openapi: 3.1.0 info: title: Microsoft Graph Serviceprincipals description: Needs a description. paths: /servicePrincipals: description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph List servicePrincipals description: Retrieve a list of servicePrincipal objects. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.ListServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Create servicePrincipal description: Create a new servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-serviceprincipals?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.CreateServicePrincipal requestBody: description: New entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' required: true responses: 2XX: description: Created entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /servicePrincipals/{servicePrincipal-id}: description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Get servicePrincipal description: Retrieve the properties and relationships of a servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-get?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.GetServicePrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Upsert servicePrincipal description: >- Create a new servicePrincipal object if it doesn't exist, or update the properties of an existing servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-upsert?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.UpdateServicePrincipal requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Delete servicePrincipal description: Delete a servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.DeleteServicePrincipal parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/appManagementPolicies: description: >- Provides operations to manage the appManagementPolicies property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.appManagementPolicy summary: Microsoft Graph Get appManagementPolicies from servicePrincipals description: The appManagementPolicy applied to this application. operationId: servicePrincipals.ListAppManagementPolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.appManagementPolicyCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/appManagementPolicies/{appManagementPolicy-id}: description: >- Provides operations to manage the appManagementPolicies property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.appManagementPolicy summary: Microsoft Graph Get appManagementPolicies from servicePrincipals description: The appManagementPolicy applied to this application. operationId: servicePrincipals.GetAppManagementPolicies parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appManagementPolicy' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: appManagementPolicy-id in: path description: The unique identifier of appManagementPolicy required: true schema: type: string x-ms-docs-key-type: appManagementPolicy /servicePrincipals/{servicePrincipal-id}/appManagementPolicies/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.appManagementPolicy summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.appManagementPolicies.GetCount-5cee parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/appRoleAssignedTo: description: >- Provides operations to manage the appRoleAssignedTo property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Get appRoleAssignment description: Read the properties and relationships of an appRoleAssignment object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-approleassignedto?view=graph-rest-1.0 operationId: servicePrincipals.ListAppRoleAssignedTo parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Grant an appRoleAssignment for a service principal description: >- Assign an app role for a resource service principal, to a user, group, or client service principal. App roles that are assigned to service principals are also known as application permissions. Application permissions can be granted directly with app role assignments, or through a consent experience. To grant an app role assignment, you need three identifiers: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-approleassignedto?view=graph-rest-1.0 operationId: servicePrincipals.CreateAppRoleAssignedTo requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/appRoleAssignedTo/{appRoleAssignment-id}: description: >- Provides operations to manage the appRoleAssignedTo property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Get appRoleAssignment description: Read the properties and relationships of an appRoleAssignment object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/approleassignment-get?view=graph-rest-1.0 operationId: servicePrincipals.GetAppRoleAssignedTo parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Update the navigation property appRoleAssignedTo in servicePrincipals operationId: servicePrincipals.UpdateAppRoleAssignedTo requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Delete appRoleAssignedTo description: >- Deletes an appRoleAssignment that a user, group, or client service principal has been granted for a resource service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-approleassignedto?view=graph-rest-1.0 operationId: servicePrincipals.DeleteAppRoleAssignedTo parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: appRoleAssignment-id in: path description: The unique identifier of appRoleAssignment required: true schema: type: string x-ms-docs-key-type: appRoleAssignment /servicePrincipals/{servicePrincipal-id}/appRoleAssignedTo/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.appRoleAssignedTo.GetCount-705c parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/appRoleAssignments: description: >- Provides operations to manage the appRoleAssignments property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Get appRoleAssignment description: Read the properties and relationships of an appRoleAssignment object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-approleassignments?view=graph-rest-1.0 operationId: servicePrincipals.ListAppRoleAssignments parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Grant an appRoleAssignment to a service principal description: >- Assign an app role to a client service principal. App roles that are assigned to service principals are also known as application permissions. Application permissions can be granted directly with app role assignments, or through a consent experience. To grant an app role assignment to a client service principal, you need three identifiers: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-approleassignments?view=graph-rest-1.0 operationId: servicePrincipals.CreateAppRoleAssignments requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/appRoleAssignments/{appRoleAssignment-id}: description: >- Provides operations to manage the appRoleAssignments property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Get appRoleAssignment description: Read the properties and relationships of an appRoleAssignment object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/approleassignment-get?view=graph-rest-1.0 operationId: servicePrincipals.GetAppRoleAssignments parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Update the navigation property appRoleAssignments in servicePrincipals operationId: servicePrincipals.UpdateAppRoleAssignments requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Delete appRoleAssignment description: >- Deletes an appRoleAssignment that a service principal has been granted. App roles which are assigned to service principals are also known as application permissions. Deleting an app role assignment for a service principal is equivalent to revoking the app-only permission grant. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-approleassignments?view=graph-rest-1.0 operationId: servicePrincipals.DeleteAppRoleAssignments parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: appRoleAssignment-id in: path description: The unique identifier of appRoleAssignment required: true schema: type: string x-ms-docs-key-type: appRoleAssignment /servicePrincipals/{servicePrincipal-id}/appRoleAssignments/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.appRoleAssignment summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.appRoleAssignments.GetCount-4e95 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/claimsMappingPolicies: description: >- Provides operations to manage the claimsMappingPolicies property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.claimsMappingPolicy summary: Microsoft Graph List assigned claimsMappingPolicy description: >- List the claimsMappingPolicy objects that are assigned to a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-claimsmappingpolicies?view=graph-rest-1.0 operationId: servicePrincipals.ListClaimsMappingPolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.claimsMappingPolicyCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/claimsMappingPolicies/{claimsMappingPolicy-id}/$ref: description: Provides operations to manage the collection of servicePrincipal entities. delete: tags: - servicePrincipals.claimsMappingPolicy summary: Microsoft Graph Remove claimsMappingPolicy description: Remove a claimsMappingPolicy from a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-claimsmappingpolicies?view=graph-rest-1.0 operationId: servicePrincipals.claimsMappingPolicies.DeleteRefClaimsMappingPolicy parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: claimsMappingPolicy-id in: path description: The unique identifier of claimsMappingPolicy required: true schema: type: string x-ms-docs-key-type: claimsMappingPolicy /servicePrincipals/{servicePrincipal-id}/claimsMappingPolicies/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.claimsMappingPolicy summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.claimsMappingPolicies.GetCount-832a parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/claimsMappingPolicies/$ref: description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.claimsMappingPolicy summary: Microsoft Graph List assigned claimsMappingPolicy description: >- List the claimsMappingPolicy objects that are assigned to a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-claimsmappingpolicies?view=graph-rest-1.0 operationId: servicePrincipals.ListRefClaimsMappingPolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.claimsMappingPolicy summary: Microsoft Graph Assign claimsMappingPolicy description: Assign a claimsMappingPolicy to a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-claimsmappingpolicies?view=graph-rest-1.0 operationId: servicePrincipals.CreateRefClaimsMappingPolicies requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.claimsMappingPolicy summary: Microsoft Graph Remove claimsMappingPolicy description: Remove a claimsMappingPolicy from a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-claimsmappingpolicies?view=graph-rest-1.0 operationId: servicePrincipals.DeleteRefClaimsMappingPolicies parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/createdObjects: description: >- Provides operations to manage the createdObjects property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: 'Microsoft Graph servicePrincipal: List createdObjects' description: Retrieve a list of directoryobject objects. