returned by default. Supports $filter (eq, ne, not). nullable: true mailNickname: type: string description: >- The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the ASCII character set 0 - 127 except the following characters: @ () / [] ' ; : <> , SPACE. Required. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true membershipRule: type: string description: >- The rule that determines members for this group if the group is a dynamic group (groupTypes contains DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). nullable: true membershipRuleProcessingState: type: string description: >- Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by default. Supports $filter (eq, ne, not, in). nullable: true onPremisesDomainName: type: string description: >- Contains the on-premises domain FQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Indicates the last time at which the group was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesNetBiosName: type: string description: >- Contains the on-premises netBios name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. nullable: true onPremisesProvisioningErrors: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesProvisioningError description: >- Errors when using Microsoft synchronization product during provisioning. Returned by default. Supports $filter (eq, not). onPremisesSamAccountName: type: string description: >- Contains the on-premises SAM account name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith). Read-only. nullable: true onPremisesSecurityIdentifier: type: string description: >- Contains the on-premises security identifier (SID) for the group synchronized from on-premises to the cloud. Read-only. Returned by default. Supports $filter (eq including on null values). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this group is synced from an on-premises directory; false if this group was originally synced from an on-premises directory but is no longer synced; null if this object has never synced from an on-premises directory (default). Returned by default. Read-only. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true preferredDataLocation: type: string description: >- The preferred data location for the Microsoft 365 group. By default, the group inherits the group creator's preferred data location. To set this property, the calling app must be granted the Directory.ReadWrite.All permission and the user be assigned at least one of the following Microsoft Entra roles: User Account Administrator Directory Writer Exchange Administrator SharePoint Administrator For more information about this property, see OneDrive Online Multi-Geo. Nullable. Returned by default. nullable: true preferredLanguage: type: string description: >- The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example, en-US. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true proxyAddresses: type: array items: type: string description: >- Email addresses for the group that direct to the same group mailbox. For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. The any operator is required to filter expressions on multi-valued properties. Returned by default. Read-only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). renewedDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group was last renewed. This value can't be modified directly and is only updated via the renew service action. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. format: date-time nullable: true securityEnabled: type: boolean description: >- Specifies whether the group is a security group. Required. Returned by default. Supports $filter (eq, ne, not, in). nullable: true securityIdentifier: type: string description: >- Security identifier of the group, used in Windows scenarios. Read-only. Returned by default. nullable: true serviceProvisioningErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.serviceProvisioningError' description: >- Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a group object. Supports $filter (eq, not, for isResolved and serviceInstance). theme: type: string description: >- Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange, or Red. Returned by default. nullable: true uniqueName: type: string description: >- The unique identifier that can be assigned to a group and used as an alternate key. Immutable. Read-only. nullable: true unseenCount: maximum: 2147483647 minimum: -2147483648 type: number description: >- Count of conversations that received new posts since the signed-in user last visited the group. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). format: int32 nullable: true visibility: type: string description: >- Specifies the group join policy and group content visibility for groups. The possible values are: Private, Public, or HiddenMembership. HiddenMembership can be set only for Microsoft 365 groups when the groups are created. It can't be updated later. Other values of visibility can be updated after group creation. If visibility value isn't specified during group creation on Microsoft Graph, a security group is created as Private by default, and the Microsoft 365 group is Public. Groups assignable to roles are always Private. To learn more, see group visibility options. Returned by default. Nullable. nullable: true acceptedSenders: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The list of users or groups allowed to create posts or calendar events in this group. If this list is nonempty, then only users or groups listed here are allowed to post. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- Represents the app roles granted to a group for an application. Supports $expand. x-ms-navigationProperty: true calendar: anyOf: - $ref: '#/components/schemas/microsoft.graph.calendar' - type: object nullable: true description: The group's calendar. Read-only. x-ms-navigationProperty: true calendarView: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The calendar view for the calendar. Read-only. x-ms-navigationProperty: true conversations: type: array items: $ref: '#/components/schemas/microsoft.graph.conversation' description: The group's conversations. x-ms-navigationProperty: true createdOnBehalfOf: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The user (or application) that created the group. NOTE: This property isn't set if the user is an administrator. Read-only. x-ms-navigationProperty: true drive: anyOf: - $ref: '#/components/schemas/microsoft.graph.drive' - type: object nullable: true description: The group's default drive. Read-only. x-ms-navigationProperty: true drives: type: array items: $ref: '#/components/schemas/microsoft.graph.drive' description: The group's drives. Read-only. x-ms-navigationProperty: true events: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The group's calendar events. x-ms-navigationProperty: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the group. Read-only. Nullable. x-ms-navigationProperty: true groupLifecyclePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.groupLifecyclePolicy' description: >- The collection of lifecycle policies for this group. Read-only. Nullable. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups that this group is a member of. HTTP Methods: GET (supported for all groups). Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The members of this group, who can be users, devices, other groups, or service principals. Supports the List members, Add member, and Remove member operations. Nullable. Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=members($select=id,userPrincipalName,displayName). x-ms-navigationProperty: true membersWithLicenseErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- A list of group members with license errors from this group-based license assignment. Read-only. x-ms-navigationProperty: true onenote: anyOf: - $ref: '#/components/schemas/microsoft.graph.onenote' - type: object nullable: true x-ms-navigationProperty: true onPremisesSyncBehavior: anyOf: - $ref: '#/components/schemas/microsoft.graph.onPremisesSyncBehavior' - type: object nullable: true x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The owners of the group who can be users or service principals. Limited to 100 owners. Nullable. If this property isn't specified when creating a Microsoft 365 group the calling user (admin or non-admin) is automatically assigned as the group owner. A non-admin user can't explicitly add themselves to this collection when they're creating the group. For more information, see the related known issue. For security groups, the admin user isn't automatically added to this collection. For more information, see the related known issue. Supports $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1); Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=owners($select=id,userPrincipalName,displayName). x-ms-navigationProperty: true permissionGrants: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant x-ms-navigationProperty: true photo: anyOf: - $ref: '#/components/schemas/microsoft.graph.profilePhoto' - type: object nullable: true description: The group's profile photo x-ms-navigationProperty: true photos: type: array items: $ref: '#/components/schemas/microsoft.graph.profilePhoto' description: The profile photos owned by the group. Read-only. Nullable. x-ms-navigationProperty: true planner: anyOf: - $ref: '#/components/schemas/microsoft.graph.plannerGroup' - type: object nullable: true description: >- Entry-point to Planner resource that might exist for a Unified Group. x-ms-navigationProperty: true rejectedSenders: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The list of users or groups not allowed to create posts or calendar events in this group. Nullable x-ms-navigationProperty: true settings: type: array items: $ref: '#/components/schemas/microsoft.graph.groupSetting' description: >- Settings that can govern this group's behavior, like whether members can invite guests to the group. Nullable. x-ms-navigationProperty: true sites: type: array items: $ref: '#/components/schemas/microsoft.graph.site' description: >- The list of SharePoint sites in this group. Access the default site with /sites/root. x-ms-navigationProperty: true team: anyOf: - $ref: '#/components/schemas/microsoft.graph.team' - type: object nullable: true description: The team associated with this group. x-ms-navigationProperty: true threads: type: array items: $ref: '#/components/schemas/microsoft.graph.conversationThread' description: The group's conversation threads. Nullable. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups that a group is a member of, either directly or through nested membership. Nullable. x-ms-navigationProperty: true transitiveMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: The direct and transitive members of a group. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.group' description: Represents a Microsoft Entra group. x-ms-discriminator-value: '#microsoft.graph.group' microsoft.graph.orgContact: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: orgContact required: - '@odata.type' type: object properties: addresses: type: array items: $ref: '#/components/schemas/microsoft.graph.physicalOfficeAddress' description: >- Postal addresses for this organizational contact. For now a contact can only have one physical address. companyName: type: string description: >- Name of the company that this organizational contact belongs to. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). nullable: true department: type: string description: >- The name for the department in which the contact works. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). nullable: true displayName: type: string description: >- Display name for this organizational contact. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values), $search, and $orderby. nullable: true givenName: type: string description: >- First name for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). nullable: true jobTitle: type: string description: >- Job title for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). nullable: true mail: type: string description: >- The SMTP address for the contact, for example, 'jeff@contoso.com'. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). nullable: true mailNickname: type: string description: >- Email alias (portion of email address pre-pending the @ symbol) for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Date and time when this organizational contact was last synchronized from on-premises AD. This date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesProvisioningErrors: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesProvisioningError description: >- List of any synchronization provisioning errors for this organizational contact. Supports $filter (eq, not for category and propertyCausingError), /$count eq 0, /$count ne 0. onPremisesSyncEnabled: type: boolean description: >- true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced and now mastered in Exchange; null if this object has never been synced from an on-premises directory (default). Supports $filter (eq, ne, not, in, and eq for null values). nullable: true phones: type: array items: $ref: '#/components/schemas/microsoft.graph.phone' description: >- List of phones for this organizational contact. Phone types can be mobile, business, and businessFax. Only one of each type can ever be present in the collection. proxyAddresses: type: array items: type: string description: >- For example: 'SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com'. The any operator is required for filter expressions on multi-valued properties. Supports $filter (eq, not, ge, le, startsWith, /$count eq 0, /$count ne 0). serviceProvisioningErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.serviceProvisioningError' description: >- Errors published by a federated service describing a non-transient, service-specific error regarding the properties or link from an organizational contact object . Supports $filter (eq, not, for isResolved and serviceInstance). surname: type: string description: >- Last name for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). nullable: true directReports: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The contact's direct reports. (The users and contacts that have their manager property set to this contact.) Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true manager: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The user or contact that is this contact's manager. Read-only. Supports $expand and $filter (eq) by id. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups that this contact is a member of. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true onPremisesSyncBehavior: anyOf: - $ref: '#/components/schemas/microsoft.graph.onPremisesSyncBehavior' - type: object nullable: true x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups that this contact is a member of, including groups that the contact is nested under. Read-only. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.orgContact' x-ms-discriminator-value: '#microsoft.graph.orgContact' microsoft.graph.servicePrincipal: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: servicePrincipal required: - '@odata.type' type: object properties: accountEnabled: type: boolean description: >- true if the service principal account is enabled; otherwise, false. If set to false, then no users are able to sign in to this app, even if they're assigned to it. Supports $filter (eq, ne, not, in). nullable: true addIns: type: array items: $ref: '#/components/schemas/microsoft.graph.addIn' description: >- Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its 'FileHandler' functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on. alternativeNames: type: array items: type: string description: >- Used to retrieve service principals by subscription, identify resource group and full resource IDs for managed identities. Supports $filter (eq, not, ge, le, startsWith). appDescription: type: string description: The description exposed by the associated application. nullable: true appDisplayName: type: string description: >- The display name exposed by the associated application. Maximum length is 256 characters. nullable: true appId: type: string description: >- The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, not, in, startsWith). nullable: true applicationTemplateId: type: string description: >- Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the service principal wasn't created from an application template. nullable: true appOwnerOrganizationId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Contains the tenant ID where the application is registered. This is applicable only to service principals backed by applications. Supports $filter (eq, ne, NOT, ge, le). format: uuid nullable: true appRoleAssignmentRequired: type: boolean description: >- Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter (eq, ne, NOT). appRoles: type: array items: $ref: '#/components/schemas/microsoft.graph.appRole' description: >- The roles exposed by the application that's linked to this service principal. For more information, see the appRoles property definition on the application entity. Not nullable. customSecurityAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeValue - type: object nullable: true description: >- An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role. description: type: string description: >- Free text field to provide an internal end-user facing description of the service principal. End-user portals such MyApps displays the application description in this field. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true disabledByMicrosoftStatus: type: string description: >- Specifies whether Microsoft has disabled the registered application. The possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). nullable: true displayName: type: string description: >- The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true homepage: type: string description: Home page or landing page of the application. nullable: true info: anyOf: - $ref: '#/components/schemas/microsoft.graph.informationalUrl' - type: object nullable: true description: >- Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values). keyCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.keyCredential' description: >- The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, le). loginUrl: type: string description: >- Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL. nullable: true logoutUrl: type: string description: >- Specifies the URL that the Microsoft's authorization service uses to sign out a user using OpenID Connect front-channel, back-channel, or SAML sign out protocols. nullable: true notes: type: string description: >- Free text field to capture information about the service principal, typically used for operational purposes. Maximum allowed size is 1,024 characters. nullable: true notificationEmailAddresses: type: array items: type: string description: >- Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery applications. oauth2PermissionScopes: type: array items: $ref: '#/components/schemas/microsoft.graph.permissionScope' description: >- The delegated permissions exposed by the application. For more information, see the oauth2PermissionScopes property on the application entity's api property. Not nullable. passwordCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.passwordCredential' description: >- The collection of password credentials associated with the application. Not nullable. preferredSingleSignOnMode: type: string description: >- Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. Note: This field might be null for older SAML apps and for OIDC applications where it isn't set automatically. nullable: true preferredTokenSigningKeyThumbprint: type: string description: >- This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which certificate is used to sign the SAML responses. For applications that aren't SAML, don't write or otherwise rely on this property. nullable: true replyUrls: type: array items: type: string description: >- The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable. resourceSpecificApplicationPermissions: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermission description: >- The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for Teams apps accessing to specific chats and teams using Microsoft Graph. Read-only. samlSingleSignOnSettings: anyOf: - $ref: >- #/components/schemas/microsoft.graph.samlSingleSignOnSettings - type: object nullable: true description: The collection for settings related to saml single sign-on. servicePrincipalNames: type: array items: type: string description: >- Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the 'aud' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith). servicePrincipalType: type: string description: >- Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren't issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can't be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn't have an associated app registration. The appId value doesn't associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use. nullable: true signInAudience: type: string description: >- Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values are:AzureADMyOrg: Users with a Microsoft work or school account in my organization's Microsoft Entra tenant (single-tenant).AzureADMultipleOrgs: Users with a Microsoft work or school account in any organization's Microsoft Entra tenant (multitenant).AzureADandPersonalMicrosoftAccount: Users with a personal Microsoft account, or a work or school account in any organization's Microsoft Entra tenant.PersonalMicrosoftAccount: Users with a personal Microsoft account only. nullable: true tags: type: array items: type: string description: >- Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated application entity's tags property.Supports $filter (eq, not, ge, le, startsWith). tokenEncryptionKeyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. format: uuid nullable: true verifiedPublisher: anyOf: - $ref: '#/components/schemas/microsoft.graph.verifiedPublisher' - type: object nullable: true description: >- Specifies the verified publisher of the application that's linked to this service principal. appManagementPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.appManagementPolicy' description: The appManagementPolicy applied to this application. x-ms-navigationProperty: true appRoleAssignedTo: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- App role assignments for this app or service, granted to users, groups, and other service principals. Supports $expand. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- App role assignment for another app or service, granted to this service principal. Supports $expand. x-ms-navigationProperty: true claimsMappingPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.claimsMappingPolicy' description: >- The claimsMappingPolicies assigned to this service principal. Supports $expand. x-ms-navigationProperty: true createdObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects created by this service principal. Read-only. Nullable. x-ms-navigationProperty: true delegatedPermissionClassifications: type: array items: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification x-ms-navigationProperty: true endpoints: type: array items: $ref: '#/components/schemas/microsoft.graph.endpoint' x-ms-navigationProperty: true federatedIdentityCredentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential description: >- Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0). x-ms-navigationProperty: true homeRealmDiscoveryPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' description: >- The homeRealmDiscoveryPolicies assigned to this service principal. Supports $expand. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true oauth2PermissionGrants: type: array items: $ref: '#/components/schemas/microsoft.graph.oAuth2PermissionGrant' description: >- Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. Read-only. Nullable. x-ms-navigationProperty: true ownedObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that this service principal owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. x-ms-navigationProperty: true remoteDesktopSecurityConfiguration: anyOf: - $ref: >- #/components/schemas/microsoft.graph.remoteDesktopSecurityConfiguration - type: object nullable: true description: >- The remoteDesktopSecurityConfiguration object applied to this service principal. Supports $filter (eq) for isRemoteDesktopProtocolEnabled property. x-ms-navigationProperty: true synchronization: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronization' - type: object nullable: true description: >- Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. x-ms-navigationProperty: true tokenIssuancePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenIssuancePolicy' description: The tokenIssuancePolicies assigned to this service principal. x-ms-navigationProperty: true tokenLifetimePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenLifetimePolicy' description: The tokenLifetimePolicies assigned to this service principal. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.servicePrincipal' x-ms-discriminator-value: '#microsoft.graph.servicePrincipal' microsoft.graph.user: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: user required: - '@odata.type' type: object properties: aboutMe: type: string description: >- A freeform text entry field for the user to describe themselves. Returned only on $select. nullable: true accountEnabled: type: boolean description: >- true if the account is enabled; otherwise, false. This property is required when a user is created. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true ageGroup: type: string description: >- Sets the age group of the user. Allowed values: null, Minor, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true assignedLicenses: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLicense' description: >- The licenses that are assigned to the user, including inherited (group-based) licenses. This property doesn't differentiate between directly assigned and inherited licenses. Use the licenseAssignmentStates property to identify the directly assigned and inherited licenses. Not nullable. Returned only on $select. Supports $filter (eq, not, /$count eq 0, /$count ne 0). assignedPlans: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedPlan' description: >- The plans that are assigned to the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq and not). authorizationInfo: anyOf: - $ref: '#/components/schemas/microsoft.graph.authorizationInfo' - type: object nullable: true birthday: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. format: date-time businessPhones: type: array items: type: string description: >- The telephone numbers for the user. NOTE: Although it's a string collection, only one number can be set for this property. Read-only for users synced from the on-premises directory. Returned by default. Supports $filter (eq, not, ge, le, startsWith). city: type: string description: >- The city where the user is located. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true companyName: type: string description: >- The name of the company that the user is associated with. This property can be useful for describing the company that a guest comes from. The maximum length is 64 characters.Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true consentProvidedForMinor: type: string description: >- Sets whether consent was obtained for minors. Allowed values: null, Granted, Denied, and NotRequired. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true country: type: string description: >- The country or region where the user is located; for example, US or UK. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time the user was created, in ISO 8601 format and UTC. The value can't be modified and is automatically populated when the entity is created. Nullable. For on-premises users, the value represents when they were first created in Microsoft Entra ID. Property is null for some users created before June 2018 and on-premises users that were synced to Microsoft Entra ID before June 2018. Read-only. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). format: date-time nullable: true creationType: type: string description: >- Indicates whether the user account was created through one of the following methods: As a regular school or work account (null). As an external account (Invitation). As a local account for an Azure Active Directory B2C tenant (LocalAccount). Through self-service sign-up by an internal user using email verification (EmailVerified). Through self-service sign-up by a guest signing up through a link that is part of a user flow (SelfServiceSignUp). Read-only.Returned only on $select. Supports $filter (eq, ne, not, in). nullable: true customSecurityAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeValue - type: object nullable: true description: >- An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). The filter value is case-sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role. department: type: string description: >- The name of the department in which the user works. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, and eq on null values). nullable: true deviceEnrollmentLimit: maximum: 2147483647 minimum: -2147483648 type: number description: >- The limit on the maximum number of devices that the user is permitted to enroll. Allowed values are 5 or 1000. format: int32 displayName: type: string description: >- The name displayed in the address book for the user. This value is usually the combination of the user's first name, middle initial, and family name. This property is required when a user is created and it can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values), $orderby, and $search. nullable: true employeeHireDate: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the user was hired or will start work in a future hire. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). format: date-time nullable: true employeeId: type: string description: >- The employee identifier assigned to the user by the organization. The maximum length is 16 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true employeeLeaveDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the user left or will leave the organization. To read this property, the calling app must be assigned the User-LifeCycleInfo.Read.All permission. To write this property, the calling app must be assigned the User.Read.All and User-LifeCycleInfo.ReadWrite.All permissions. To read this property in delegated scenarios, the admin needs at least one of the following Microsoft Entra roles: Lifecycle Workflows Administrator (least privilege), Global Reader. To write this property in delegated scenarios, the admin needs the Global Administrator role. Supports $filter (eq, ne, not , ge, le, in). For more information, see Configure the employeeLeaveDateTime property for a user. format: date-time nullable: true employeeOrgData: anyOf: - $ref: '#/components/schemas/microsoft.graph.employeeOrgData' - type: object nullable: true description: >- Represents organization data (for example, division and costCenter) associated with a user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). employeeType: type: string description: >- Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith). nullable: true externalUserState: type: string description: >- For a guest invited to the tenant using the invitation API, this property represents the invited user's invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. Returned only on $select. Supports $filter (eq, ne, not , in). nullable: true externalUserStateChangeDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Shows the timestamp for the latest change to the externalUserState property. Returned only on $select. Supports $filter (eq, ne, not , in). format: date-time nullable: true faxNumber: type: string description: >- The fax number of the user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true givenName: type: string description: >- The given name (first name) of the user. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true hireDate: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. Note: This property is specific to SharePoint in Microsoft 365. We recommend using the native employeeHireDate property to set and update hire date values using Microsoft Graph APIs. format: date-time identities: type: array items: $ref: '#/components/schemas/microsoft.graph.objectIdentity' description: >- Represents the identities that can be used to sign in to this user account. Microsoft (also known as a local account), organizations, or social identity providers such as Facebook, Google, and Microsoft can provide identity and tie it to a user account. It might contain multiple items with the same signInType value. Returned only on $select. Supports $filter (eq) with limitations. imAddresses: type: array items: type: string nullable: true description: >- The instant message voice-over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith). interests: type: array items: type: string nullable: true description: >- A list for the user to describe their interests. Returned only on $select. isManagementRestricted: type: boolean description: >- true if the user is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a user who is a member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isResourceAccount: type: boolean description: Don't use – reserved for future use. nullable: true jobTitle: type: string description: >- The user's job title. Maximum length is 128 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true lastPasswordChangeDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The time when this Microsoft Entra user last changed their password or when their password was created, whichever date the latest action was performed. The date and time information uses ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. format: date-time nullable: true legalAgeGroupClassification: type: string description: >- Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, Undefined, MinorWithOutParentalConsent, MinorWithParentalConsent, MinorNoParentalConsentRequired, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. nullable: true licenseAssignmentStates: type: array items: $ref: '#/components/schemas/microsoft.graph.licenseAssignmentState' description: >- State of license assignments for this user. Also indicates licenses that are directly assigned or the user inherited through group memberships. Read-only. Returned only on $select. mail: type: string description: >- The SMTP address for the user, for example, jeff@contoso.com. Changes to this property update the user's proxyAddresses collection to include the value as an SMTP address. This property can't contain accent characters. NOTE: We don't recommend updating this property for Azure AD B2C user profiles. Use the otherMails property instead. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith, and eq on null values). nullable: true mailboxSettings: anyOf: - $ref: '#/components/schemas/microsoft.graph.mailboxSettings' - type: object nullable: true description: >- Settings for the primary mailbox of the signed-in user. You can get or update settings for sending automatic replies to incoming messages, locale, and time zone. Returned only on $select. mailNickname: type: string description: >- The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true mobilePhone: type: string description: >- The primary cellular telephone number for the user. Read-only for users synced from the on-premises directory. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) and $search. nullable: true mySite: type: string description: The URL for the user's site. Returned only on $select. nullable: true officeLocation: type: string description: >- The office location in the user's place of business. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true onPremisesDistinguishedName: type: string description: >- Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. nullable: true onPremisesDomainName: type: string description: >- Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. nullable: true onPremisesExtensionAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.onPremisesExtensionAttributes - type: object nullable: true description: >- Contains extensionAttributes1-15 for the user. These extension attributes are also known as Exchange custom attributes 1-15. Each attribute can store up to 1024 characters. For an onPremisesSyncEnabled user, the source of authority for this set of properties is the on-premises and is read-only. For a cloud-only user (where onPremisesSyncEnabled is false), these properties can be set during the creation or update of a user object. For a cloud-only user previously synced from on-premises Active Directory, these properties are read-only in Microsoft Graph but can be fully managed through the Exchange Admin Center or the Exchange Online V2 module in PowerShell. Returned only on $select. Supports $filter (eq, ne, not, in). onPremisesImmutableId: type: string description: >- This property is used to associate an on-premises Active Directory user account to their Microsoft Entra user object. This property must be specified when creating a new user account in the Graph if you're using a federated domain for the user's userPrincipalName (UPN) property. NOTE: The $ and _ characters can't be used when specifying this property. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Indicates the last time at which the object was synced with the on-premises directory; for example: 2013-02-16T03:04:54Z. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesProvisioningErrors: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesProvisioningError description: >- Errors when using Microsoft synchronization product during provisioning. Returned only on $select. Supports $filter (eq, not, ge, le). onPremisesSamAccountName: type: string description: >- Contains the on-premises samAccountName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). nullable: true onPremisesSecurityIdentifier: type: string description: >- Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. Read-only. Returned only on $select. Supports $filter (eq including on null values). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this user object is currently being synced from an on-premises Active Directory (AD); otherwise the user isn't being synced and can be managed in Microsoft Entra ID. Read-only. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true onPremisesUserPrincipalName: type: string description: >- Contains the on-premises userPrincipalName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). nullable: true otherMails: type: array items: type: string description: >- A list of other email addresses for the user; for example: ['bob@contoso.com', 'Robert@fabrikam.com']. Can store up to 250 values, each with a limit of 250 characters. NOTE: This property can't contain accent characters. Returned only on $select. Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0). passwordPolicies: type: string description: >- Specifies password policies for the user. This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two might be specified together; for example: DisablePasswordExpiration, DisableStrongPassword. Returned only on $select. For more information on the default password policies, see Microsoft Entra password policies. Supports $filter (ne, not, and eq on null values). nullable: true passwordProfile: anyOf: - $ref: '#/components/schemas/microsoft.graph.passwordProfile' - type: object nullable: true description: >- Specifies the password profile for the user. The profile contains the user's password. This property is required when a user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies property. By default, a strong password is required. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). To update this property: User-PasswordProfile.ReadWrite.All is the least privileged permission to update this property. In delegated scenarios, the User Administrator Microsoft Entra role is the least privileged admin role supported to update this property for nonadmin users. Privileged Authentication Administrator is the least privileged role that's allowed to update this property for all administrators in the tenant. In general, the signed-in user must have a higher privileged administrator role as indicated in Who can reset passwords. In app-only scenarios, the calling app must be assigned a supported permission and at least the User Administrator Microsoft Entra role. pastProjects: type: array items: type: string nullable: true description: >- A list for the user to enumerate their past projects. Returned only on $select. postalCode: type: string description: >- The postal code for the user's postal address. The postal code is specific to the user's country or region. In the United States of America, this attribute contains the ZIP code. Maximum length is 40 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true preferredDataLocation: type: string description: >- The preferred data location for the user. For more information, see OneDrive Online Multi-Geo. nullable: true preferredLanguage: type: string description: >- The preferred language for the user. The preferred language format is based on RFC 4646. The name is a combination of an ISO 639 two-letter lowercase culture code associated with the language, and an ISO 3166 two-letter uppercase subculture code associated with the country or region. Example: 'en-US', or 'es-ES'. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) nullable: true preferredName: type: string description: >- The preferred name for the user. Not Supported. This attribute returns an empty string.Returned only on $select. nullable: true print: anyOf: - $ref: '#/components/schemas/microsoft.graph.userPrint' - type: object nullable: true provisionedPlans: type: array items: $ref: '#/components/schemas/microsoft.graph.provisionedPlan' description: >- The plans that are provisioned for the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le). proxyAddresses: type: array items: type: string description: >- For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. Changes to the mail property update this collection to include the value as an SMTP address. For more information, see mail and proxyAddresses properties. The proxy address prefixed with SMTP (capitalized) is the primary proxy address, while those addresses prefixed with smtp are the secondary proxy addresses. For Azure AD B2C accounts, this property has a limit of 10 unique addresses. Read-only in Microsoft Graph; you can update this property only through the Microsoft 365 admin center. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). responsibilities: type: array items: type: string nullable: true description: >- A list for the user to enumerate their responsibilities. Returned only on $select. schools: type: array items: type: string nullable: true description: >- A list for the user to enumerate the schools they attended. Returned only on $select. securityIdentifier: type: string description: >- Security identifier (SID) of the user, used in Windows scenarios. Read-only. Returned by default. Supports $select and $filter (eq, not, ge, le, startsWith). nullable: true serviceProvisioningErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.serviceProvisioningError' description: >- Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a user object. Supports $filter (eq, not, for isResolved and serviceInstance). showInAddressList: type: boolean description: >- Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead. Represents whether the user should be included in the Outlook global address list. See Known issue. nullable: true signInActivity: anyOf: - $ref: '#/components/schemas/microsoft.graph.signInActivity' - type: object nullable: true description: >- Get the last signed-in date and request ID of the sign-in for a given user. Read-only.Returned only on $select. Supports $filter (eq, ne, not, ge, le) but not with any other filterable properties. Note: Details for this property require a Microsoft Entra ID P1 or P2 license and the AuditLog.Read.All permission.This property isn't returned for a user who never signed in or last signed in before April 2020. signInSessionsValidFromDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Any refresh tokens or session tokens (session cookies) issued before this time are invalid. Applications get an error when using an invalid refresh or session token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application needs to acquire a new refresh token by requesting the authorized endpoint. Read-only. Use revokeSignInSessions to reset. Returned only on $select. format: date-time nullable: true skills: type: array items: type: string nullable: true description: >- A list for the user to enumerate their skills. Returned only on $select. state: type: string description: >- The state or province in the user's address. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true streetAddress: type: string description: >- The street address of the user's place of business. Maximum length is 1,024 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true surname: type: string description: >- The user's surname (family name or last name). Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true usageLocation: type: string description: >- A two-letter country code (ISO standard 3166). Required for users that are assigned licenses due to legal requirements to check for availability of services in countries/regions. Examples include: US, JP, and GB. Not nullable. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true userPrincipalName: type: string description: >- The user principal name (UPN) of the user. The UPN is an Internet-style sign-in name for the user based on the Internet standard RFC 822. By convention, this value should map to the user's email name. The general format is alias@domain, where the domain must be present in the tenant's collection of verified domains. This property is required when a user is created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization.NOTE: This property can't contain accent characters. Only the following characters are allowed A - Z, a - z, 0 - 9, ' . - _ ! # ^ ~. For the complete list of allowed characters, see username policies. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith) and $orderby. nullable: true userType: type: string description: >- A string value that can be used to classify user types in your directory. The possible values are Member and Guest. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). NOTE: For more information about the permissions for members and guests, see What are the default user permissions in Microsoft Entra ID? nullable: true activities: type: array items: $ref: '#/components/schemas/microsoft.graph.userActivity' description: The user's activities across devices. Read-only. Nullable. x-ms-navigationProperty: true agreementAcceptances: type: array items: $ref: '#/components/schemas/microsoft.graph.agreementAcceptance' description: >- The user's terms of use acceptance statuses. Read-only. Nullable. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- Represents the app roles a user is granted for an application. Supports $expand. x-ms-navigationProperty: true authentication: anyOf: - $ref: '#/components/schemas/microsoft.graph.authentication' - type: object nullable: true description: The authentication methods that are supported for the user. x-ms-navigationProperty: true calendar: anyOf: - $ref: '#/components/schemas/microsoft.graph.calendar' - type: object nullable: true description: The user's primary calendar. Read-only. x-ms-navigationProperty: true calendarGroups: type: array items: $ref: '#/components/schemas/microsoft.graph.calendarGroup' description: The user's calendar groups. Read-only. Nullable. x-ms-navigationProperty: true calendars: type: array items: $ref: '#/components/schemas/microsoft.graph.calendar' description: The user's calendars. Read-only. Nullable. x-ms-navigationProperty: true calendarView: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The calendar view for the calendar. Read-only. Nullable. x-ms-navigationProperty: true chats: type: array items: $ref: '#/components/schemas/microsoft.graph.chat' x-ms-navigationProperty: true cloudClipboard: anyOf: - $ref: '#/components/schemas/microsoft.graph.cloudClipboardRoot' - type: object nullable: true x-ms-navigationProperty: true cloudPCs: type: array items: $ref: '#/components/schemas/microsoft.graph.cloudPC' description: The user's Cloud PCs. Read-only. Nullable. x-ms-navigationProperty: true contactFolders: type: array items: $ref: '#/components/schemas/microsoft.graph.contactFolder' description: The user's contacts folders. Read-only. Nullable. x-ms-navigationProperty: true contacts: type: array items: $ref: '#/components/schemas/microsoft.graph.contact' description: The user's contacts. Read-only. Nullable. x-ms-navigationProperty: true createdObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: Directory objects that the user created. Read-only. Nullable. x-ms-navigationProperty: true dataSecurityAndGovernance: anyOf: - $ref: >- #/components/schemas/microsoft.graph.userDataSecurityAndGovernance - type: object nullable: true description: >- The data security and governance settings for the user. Read-only. Nullable. x-ms-navigationProperty: true deviceManagementTroubleshootingEvents: type: array items: $ref: >- #/components/schemas/microsoft.graph.deviceManagementTroubleshootingEvent description: The list of troubleshooting events for this user. x-ms-navigationProperty: true directReports: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The users and contacts that report to the user. (The users and contacts that have their manager property set to this user.) Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true drive: anyOf: - $ref: '#/components/schemas/microsoft.graph.drive' - type: object nullable: true description: The user's OneDrive. Read-only. x-ms-navigationProperty: true drives: type: array items: $ref: '#/components/schemas/microsoft.graph.drive' description: A collection of drives available for this user. Read-only. x-ms-navigationProperty: true employeeExperience: anyOf: - $ref: '#/components/schemas/microsoft.graph.employeeExperienceUser' - type: object nullable: true x-ms-navigationProperty: true events: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: >- The user's events. Default is to show Events under the Default Calendar. Read-only. Nullable. x-ms-navigationProperty: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the user. Read-only. Supports $expand. Nullable. x-ms-navigationProperty: true followedSites: type: array items: $ref: '#/components/schemas/microsoft.graph.site' x-ms-navigationProperty: true inferenceClassification: anyOf: - $ref: '#/components/schemas/microsoft.graph.inferenceClassification' - type: object nullable: true description: >- Relevance classification of the user's messages based on explicit designations that override inferred relevance or importance. x-ms-navigationProperty: true insights: anyOf: - $ref: '#/components/schemas/microsoft.graph.itemInsights' - type: object nullable: true description: >- Represents relationships between a user and items such as OneDrive for work or school documents, calculated using advanced analytics and machine learning techniques. Read-only. Nullable. x-ms-navigationProperty: true joinedTeams: type: array items: $ref: '#/components/schemas/microsoft.graph.team' x-ms-navigationProperty: true licenseDetails: type: array items: $ref: '#/components/schemas/microsoft.graph.licenseDetails' description: A collection of this user's license details. Read-only. x-ms-navigationProperty: true mailFolders: type: array items: $ref: '#/components/schemas/microsoft.graph.mailFolder' description: The user's mail folders. Read-only. Nullable. x-ms-navigationProperty: true managedAppRegistrations: type: array items: $ref: '#/components/schemas/microsoft.graph.managedAppRegistration' description: Zero or more managed app registrations that belong to the user. x-ms-navigationProperty: true managedDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.managedDevice' description: The managed devices associated with the user. x-ms-navigationProperty: true manager: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The user or contact that is this user's manager. Read-only. Supports $expand. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups and directory roles that the user is a member of. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true messages: type: array items: $ref: '#/components/schemas/microsoft.graph.message' description: The messages in a mailbox or folder. Read-only. Nullable. x-ms-navigationProperty: true oauth2PermissionGrants: type: array items: $ref: '#/components/schemas/microsoft.graph.oAuth2PermissionGrant' x-ms-navigationProperty: true onenote: anyOf: - $ref: '#/components/schemas/microsoft.graph.onenote' - type: object nullable: true x-ms-navigationProperty: true onlineMeetings: type: array items: $ref: '#/components/schemas/microsoft.graph.onlineMeeting' description: >- Information about a meeting, including the URL used to join a meeting, the attendees list, and the description. x-ms-navigationProperty: true outlook: anyOf: - $ref: '#/components/schemas/microsoft.graph.outlookUser' - type: object nullable: true x-ms-navigationProperty: true ownedDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Devices the user owns. Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true ownedObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects the user owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true people: type: array items: $ref: '#/components/schemas/microsoft.graph.person' description: People that are relevant to the user. Read-only. Nullable. x-ms-navigationProperty: true permissionGrants: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant description: List all resource-specific permission grants of a user. x-ms-navigationProperty: true photo: anyOf: - $ref: '#/components/schemas/microsoft.graph.profilePhoto' - type: object nullable: true description: The user's profile photo. Read-only. x-ms-navigationProperty: true photos: type: array items: $ref: '#/components/schemas/microsoft.graph.profilePhoto' description: >- The collection of the user's profile photos in different sizes. Read-only. x-ms-navigationProperty: true planner: anyOf: - $ref: '#/components/schemas/microsoft.graph.plannerUser' - type: object nullable: true description: >- Entry-point to the Planner resource that might exist for a user. Read-only. x-ms-navigationProperty: true presence: anyOf: - $ref: '#/components/schemas/microsoft.graph.presence' - type: object nullable: true x-ms-navigationProperty: true registeredDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Devices that are registered for the user. Read-only. Nullable. Supports $expand and returns up to 100 objects. x-ms-navigationProperty: true scopedRoleMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' x-ms-navigationProperty: true settings: anyOf: - $ref: '#/components/schemas/microsoft.graph.userSettings' - type: object nullable: true x-ms-navigationProperty: true solutions: anyOf: - $ref: '#/components/schemas/microsoft.graph.userSolutionRoot' - type: object nullable: true description: >- The identifier that relates the user to the working time schedule triggers. Read-Only. Nullable x-ms-navigationProperty: true sponsors: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The users and groups responsible for this guest's privileges in the tenant and keeping the guest's information and access updated. (HTTP Methods: GET, POST, DELETE.). Supports $expand. x-ms-navigationProperty: true teamwork: anyOf: - $ref: '#/components/schemas/microsoft.graph.userTeamwork' - type: object nullable: true description: >- A container for Microsoft Teams features available for the user. Read-only. Nullable. x-ms-navigationProperty: true todo: anyOf: - $ref: '#/components/schemas/microsoft.graph.todo' - type: object nullable: true description: Represents the To Do services available to a user. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups, including nested groups, and directory roles that a user is a member of. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.user' description: Represents a Microsoft Entra user account. x-ms-discriminator-value: '#microsoft.graph.user' microsoft.graph.scopedRoleMembership: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: scopedRoleMembership required: - '@odata.type' type: object properties: administrativeUnitId: type: string description: >- Unique identifier for the administrative unit that the directory role is scoped to roleId: type: string description: Unique identifier for the directory role that the member is in. roleMemberInfo: $ref: '#/components/schemas/microsoft.graph.identity' '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.scopedRoleMembership' BaseDeltaFunctionResponse: title: Base delta function response type: object properties: '@odata.nextLink': type: string nullable: true '@odata.deltaLink': type: string nullable: true microsoft.graph.attributeSet: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: attributeSet required: - '@odata.type' type: object properties: description: type: string description: >- Description of the attribute set. Can be up to 128 characters long and include Unicode characters. Can be changed later. nullable: true maxAttributesPerSet: maximum: 2147483647 minimum: -2147483648 type: number description: >- Maximum number of custom security attributes that can be defined in this attribute set. Default value is null. If not specified, the administrator can add up to the maximum of 500 active attributes per tenant. Can be changed later. format: int32 nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.attributeSet' microsoft.graph.allowedValue: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: allowedValue required: - '@odata.type' type: object