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-createdobjects?view=graph-rest-1.0 operationId: servicePrincipals.ListCreatedObjects parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/createdObjects/{directoryObject-id}: description: >- Provides operations to manage the createdObjects property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get createdObjects from servicePrincipals description: >- Directory objects created by this service principal. Read-only. Nullable. operationId: servicePrincipals.GetCreatedObjects parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/createdObjects/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: servicePrincipals.GetCreatedObjects.AsServicePrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/createdObjects/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.createdObjects.GetCount-0714 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/createdObjects/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListCreatedObjects.AsServicePrincipal parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/createdObjects/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.CreatedObjects.GetCount.AsServicePrincipal-768a parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/delegatedPermissionClassifications: description: >- Provides operations to manage the delegatedPermissionClassifications property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.delegatedPermissionClassification summary: Microsoft Graph List delegatedPermissionClassifications collection of servicePrincipal description: >- Retrieve the list of delegatedPermissionClassification currently configured for the delegated permissions exposed by an API. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-delegatedpermissionclassifications?view=graph-rest-1.0 operationId: servicePrincipals.ListDelegatedPermissionClassifications parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.delegatedPermissionClassificationCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.delegatedPermissionClassification summary: Microsoft Graph Create delegatedPermissionClassification description: >- Classify a delegated permission by adding a delegatedPermissionClassification to the servicePrincipal representing the API. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-delegatedpermissionclassifications?view=graph-rest-1.0 operationId: servicePrincipals.CreateDelegatedPermissionClassifications requestBody: description: New navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/delegatedPermissionClassifications/{delegatedPermissionClassification-id}: description: >- Provides operations to manage the delegatedPermissionClassifications property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.delegatedPermissionClassification summary: Microsoft Graph Get delegatedPermissionClassifications from servicePrincipals operationId: servicePrincipals.GetDelegatedPermissionClassifications parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.delegatedPermissionClassification summary: >- Microsoft Graph Update the navigation property delegatedPermissionClassifications in servicePrincipals operationId: servicePrincipals.UpdateDelegatedPermissionClassifications requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.delegatedPermissionClassification summary: Microsoft Graph Delete delegatedPermissionClassification description: >- Deletes a delegatedPermissionClassification which had previously been set for a delegated permission. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-delegatedpermissionclassifications?view=graph-rest-1.0 operationId: servicePrincipals.DeleteDelegatedPermissionClassifications parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: delegatedPermissionClassification-id in: path description: The unique identifier of delegatedPermissionClassification required: true schema: type: string x-ms-docs-key-type: delegatedPermissionClassification /servicePrincipals/{servicePrincipal-id}/delegatedPermissionClassifications/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.delegatedPermissionClassification summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.delegatedPermissionClassifications.GetCount-31f9 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/endpoints: description: >- Provides operations to manage the endpoints property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.endpoint summary: Microsoft Graph Get endpoints from servicePrincipals operationId: servicePrincipals.ListEndpoints parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.endpointCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.endpoint summary: Microsoft Graph Create new navigation property to endpoints for servicePrincipals operationId: servicePrincipals.CreateEndpoints requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/endpoints/{endpoint-id}: description: >- Provides operations to manage the endpoints property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.endpoint summary: Microsoft Graph Get endpoints from servicePrincipals operationId: servicePrincipals.GetEndpoints parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.endpoint summary: Microsoft Graph Update the navigation property endpoints in servicePrincipals operationId: servicePrincipals.UpdateEndpoints requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.endpoint summary: Microsoft Graph Delete navigation property endpoints for servicePrincipals operationId: servicePrincipals.DeleteEndpoints parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: endpoint-id in: path description: The unique identifier of endpoint required: true schema: type: string x-ms-docs-key-type: endpoint /servicePrincipals/{servicePrincipal-id}/endpoints/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.endpoint summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.endpoints.GetCount-c0e0 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/federatedIdentityCredentials: description: >- Provides operations to manage the federatedIdentityCredentials property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.federatedIdentityCredential summary: Microsoft Graph Get federatedIdentityCredentials from servicePrincipals description: >- Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0). operationId: servicePrincipals.ListFederatedIdentityCredentials parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.federatedIdentityCredentialCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.federatedIdentityCredential summary: >- Microsoft Graph Create new navigation property to federatedIdentityCredentials for servicePrincipals operationId: servicePrincipals.CreateFederatedIdentityCredentials requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.federatedIdentityCredential' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/federatedIdentityCredentials/{federatedIdentityCredential-id}: description: >- Provides operations to manage the federatedIdentityCredentials property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.federatedIdentityCredential summary: Microsoft Graph Get federatedIdentityCredentials from servicePrincipals description: >- Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0). operationId: servicePrincipals.GetFederatedIdentityCredentials parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.federatedIdentityCredential summary: >- Microsoft Graph Update the navigation property federatedIdentityCredentials in servicePrincipals operationId: servicePrincipals.UpdateFederatedIdentityCredentials requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.federatedIdentityCredential' required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.federatedIdentityCredential summary: >- Microsoft Graph Delete navigation property federatedIdentityCredentials for servicePrincipals operationId: servicePrincipals.DeleteFederatedIdentityCredentials parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: federatedIdentityCredential-id in: path description: The unique identifier of federatedIdentityCredential required: true schema: type: string x-ms-docs-key-type: federatedIdentityCredential x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/federatedIdentityCredentials(name='{name}') /servicePrincipals/{servicePrincipal-id}/federatedIdentityCredentials(name='{name}'): description: >- Provides operations to manage the federatedIdentityCredentials property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.federatedIdentityCredential summary: Microsoft Graph Get federatedIdentityCredentials from servicePrincipals description: >- Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0). operationId: servicePrincipals.federatedIdentityCredentials.GetByName parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.federatedIdentityCredential summary: >- Microsoft Graph Update the navigation property federatedIdentityCredentials in servicePrincipals operationId: servicePrincipals.federatedIdentityCredentials.UpdateByName requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.federatedIdentityCredential' required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.federatedIdentityCredential summary: >- Microsoft Graph Delete navigation property federatedIdentityCredentials for servicePrincipals operationId: servicePrincipals.federatedIdentityCredentials.DeleteByName parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: name in: path description: Alternate key of federatedIdentityCredential required: true schema: type: string x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/federatedIdentityCredentials/{federatedIdentityCredential-id} /servicePrincipals/{servicePrincipal-id}/federatedIdentityCredentials/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.federatedIdentityCredential summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.federatedIdentityCredentials.GetCount-d9cd parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/homeRealmDiscoveryPolicies: description: >- Provides operations to manage the homeRealmDiscoveryPolicies property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.homeRealmDiscoveryPolicy summary: Microsoft Graph List assigned homeRealmDiscoveryPolicy description: >- List the homeRealmDiscoveryPolicy objects that are assigned to a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-homerealmdiscoverypolicies?view=graph-rest-1.0 operationId: servicePrincipals.ListHomeRealmDiscoveryPolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.homeRealmDiscoveryPolicyCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/homeRealmDiscoveryPolicies/{homeRealmDiscoveryPolicy-id}/$ref: description: Provides operations to manage the collection of servicePrincipal entities. delete: tags: - servicePrincipals.homeRealmDiscoveryPolicy summary: Microsoft Graph Remove homeRealmDiscoveryPolicy description: Remove a homeRealmDiscoveryPolicy from a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-homerealmdiscoverypolicies?view=graph-rest-1.0 operationId: >- servicePrincipals.homeRealmDiscoveryPolicies.DeleteRefHomeRealmDiscoveryPolicy parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: homeRealmDiscoveryPolicy-id in: path description: The unique identifier of homeRealmDiscoveryPolicy required: true schema: type: string x-ms-docs-key-type: homeRealmDiscoveryPolicy /servicePrincipals/{servicePrincipal-id}/homeRealmDiscoveryPolicies/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.homeRealmDiscoveryPolicy summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.homeRealmDiscoveryPolicies.GetCount-d161 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/homeRealmDiscoveryPolicies/$ref: description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.homeRealmDiscoveryPolicy summary: Microsoft Graph List assigned homeRealmDiscoveryPolicy description: >- List the homeRealmDiscoveryPolicy objects that are assigned to a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-homerealmdiscoverypolicies?view=graph-rest-1.0 operationId: servicePrincipals.ListRefHomeRealmDiscoveryPolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.homeRealmDiscoveryPolicy summary: Microsoft Graph Assign homeRealmDiscoveryPolicy description: Assign a homeRealmDiscoveryPolicy to a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-homerealmdiscoverypolicies?view=graph-rest-1.0 operationId: servicePrincipals.CreateRefHomeRealmDiscoveryPolicies requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.homeRealmDiscoveryPolicy summary: Microsoft Graph Remove homeRealmDiscoveryPolicy description: Remove a homeRealmDiscoveryPolicy from a servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-homerealmdiscoverypolicies?view=graph-rest-1.0 operationId: servicePrincipals.DeleteRefHomeRealmDiscoveryPolicies parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf: description: >- Provides operations to manage the memberOf property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph List servicePrincipal memberOf description: >- Get the groups and directory roles that this servicePrincipal is a direct member of. This operation is not transitive. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-memberof?view=graph-rest-1.0 operationId: servicePrincipals.ListMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf/{directoryObject-id}: description: >- Provides operations to manage the memberOf property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get memberOf from servicePrincipals description: >- Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand. operationId: servicePrincipals.GetMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/memberOf/{directoryObject-id}/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit operationId: servicePrincipals.GetMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/memberOf/{directoryObject-id}/graph.directoryRole: description: Casts the previous resource to directoryRole. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.directoryRole operationId: servicePrincipals.GetMemberOf.AsDirectoryRole parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/memberOf/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.group operationId: servicePrincipals.GetMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/memberOf/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.memberOf.GetCount-be11 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.administrativeUnit in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.administrativeUnitCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf/graph.administrativeUnit/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.MemberOf.GetCount.AsAdministrativeUnit-472e parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf/graph.directoryRole: description: Casts the previous resource to directoryRole. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.directoryRole in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListMemberOf.AsDirectoryRole parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryRoleCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf/graph.directoryRole/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.MemberOf.GetCount.AsDirectoryRole-fa4e parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf/graph.group: description: Casts the previous resource to group. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.group in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/memberOf/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.MemberOf.GetCount.AsGroup-96d9 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/addKey: description: Provides operations to call the addKey method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action addKey description: >- Adds a key credential to a servicePrincipal. This method along with removeKey can be used by a servicePrincipal to automate rolling its expiring keys. As part of the request validation for this method, a proof of possession of an existing key is verified before the action can be performed. ServicePrincipals that don't have any existing valid certificates (i.e.: no certificates have been added yet, or all certificates have expired), won't be able to use this service action. Update servicePrincipal can be used to perform an update instead. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-addkey?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.addKey requestBody: description: Action parameters content: application/json: schema: type: object properties: keyCredential: $ref: '#/components/schemas/microsoft.graph.keyCredential' passwordCredential: anyOf: - $ref: '#/components/schemas/microsoft.graph.passwordCredential' - type: object nullable: true proof: type: string required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.keyCredential' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/addPassword: description: Provides operations to call the addPassword method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action addPassword description: Add a strong password or secret to a servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-addpassword?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.addPassword requestBody: description: Action parameters content: application/json: schema: type: object properties: passwordCredential: anyOf: - $ref: '#/components/schemas/microsoft.graph.passwordCredential' - type: object nullable: true required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.passwordCredential' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/addTokenSigningCertificate: description: Provides operations to call the addTokenSigningCertificate method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action addTokenSigningCertificate description: "Create a self-signed signing certificate and return a selfSignedCertificate object, which is the public part of the generated certificate. The self-signed signing certificate is composed of the following objects, which are added to the servicePrincipal: \r\n+ The keyCredentials object with the following objects:\r\n + A private key object with usage set to Sign.\r\n + A public key object with usage set to Verify.\r\n+ The passwordCredentials object. All the objects have the same value of customKeyIdentifier. The passwordCredential is used to open the PFX file (private key). It and the associated private key object have the same value of keyId. When set during creation through the displayName property, the subject of the certificate cannot be updated. The startDateTime is set to the same time the certificate is created using the action. The endDateTime can be up to three years after the certificate is created." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-addtokensigningcertificate?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.addTokenSigningCertificate requestBody: description: Action parameters content: application/json: schema: type: object properties: displayName: type: string nullable: true endDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string format: date-time nullable: true required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.selfSignedCertificate' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/checkMemberGroups: description: Provides operations to call the checkMemberGroups method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action checkMemberGroups description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.checkMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: groupIds: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/checkMemberObjects: description: Provides operations to call the checkMemberObjects method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action checkMemberObjects operationId: servicePrincipals.servicePrincipal.checkMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/getMemberGroups: description: Provides operations to call the getMemberGroups method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action getMemberGroups description: >- Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmembergroups?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.getMemberGroups requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/getMemberObjects: description: Provides operations to call the getMemberObjects method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action getMemberObjects description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.getMemberObjects requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: type: string 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/removeKey: description: Provides operations to call the removeKey method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action removeKey description: >- Remove a key credential from a servicePrincipal. This method along with addKey can be used by a servicePrincipal to automate rolling its expiring keys. As part of the request validation for this method, a proof of possession of an existing key is verified before the action can be performed. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-removekey?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.removeKey requestBody: description: Action parameters content: application/json: schema: type: object properties: keyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid proof: type: string required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/removePassword: description: Provides operations to call the removePassword method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action removePassword description: Remove a password from a servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-removepassword?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.removePassword requestBody: description: Action parameters content: application/json: schema: type: object properties: keyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/restore: description: Provides operations to call the restore method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action restore description: "Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user If an item is accidentally deleted, you can fully restore the item. Additionally, restoring an application doesn't automatically restore the associated service principal automatically. You must call this API to explicitly restore the deleted service principal. A recently deleted item remains available for up to 30 days. After 30 days, the item is permanently deleted." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directory-deleteditems-restore?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.restore responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/oauth2PermissionGrants: description: >- Provides operations to manage the oauth2PermissionGrants property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.oAuth2PermissionGrant summary: Microsoft Graph List oauth2PermissionGrants granted to a service principal description: >- Retrieve a list of oAuth2PermissionGrant entities, representing delegated permissions granted to the service principal (representing the client application) to access an API on behalf of a user. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-oauth2permissiongrants?view=graph-rest-1.0 operationId: servicePrincipals.ListOauth2PermissionGrants parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.oAuth2PermissionGrantCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/oauth2PermissionGrants/{oAuth2PermissionGrant-id}: description: >- Provides operations to manage the oauth2PermissionGrants property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.oAuth2PermissionGrant summary: Microsoft Graph Get oauth2PermissionGrants from servicePrincipals description: >- Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. Read-only. Nullable. operationId: servicePrincipals.GetOauth2PermissionGrants parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.oAuth2PermissionGrant' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: oAuth2PermissionGrant-id in: path description: The unique identifier of oAuth2PermissionGrant required: true schema: type: string x-ms-docs-key-type: oAuth2PermissionGrant /servicePrincipals/{servicePrincipal-id}/oauth2PermissionGrants/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.oAuth2PermissionGrant summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.oauth2PermissionGrants.GetCount-f9dc parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects: description: >- Provides operations to manage the ownedObjects property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: 'Microsoft Graph servicePrincipals: List ownedObjects' description: >- Retrieve a list of objects owned by the servicePrincipal. This could include applications or groups. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-ownedobjects?view=graph-rest-1.0 operationId: servicePrincipals.ListOwnedObjects parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/{directoryObject-id}: description: >- Provides operations to manage the ownedObjects property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get ownedObjects from servicePrincipals description: >- Directory objects that this service principal owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). operationId: servicePrincipals.GetOwnedObjects parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/ownedObjects/{directoryObject-id}/graph.application: description: Casts the previous resource to application. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.application operationId: servicePrincipals.GetOwnedObjects.AsApplication parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.application' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/ownedObjects/{directoryObject-id}/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment operationId: servicePrincipals.GetOwnedObjects.AsAppRoleAssignment parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/ownedObjects/{directoryObject-id}/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint operationId: servicePrincipals.GetOwnedObjects.AsEndpoint parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/ownedObjects/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.group operationId: servicePrincipals.GetOwnedObjects.AsGroup parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/ownedObjects/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: servicePrincipals.GetOwnedObjects.AsServicePrincipal parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/ownedObjects/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.ownedObjects.GetCount-7ae7 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.application: description: Casts the previous resource to application. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.application in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwnedObjects.AsApplication parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.applicationCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.application/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.OwnedObjects.GetCount.AsApplication-2b95 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.appRoleAssignment in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwnedObjects.AsAppRoleAssignment parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.appRoleAssignment/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.OwnedObjects.GetCount.AsAppRoleAssignment-793c parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.endpoint in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwnedObjects.AsEndpoint parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.endpointCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.endpoint/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.OwnedObjects.GetCount.AsEndpoint-4594 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.group: description: Casts the previous resource to group. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.group in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwnedObjects.AsGroup parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.OwnedObjects.GetCount.AsGroup-fc2e parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwnedObjects.AsServicePrincipal parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/ownedObjects/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.OwnedObjects.GetCount.AsServicePrincipal-19c0 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners: description: >- Provides operations to manage the owners property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get owners from servicePrincipals description: >- Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. operationId: servicePrincipals.ListOwners parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/{directoryObject-id}/$ref: description: Provides operations to manage the collection of servicePrincipal entities. delete: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Remove service principal owner description: >- Remove an owner from a servicePrincipal object. As a recommended best practice, service principals should have at least two owners. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-owners?view=graph-rest-1.0 operationId: servicePrincipals.owners.DeleteRefDirectoryObject parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/owners/{directoryObject-id}/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment operationId: servicePrincipals.GetOwners.AsAppRoleAssignment parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/owners/{directoryObject-id}/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint operationId: servicePrincipals.GetOwners.AsEndpoint parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpoint' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/owners/{directoryObject-id}/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal operationId: servicePrincipals.GetOwners.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/owners/{directoryObject-id}/graph.user: description: Casts the previous resource to user. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.user operationId: servicePrincipals.GetOwners.