properties: isActive: type: boolean description: >- Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be assigned to any other supported directory objects. nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.allowedValue' BaseCollectionPaginationCountResponse: title: Base collection pagination and count responses type: object properties: '@odata.count': type: integer format: int64 nullable: true '@odata.nextLink': type: string nullable: true microsoft.graph.deviceLocalCredentialInfo: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: deviceLocalCredentialInfo required: - '@odata.type' type: object properties: credentials: type: array items: $ref: '#/components/schemas/microsoft.graph.deviceLocalCredential' description: >- The credentials of the device's local administrator account backed up to Azure Active Directory. deviceName: type: string description: >- Display name of the device that the local credentials are associated with. lastBackupDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- When the local administrator account credential was backed up to Azure Active Directory. format: date-time refreshDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- When the local administrator account credential will be refreshed and backed up to Azure Active Directory. format: date-time '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.deviceLocalCredentialInfo' microsoft.graph.identityProviderBase: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: identityProviderBase required: - '@odata.type' type: object properties: displayName: type: string description: The display name of the identity provider. nullable: true '@odata.type': type: string discriminator: propertyName: '@odata.type' mapping: '#microsoft.graph.appleManagedIdentityProvider': >- #/components/schemas/microsoft.graph.appleManagedIdentityProvider '#microsoft.graph.builtInIdentityProvider': '#/components/schemas/microsoft.graph.builtInIdentityProvider' '#microsoft.graph.samlOrWsFedProvider': '#/components/schemas/microsoft.graph.samlOrWsFedProvider' '#microsoft.graph.internalDomainFederation': '#/components/schemas/microsoft.graph.internalDomainFederation' '#microsoft.graph.samlOrWsFedExternalDomainFederation': >- #/components/schemas/microsoft.graph.samlOrWsFedExternalDomainFederation '#microsoft.graph.socialIdentityProvider': '#/components/schemas/microsoft.graph.socialIdentityProvider' microsoft.graph.publicKeyInfrastructureRoot: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: publicKeyInfrastructureRoot required: - '@odata.type' type: object properties: certificateBasedAuthConfigurations: type: array items: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' description: >- The collection of public key infrastructure instances for the certificate-based authentication feature for users. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.publicKeyInfrastructureRoot' microsoft.graph.certificateBasedAuthPki: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: certificateBasedAuthPki required: - '@odata.type' type: object properties: displayName: type: string description: The name of the object. Maximum length is 256 characters. nullable: true lastModifiedDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: The date and time when the object was created or last modified. format: date-time status: type: string description: >- The status of any asynchronous jobs runs on the object which can be upload or delete. nullable: true statusDetails: type: string description: >- The status details of the upload/deleted operation of PKI (Public Key Infrastructure). nullable: true certificateAuthorities: type: array items: $ref: >- #/components/schemas/microsoft.graph.certificateAuthorityDetail description: >- The collection of certificate authorities contained in this public key infrastructure resource. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.certificateBasedAuthPki' x-ms-discriminator-value: '#microsoft.graph.certificateBasedAuthPki' microsoft.graph.certificateAuthorityDetail: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: certificateAuthorityDetail required: - '@odata.type' type: object properties: certificate: type: string description: The public key of the certificate authority. format: base64url certificateAuthorityType: anyOf: - $ref: >- #/components/schemas/microsoft.graph.certificateAuthorityType - type: object nullable: true description: >- The type of certificate authority. The possible values are: root, intermediate, unknownFutureValue. Supports $filter (eq). certificateRevocationListUrl: type: string description: The URL to check if the certificate is revoked. nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: The date and time when the certificate authority was created. format: date-time nullable: true deltaCertificateRevocationListUrl: type: string nullable: true displayName: type: string description: The display name of the certificate authority. nullable: true expirationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the certificate authority expires. Supports $filter (eq) and $orderby. format: date-time isIssuerHintEnabled: type: boolean description: >- Indicates whether the certificate picker presents the certificate authority to the user to use for authentication. Default value is false. Optional. nullable: true issuer: type: string description: The issuer of the certificate authority. nullable: true issuerSubjectKeyIdentifier: type: string description: The subject key identifier of certificate authority. nullable: true thumbprint: type: string description: >- The thumbprint of certificate authority certificate. Supports $filter (eq, startswith). '@odata.type': type: string default: '#microsoft.graph.certificateAuthorityDetail' x-ms-discriminator-value: '#microsoft.graph.certificateAuthorityDetail' microsoft.graph.companySubscription: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: companySubscription required: - '@odata.type' type: object properties: commerceSubscriptionId: type: string description: >- The ID of this subscription in the commerce system. Alternate key. nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when this subscription was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. format: date-time nullable: true isTrial: type: boolean description: Whether the subscription is a free trial or purchased. nullable: true nextLifecycleDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the subscription will move to the next state (as defined by the status property) if not renewed by the tenant. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. format: date-time nullable: true ownerId: type: string description: The object ID of the account admin. nullable: true ownerTenantId: type: string description: >- The unique identifier for the Microsoft partner tenant that created the subscription on a customer tenant. nullable: true ownerType: type: string description: >- Indicates the entity that ownerId belongs to, for example, 'User'. nullable: true serviceStatus: type: array items: $ref: '#/components/schemas/microsoft.graph.servicePlanInfo' description: >- The provisioning status of each service included in this subscription. skuId: type: string description: The object ID of the SKU associated with this subscription. nullable: true skuPartNumber: type: string description: The SKU associated with this subscription. nullable: true status: type: string description: >- The status of this subscription. The possible values are: Enabled, Deleted, Suspended, Warning, LockedOut. nullable: true totalLicenses: maximum: 2147483647 minimum: -2147483648 type: number description: The number of licenses included in this subscription. format: int32 nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.companySubscription' microsoft.graph.directoryRole: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: directoryRole required: - '@odata.type' type: object properties: description: type: string description: >- The description for the directory role. Read-only. Supports $filter (eq), $search, $select. nullable: true displayName: type: string description: >- The display name for the directory role. Read-only. Supports $filter (eq), $search, $select. nullable: true roleTemplateId: type: string description: >- The id of the directoryRoleTemplate that this role is based on. The property must be specified when activating a directory role in a tenant with a POST operation. After the directory role has been activated, the property is read only. Supports $filter (eq), $select. nullable: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true scopedMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' description: >- Members of this directory role that are scoped to administrative units. Read-only. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.directoryRole' x-ms-discriminator-value: '#microsoft.graph.directoryRole' microsoft.graph.directoryRoleTemplate: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: directoryRoleTemplate required: - '@odata.type' type: object properties: description: type: string description: The description to set for the directory role. Read-only. nullable: true displayName: type: string description: The display name to set for the directory role. Read-only. nullable: true '@odata.type': type: string default: '#microsoft.graph.directoryRoleTemplate' x-ms-discriminator-value: '#microsoft.graph.directoryRoleTemplate' microsoft.graph.rbacApplication: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: rbacApplication required: - '@odata.type' type: object properties: resourceNamespaces: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRbacResourceNamespace x-ms-navigationProperty: true roleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.unifiedRoleAssignment' description: Resource to grant access to users or groups. x-ms-navigationProperty: true roleAssignmentScheduleInstances: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleInstance description: Instances for active role assignments. x-ms-navigationProperty: true roleAssignmentScheduleRequests: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentScheduleRequest description: Requests for active role assignments to principals through PIM. x-ms-navigationProperty: true roleAssignmentSchedules: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleAssignmentSchedule description: Schedules for active role assignment operations. x-ms-navigationProperty: true roleDefinitions: type: array items: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' description: >- Resource representing the roles allowed by RBAC providers and the permissions assigned to the roles. x-ms-navigationProperty: true roleEligibilityScheduleInstances: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleInstance description: Instances for role eligibility requests. x-ms-navigationProperty: true roleEligibilityScheduleRequests: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilityScheduleRequest description: Requests for role eligibilities for principals through PIM. x-ms-navigationProperty: true roleEligibilitySchedules: type: array items: $ref: >- #/components/schemas/microsoft.graph.unifiedRoleEligibilitySchedule description: Schedules for role eligibility operations. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.rbacApplication' microsoft.graph.unifiedRbacResourceAction: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: unifiedRbacResourceAction required: - '@odata.type' type: object properties: actionVerb: type: string nullable: true authenticationContextId: type: string nullable: true description: type: string nullable: true isAuthenticationContextSettable: type: boolean nullable: true name: type: string resourceScopeId: type: string nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.unifiedRbacResourceAction' microsoft.graph.unifiedRoleAssignment: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: unifiedRoleAssignment required: - '@odata.type' type: object properties: appScopeId: type: string description: >- Identifier of the app specific scope when the assignment scope is app specific. The scope of an assignment determines the set of resources for which the principal has been granted access. App scopes are scopes that are defined and understood by a resource application only. For the entitlement management provider, use this property to specify a catalog. For example, /AccessPackageCatalog/beedadfe-01d5-4025-910b-84abb9369997. Supports $filter (eq, in). For example, /roleManagement/entitlementManagement/roleAssignments?$filter=appScopeId eq '/AccessPackageCatalog/{catalog id}'. nullable: true condition: type: string nullable: true directoryScopeId: type: string description: >- Identifier of the directory object representing the scope of the assignment. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications, unlike app scopes that are defined and understood by a resource application only. Supports $filter (eq, in). nullable: true principalId: type: string description: >- Identifier of the principal to which the assignment is granted. Supported principals are users, role-assignable groups, and service principals. Supports $filter (eq, in). nullable: true roleDefinitionId: type: string description: >- Identifier of the unifiedRoleDefinition the assignment is for. Read-only. Supports $filter (eq, in). nullable: true appScope: anyOf: - $ref: '#/components/schemas/microsoft.graph.appScope' - type: object nullable: true description: >- Read-only property with details of the app specific scope when the assignment scope is app specific. Containment entity. Supports $expand for the entitlement provider only. x-ms-navigationProperty: true directoryScope: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The directory object that is the scope of the assignment. Read-only. Supports $expand for the directory provider. x-ms-navigationProperty: true principal: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- Referencing the assigned principal. Read-only. Supports $expand except for the Exchange provider. x-ms-navigationProperty: true roleDefinition: anyOf: - $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' - type: object nullable: true description: The roleDefinition the assignment is for. Supports $expand. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.unifiedRoleAssignment' microsoft.graph.appScope: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: appScope required: - '@odata.type' type: object properties: displayName: type: string description: >- Provides the display name of the app-specific resource represented by the app scope. Read-only. nullable: true type: type: string description: >- Describes the type of app-specific resource represented by the app scope. Read-only. nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.appScope' microsoft.graph.unifiedRoleDefinition: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: unifiedRoleDefinition required: - '@odata.type' type: object properties: description: type: string description: >- The description for the unifiedRoleDefinition. Read-only when isBuiltIn is true. nullable: true displayName: type: string description: >- The display name for the unifiedRoleDefinition. Read-only when isBuiltIn is true. Required. Supports $filter (eq, in). nullable: true isBuiltIn: type: boolean description: >- Flag indicating whether the role definition is part of the default set included in Microsoft Entra or a custom definition. Read-only. Supports $filter (eq, in). nullable: true isEnabled: type: boolean description: >- Flag indicating whether the role is enabled for assignment. If false the role is not available for assignment. Read-only when isBuiltIn is true. nullable: true resourceScopes: type: array items: type: string description: >- List of the scopes or permissions the role definition applies to. Currently only / is supported. Read-only when isBuiltIn is true. DO NOT USE. This will be deprecated soon. Attach scope to role assignment. rolePermissions: type: array items: $ref: '#/components/schemas/microsoft.graph.unifiedRolePermission' description: >- List of permissions included in the role. Read-only when isBuiltIn is true. Required. templateId: type: string description: >- Custom template identifier that can be set when isBuiltIn is false but is read-only when isBuiltIn is true. This identifier is typically used if one needs an identifier to be the same across different directories. nullable: true version: type: string description: >- Indicates version of the role definition. Read-only when isBuiltIn is true. nullable: true inheritsPermissionsFrom: type: array items: $ref: '#/components/schemas/microsoft.graph.unifiedRoleDefinition' description: >- Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles (isBuiltIn is true) support this attribute. Supports $expand. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.unifiedRoleDefinition' parameters: top: name: $top in: query description: Show only the first n items style: form explode: false schema: minimum: 0 type: integer example: 50 skip: name: $skip in: query description: Skip the first n items style: form explode: false schema: minimum: 0 type: integer search: name: $search in: query description: Search items by search phrases style: form explode: false schema: type: string filter: name: $filter in: query description: Filter items by property values style: form explode: false schema: type: string count: name: $count in: query description: Include count of items style: form explode: false schema: type: boolean examples: {} responses: error: description: error content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.ODataErrors.ODataError' ODataCountResponse: description: The count of the resource content: text/plain: schema: $ref: '#/components/schemas/ODataCountResponse' microsoft.graph.extensionCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.extensionCollectionResponse' StringCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/StringCollectionResponse' microsoft.graph.applicationCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.applicationCollectionResponse' microsoft.graph.deviceCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceCollectionResponse' microsoft.graph.groupCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.groupCollectionResponse' microsoft.graph.orgContactCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.orgContactCollectionResponse' microsoft.graph.userCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.userCollectionResponse' tags: - name: auditLogs.directoryAudit - name: directory.administrativeUnit - name: directory.attributeSet - name: directory.companySubscription - name: directory.customSecurityAttributeDefinition - name: directory.deviceLocalCredentialInfo - name: Directory.directory - name: directory.directoryObject - name: directory.identityProviderBase - name: directory.onPremisesDirectorySynchronization - name: directory.publicKeyInfrastructureRoot - name: directoryObjects.directoryObject - name: directoryObjects.directoryObject.Actions - name: directoryObjects.directoryObject.Functions - name: directoryRoles.directoryObject - name: directoryRoles.directoryRole - name: directoryRoles.directoryRole.Actions - name: directoryRoles.directoryRole.Functions - name: directoryRoles.scopedRoleMembership - name: directoryRoleTemplates.directoryRoleTemplate - name: directoryRoleTemplates.directoryRoleTemplate.Actions - name: directoryRoleTemplates.directoryRoleTemplate.Functions - name: roleManagement.rbacApplication