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.user' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/owners/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.owners.GetCount-ec9a parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/$ref: description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get ref of owners from servicePrincipals description: >- Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. operationId: servicePrincipals.ListRefOwners parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.directoryObject summary: 'Microsoft Graph servicePrincipal: Add owner' description: >- Use this API to add an owner for the servicePrincipal. Service principal owners can be users, the service principal itself, or other service principals. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-owners?view=graph-rest-1.0 operationId: servicePrincipals.CreateRefOwners requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Remove service principal owner description: >- Remove an owner from a servicePrincipal object. As a recommended best practice, service principals should have at least two owners. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-owners?view=graph-rest-1.0 operationId: servicePrincipals.DeleteRefOwners parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.appRoleAssignment: description: Casts the previous resource to appRoleAssignment. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.appRoleAssignment in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwners.AsAppRoleAssignment parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.appRoleAssignment/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.Owners.GetCount.AsAppRoleAssignment-abce parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.endpoint: description: Casts the previous resource to endpoint. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.endpoint in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwners.AsEndpoint parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.endpointCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.endpoint/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.Owners.GetCount.AsEndpoint-9454 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.servicePrincipal: description: Casts the previous resource to servicePrincipal. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.servicePrincipal in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwners.AsServicePrincipal parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.servicePrincipalCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.servicePrincipal/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.Owners.GetCount.AsServicePrincipal-c35b parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.user: description: Casts the previous resource to user. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.user in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListOwners.AsUser parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.userCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/owners/graph.user/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.Owners.GetCount.AsUser-aab7 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/remoteDesktopSecurityConfiguration: description: >- Provides operations to manage the remoteDesktopSecurityConfiguration property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Get remoteDesktopSecurityConfiguration description: >- Read the properties and relationships of a remoteDesktopSecurityConfiguration object on a servicePrincipal. Use this configuration to view the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices. Additionally you can view any targetDeviceGroups that have been configured for SSO. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/remotedesktopsecurityconfiguration-get?view=graph-rest-1.0 operationId: servicePrincipals.GetRemoteDesktopSecurityConfiguration parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.remoteDesktopSecurityConfiguration 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Update remoteDesktopSecurityConfiguration description: >- Update the properties of a remoteDesktopSecurityConfiguration object on the servicePrincipal. Use this configuration to enable or disable the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/remotedesktopsecurityconfiguration-update?view=graph-rest-1.0 operationId: servicePrincipals.UpdateRemoteDesktopSecurityConfiguration requestBody: description: New navigation property values content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.remoteDesktopSecurityConfiguration required: true responses: 2XX: description: Success content: application/json: schema: $ref: >- #/components/schemas/microsoft.graph.remoteDesktopSecurityConfiguration 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Delete remoteDesktopSecurityConfiguration description: >- Delete a remoteDesktopSecurityConfiguration object on a servicePrincipal. Removing remoteDesktopSecurityConfiguration object on the servicePrincipal disables the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices, and removes any target device groups that you configured for SSO. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-remotedesktopsecurityconfiguration?view=graph-rest-1.0 operationId: servicePrincipals.DeleteRemoteDesktopSecurityConfiguration parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/remoteDesktopSecurityConfiguration/targetDeviceGroups: description: >- Provides operations to manage the targetDeviceGroups property of the microsoft.graph.remoteDesktopSecurityConfiguration entity. get: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph List targetDeviceGroups description: >- Get a list of the targetDeviceGroup objects and their properties on the remoteDesktopSecurityConfiguration resource on the servicePrincipal. Any user authenticating using the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to a Microsoft Entra joined or Microsoft Entra hybrid joined device that belongs to the targetDeviceGroup will get SSO. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/remotedesktopsecurityconfiguration-list-targetdevicegroups?view=graph-rest-1.0 operationId: >- servicePrincipals.remoteDesktopSecurityConfiguration.ListTargetDeviceGroups parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.targetDeviceGroupCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Create targetDeviceGroup description: >- Create a new targetDeviceGroup object for the remoteDesktopSecurityConfiguration object on the servicePrincipal. You can configure a maximum of 10 target device groups for the remoteDesktopSecurityConfiguraiton object on the servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/remotedesktopsecurityconfiguration-post-targetdevicegroups?view=graph-rest-1.0 operationId: >- servicePrincipals.remoteDesktopSecurityConfiguration.CreateTargetDeviceGroups requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.targetDeviceGroup' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.targetDeviceGroup' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/remoteDesktopSecurityConfiguration/targetDeviceGroups/{targetDeviceGroup-id}: description: >- Provides operations to manage the targetDeviceGroups property of the microsoft.graph.remoteDesktopSecurityConfiguration entity. get: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Get targetDeviceGroup description: >- Read the properties and relationships of a targetDeviceGroup object for the remoteDesktopSecurityConfiguration object on the servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/targetdevicegroup-get?view=graph-rest-1.0 operationId: >- servicePrincipals.remoteDesktopSecurityConfiguration.GetTargetDeviceGroups parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.targetDeviceGroup' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Update targetDeviceGroup description: >- Update the properties of a targetDeviceGroup object for remoteDesktopSecurityConfiguration object on the servicePrincipal. You can configure a maximum of 10 target device groups for the remoteDesktopSecurityConfiguraiton object on the servicePrincipal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/targetdevicegroup-update?view=graph-rest-1.0 operationId: >- servicePrincipals.remoteDesktopSecurityConfiguration.UpdateTargetDeviceGroups requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.targetDeviceGroup' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.targetDeviceGroup' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Delete targetDeviceGroup description: >- Delete a targetDeviceGroup object for the remoteDesktopSecurityConfiguration object on the servicePrincipal. Any user authenticating using the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to a Microsoft Entra joined or Microsoft Entra hybrid joined device that's in the removed targetDeviceGroup doesn't get SSO prompts. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/remotedesktopsecurityconfiguration-delete-targetdevicegroups?view=graph-rest-1.0 operationId: >- servicePrincipals.remoteDesktopSecurityConfiguration.DeleteTargetDeviceGroups parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: targetDeviceGroup-id in: path description: The unique identifier of targetDeviceGroup required: true schema: type: string x-ms-docs-key-type: targetDeviceGroup /servicePrincipals/{servicePrincipal-id}/remoteDesktopSecurityConfiguration/targetDeviceGroups/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.remoteDesktopSecurityConfiguration summary: Microsoft Graph Get the number of the resource operationId: >- servicePrincipals.remoteDesktopSecurityConfiguration.targetDeviceGroups.GetCount-51f5 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization: description: >- Provides operations to manage the synchronization property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get synchronization from servicePrincipals description: >- Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. operationId: servicePrincipals.GetSynchronization parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronization' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation put: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update the navigation property synchronization in servicePrincipals operationId: servicePrincipals.SetSynchronization requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronization' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronization' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete navigation property synchronization for servicePrincipals operationId: servicePrincipals.DeleteSynchronization parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization/jobs: description: >- Provides operations to manage the jobs property of the microsoft.graph.synchronization entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph List synchronization jobs description: List existing jobs for a given application instance (service principal). externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronization-list-jobs?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.ListJobs parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.synchronizationJobCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Create synchronizationJob description: >- Create new synchronization job with a default synchronization schema. The job is created in a disabled state. Call Start job to start synchronization. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronization-post-jobs?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.CreateJobs requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationJob' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationJob' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}: description: >- Provides operations to manage the jobs property of the microsoft.graph.synchronization entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get synchronizationJob description: Retrieve the existing synchronization job and its properties. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationjob-get?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.GetJobs parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationJob' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update the navigation property jobs in servicePrincipals operationId: servicePrincipals.synchronization.UpdateJobs requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationJob' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationJob' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete synchronizationJob description: >- Stop the synchronization job, and permanently delete all the state associated with it. Synchronized accounts are left as-is. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationjob-delete?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.DeleteJobs parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/bulkUpload: description: >- Provides operations to manage the bulkUpload property of the microsoft.graph.synchronizationJob entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get bulkUpload from servicePrincipals description: The bulk upload operation for the job. operationId: servicePrincipals.synchronization.jobs.GetBulkUpload parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.bulkUpload' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update the navigation property bulkUpload in servicePrincipals operationId: servicePrincipals.synchronization.jobs.UpdateBulkUpload requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.bulkUpload' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.bulkUpload' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete navigation property bulkUpload for servicePrincipals operationId: servicePrincipals.synchronization.jobs.DeleteBulkUpload parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/bulkUpload/$value: description: Provides operations to manage the media for the servicePrincipal entity. get: tags: - servicePrincipals.synchronization summary: >- Microsoft Graph Get media content for the navigation property bulkUpload from servicePrincipals description: The bulk upload operation for the job. operationId: servicePrincipals.synchronization.jobs.GetBulkUploadContent responses: 2XX: description: Retrieved media content content: application/octet-stream: schema: type: string format: binary 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' put: tags: - servicePrincipals.synchronization summary: >- Microsoft Graph Update media content for the navigation property bulkUpload in servicePrincipals description: The bulk upload operation for the job. operationId: servicePrincipals.synchronization.jobs.UpdateBulkUploadContent requestBody: description: New media content. content: application/octet-stream: schema: type: string format: binary required: true responses: 2XX: description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' delete: tags: - servicePrincipals.synchronization summary: >- Microsoft Graph Delete media content for the navigation property bulkUpload in servicePrincipals description: The bulk upload operation for the job. operationId: servicePrincipals.synchronization.jobs.DeleteBulkUploadContent parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/pause: description: Provides operations to call the pause method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action pause description: >- Temporarily stop a running synchronization job. All the progress, including job state, is persisted, and the job will continue from where it left off when a start call is made. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationjob-pause?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.pause responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/provisionOnDemand: description: Provides operations to call the provisionOnDemand method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action provisionOnDemand description: >- Select a user and provision the account on-demand. The rate limit for this API is 5 requests per 10 seconds. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationjob-provisionondemand?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.provisionOnDemand requestBody: description: Action parameters content: application/json: schema: type: object properties: parameters: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationJobApplicationParameters required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.stringKeyStringValuePair' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/restart: description: Provides operations to call the restart method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action restart description: >- Restart a stopped synchronization job, forcing it to reprocess all the objects in the directory. Optionally clears existing the synchronization state and previous errors. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationjob-restart?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.restart requestBody: description: Action parameters content: application/json: schema: type: object properties: criteria: anyOf: - $ref: >- #/components/schemas/microsoft.graph.synchronizationJobRestartCriteria - type: object nullable: true required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/start: description: Provides operations to call the start method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action start description: >- Start an existing synchronization job. If the job is in a paused state, it continues processing changes from the point where it was paused. If the job is in quarantine, the quarantine status is cleared. Don't create scripts to call the start job continuously while it's running because that can cause the service to stop running. Use the start job only when the job is currently paused or in quarantine. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationjob-start?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.start responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/validateCredentials: description: Provides operations to call the validateCredentials method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action validateCredentials description: Validate that the credentials are valid in the tenant. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationjob-validatecredentials?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.validateCredentials requestBody: description: Action parameters content: application/json: schema: type: object properties: applicationIdentifier: type: string nullable: true templateId: type: string nullable: true useSavedCredentials: type: boolean default: false nullable: true credentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationSecretKeyStringValuePair required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/validateCredentials /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema: description: >- Provides operations to manage the schema property of the microsoft.graph.synchronizationJob entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get synchronizationSchema description: Retrieve the schema for a given synchronization job or template. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-get?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.jobs.GetSchema parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update synchronizationSchema description: >- Update the synchronization schema for a given job or template. This method fully replaces the current schema with the one provided in the request. To update the schema of a template, make the call on the application object. You must be the owner of the application. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-update?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.jobs.UpdateSchema requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete navigation property schema for servicePrincipals operationId: servicePrincipals.synchronization.jobs.DeleteSchema parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/directories: description: >- Provides operations to manage the directories property of the microsoft.graph.synchronizationSchema entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get directories from servicePrincipals description: Contains the collection of directories and all of their objects. operationId: servicePrincipals.synchronization.jobs.schema.ListDirectories parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryDefinitionCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Create new navigation property to directories for servicePrincipals operationId: servicePrincipals.synchronization.jobs.schema.CreateDirectories requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/directories ? /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/directories/{directoryDefinition-id} : description: >- Provides operations to manage the directories property of the microsoft.graph.synchronizationSchema entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get directories from servicePrincipals description: Contains the collection of directories and all of their objects. operationId: servicePrincipals.synchronization.jobs.schema.GetDirectories parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update the navigation property directories in servicePrincipals operationId: servicePrincipals.synchronization.jobs.schema.UpdateDirectories requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete navigation property directories for servicePrincipals operationId: servicePrincipals.synchronization.jobs.schema.DeleteDirectories parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob - name: directoryDefinition-id in: path description: The unique identifier of directoryDefinition required: true schema: type: string x-ms-docs-key-type: directoryDefinition x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/directories/{directoryDefinition-id} ? /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/directories/{directoryDefinition-id}/discover : description: Provides operations to call the discover method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action discover description: >- Discover the latest schema definition for provisioning to an application. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-directorydefinition-discover?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.schema.directories.directoryDefinition.discover responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryDefinition' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob - name: directoryDefinition-id in: path description: The unique identifier of directoryDefinition required: true schema: type: string x-ms-docs-key-type: directoryDefinition x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/directories/{directoryDefinition-id}/discover /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/directories/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.synchronization.jobs.schema.directories.GetCount-af56 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/filterOperators(): description: Provides operations to call the filterOperators method. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke function filterOperators description: List all operators supported in the scoping filters. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-filteroperators?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.schema.filterOperators parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of filterOperatorSchema type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.filterOperatorSchema 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/filterOperators() /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/functions(): description: Provides operations to call the functions method. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke function functions description: >- List all the functions currently supported in the attributeMappingSource. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-functions?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.schema.functions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of attributeMappingFunctionSchema type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.attributeMappingFunctionSchema 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/functions() /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/parseExpression: description: Provides operations to call the parseExpression method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action parseExpression description: >- Parse a given string expression into an attributeMappingSource object. For more information about expressions, see Writing Expressions for Attribute Mappings in Microsoft Entra ID. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-parseexpression?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.synchronizationJob.schema.parseExpression requestBody: description: Action parameters content: application/json: schema: type: object properties: expression: type: string nullable: true testInputObject: anyOf: - $ref: >- #/components/schemas/microsoft.graph.expressionInputObject - type: object nullable: true targetAttributeDefinition: anyOf: - $ref: '#/components/schemas/microsoft.graph.attributeDefinition' - type: object nullable: true required: true responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: >- #/components/schemas/microsoft.graph.parseExpressionResponse - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationJob-id in: path description: The unique identifier of synchronizationJob required: true schema: type: string x-ms-docs-key-type: synchronizationJob x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/parseExpression /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.synchronization.jobs.GetCount-5eba parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/validateCredentials: description: Provides operations to call the validateCredentials method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action validateCredentials operationId: >- servicePrincipals.servicePrincipal.synchronization.jobs.validateCredentials requestBody: description: Action parameters content: application/json: schema: type: object properties: applicationIdentifier: type: string nullable: true templateId: type: string nullable: true useSavedCredentials: type: boolean default: false nullable: true credentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationSecretKeyStringValuePair required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/validateCredentials /servicePrincipals/{servicePrincipal-id}/synchronization/acquireAccessToken: description: Provides operations to call the acquireAccessToken method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action acquireAccessToken description: >- Acquire an OAuth access token to authorize the Microsoft Entra provisioning service to provision users into an application. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronization-acquireaccesstoken?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.synchronization.acquireAccessToken requestBody: description: Action parameters content: application/json: schema: type: object properties: credentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationSecretKeyStringValuePair required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization/secrets: put: tags: - servicePrincipals.synchronization summary: Microsoft Graph Add synchronization secrets description: >- Provide credentials for establishing connectivity with the target system. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-serviceprincipal-put-synchronization?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.SetSecrets requestBody: description: New property values content: application/json: schema: type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationSecretKeyStringValuePair required: true responses: 2XX: description: Success content: application/json: schema: type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationSecretKeyStringValuePair 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization/secrets/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.synchronization.Secrets.GetCount-65c9 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization/templates: description: >- Provides operations to manage the templates property of the microsoft.graph.synchronization entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph List existing synchronization templates description: >- List the synchronization templates associated with a given application or service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronization-list-templates?view=graph-rest-1.0 operationId: servicePrincipals.synchronization.ListTemplates parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.synchronizationTemplateCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Create new navigation property to templates for servicePrincipals operationId: servicePrincipals.synchronization.CreateTemplates requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationTemplate' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationTemplate' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}: description: >- Provides operations to manage the templates property of the microsoft.graph.synchronization entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get templates from servicePrincipals description: Preconfigured synchronization settings for a particular application. operationId: servicePrincipals.synchronization.GetTemplates parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationTemplate' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update the navigation property templates in servicePrincipals operationId: servicePrincipals.synchronization.UpdateTemplates requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationTemplate' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationTemplate' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete navigation property templates for servicePrincipals operationId: servicePrincipals.synchronization.DeleteTemplates parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema: description: >- Provides operations to manage the schema property of the microsoft.graph.synchronizationTemplate entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get schema from servicePrincipals description: Default synchronization schema for the jobs based on this template. operationId: servicePrincipals.synchronization.templates.GetSchema parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update the navigation property schema in servicePrincipals operationId: servicePrincipals.synchronization.templates.UpdateSchema requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete navigation property schema for servicePrincipals operationId: servicePrincipals.synchronization.templates.DeleteSchema parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/directories: description: >- Provides operations to manage the directories property of the microsoft.graph.synchronizationSchema entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get directories from servicePrincipals description: Contains the collection of directories and all of their objects. operationId: servicePrincipals.synchronization.templates.schema.ListDirectories parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryDefinitionCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Create new navigation property to directories for servicePrincipals operationId: servicePrincipals.synchronization.templates.schema.CreateDirectories requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/directories ? /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/directories/{directoryDefinition-id} : description: >- Provides operations to manage the directories property of the microsoft.graph.synchronizationSchema entity. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get directories from servicePrincipals description: Contains the collection of directories and all of their objects. operationId: servicePrincipals.synchronization.templates.schema.GetDirectories parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.synchronization summary: Microsoft Graph Update the navigation property directories in servicePrincipals operationId: servicePrincipals.synchronization.templates.schema.UpdateDirectories requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.synchronization summary: Microsoft Graph Delete navigation property directories for servicePrincipals operationId: servicePrincipals.synchronization.templates.schema.DeleteDirectories parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate - name: directoryDefinition-id in: path description: The unique identifier of directoryDefinition required: true schema: type: string x-ms-docs-key-type: directoryDefinition x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/directories/{directoryDefinition-id} ? /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/directories/{directoryDefinition-id}/discover : description: Provides operations to call the discover method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action discover description: >- Discover the latest schema definition for provisioning to an application. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-directorydefinition-discover?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.templates.synchronizationTemplate.schema.directories.directoryDefinition.discover responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryDefinition' - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate - name: directoryDefinition-id in: path description: The unique identifier of directoryDefinition required: true schema: type: string x-ms-docs-key-type: directoryDefinition x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/directories/{directoryDefinition-id}/discover /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/directories/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get the number of the resource operationId: >- servicePrincipals.synchronization.templates.schema.directories.GetCount-f937 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/filterOperators(): description: Provides operations to call the filterOperators method. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke function filterOperators description: List all operators supported in the scoping filters. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-filteroperators?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.templates.synchronizationTemplate.schema.filterOperators parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of filterOperatorSchema type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.filterOperatorSchema 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/filterOperators() /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/functions(): description: Provides operations to call the functions method. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke function functions description: >- List all the functions currently supported in the attributeMappingSource. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-functions?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.templates.synchronizationTemplate.schema.functions parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of attributeMappingFunctionSchema type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.attributeMappingFunctionSchema 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/functions() /servicePrincipals/{servicePrincipal-id}/synchronization/templates/{synchronizationTemplate-id}/schema/parseExpression: description: Provides operations to call the parseExpression method. post: tags: - servicePrincipals.synchronization summary: Microsoft Graph Invoke action parseExpression description: >- Parse a given string expression into an attributeMappingSource object. For more information about expressions, see Writing Expressions for Attribute Mappings in Microsoft Entra ID. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/synchronization-synchronizationschema-parseexpression?view=graph-rest-1.0 operationId: >- servicePrincipals.servicePrincipal.synchronization.templates.synchronizationTemplate.schema.parseExpression requestBody: description: Action parameters content: application/json: schema: type: object properties: expression: type: string nullable: true testInputObject: anyOf: - $ref: >- #/components/schemas/microsoft.graph.expressionInputObject - type: object nullable: true targetAttributeDefinition: anyOf: - $ref: '#/components/schemas/microsoft.graph.attributeDefinition' - type: object nullable: true required: true responses: 2XX: description: Success content: application/json: schema: anyOf: - $ref: >- #/components/schemas/microsoft.graph.parseExpressionResponse - type: object nullable: true 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: synchronizationTemplate-id in: path description: The unique identifier of synchronizationTemplate required: true schema: type: string x-ms-docs-key-type: synchronizationTemplate x-ms-docs-grouped-path: - >- /servicePrincipals/{servicePrincipal-id}/synchronization/jobs/{synchronizationJob-id}/schema/parseExpression /servicePrincipals/{servicePrincipal-id}/synchronization/templates/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.synchronization summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.synchronization.templates.GetCount-1c9d parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/tokenIssuancePolicies: description: >- Provides operations to manage the tokenIssuancePolicies property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.tokenIssuancePolicy summary: Microsoft Graph Get tokenIssuancePolicies from servicePrincipals description: The tokenIssuancePolicies assigned to this service principal. operationId: servicePrincipals.ListTokenIssuancePolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.tokenIssuancePolicyCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/tokenIssuancePolicies/{tokenIssuancePolicy-id}/$ref: description: Provides operations to manage the collection of servicePrincipal entities. delete: tags: - servicePrincipals.tokenIssuancePolicy summary: >- Microsoft Graph Delete ref of navigation property tokenIssuancePolicies for servicePrincipals operationId: servicePrincipals.tokenIssuancePolicies.DeleteRefTokenIssuancePolicy parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: tokenIssuancePolicy-id in: path description: The unique identifier of tokenIssuancePolicy required: true schema: type: string x-ms-docs-key-type: tokenIssuancePolicy /servicePrincipals/{servicePrincipal-id}/tokenIssuancePolicies/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.tokenIssuancePolicy summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.tokenIssuancePolicies.GetCount-578b parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/tokenIssuancePolicies/$ref: description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.tokenIssuancePolicy summary: Microsoft Graph Get ref of tokenIssuancePolicies from servicePrincipals description: The tokenIssuancePolicies assigned to this service principal. operationId: servicePrincipals.ListRefTokenIssuancePolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.tokenIssuancePolicy summary: >- Microsoft Graph Create new navigation property ref to tokenIssuancePolicies for servicePrincipals operationId: servicePrincipals.CreateRefTokenIssuancePolicies requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.tokenIssuancePolicy summary: >- Microsoft Graph Delete ref of navigation property tokenIssuancePolicies for servicePrincipals operationId: servicePrincipals.DeleteRefTokenIssuancePolicies parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/tokenLifetimePolicies: description: >- Provides operations to manage the tokenLifetimePolicies property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.tokenLifetimePolicy summary: Microsoft Graph List assigned tokenLifetimePolicies description: >- List the tokenLifetimePolicy objects that are assigned to a servicePrincipal. Only one object is returned in the collection because only one tokenLifetimePolicy can be assigned to a service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-tokenlifetimepolicies?view=graph-rest-1.0 operationId: servicePrincipals.ListTokenLifetimePolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.tokenLifetimePolicyCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/tokenLifetimePolicies/{tokenLifetimePolicy-id}/$ref: description: Provides operations to manage the collection of servicePrincipal entities. delete: tags: - servicePrincipals.tokenLifetimePolicy summary: Microsoft Graph Remove tokenLifetimePolicies description: Remove a tokenLifetimePolicy object from a service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-tokenlifetimepolicies?view=graph-rest-1.0 operationId: servicePrincipals.tokenLifetimePolicies.DeleteRefTokenLifetimePolicy parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: tokenLifetimePolicy-id in: path description: The unique identifier of tokenLifetimePolicy required: true schema: type: string x-ms-docs-key-type: tokenLifetimePolicy /servicePrincipals/{servicePrincipal-id}/tokenLifetimePolicies/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.tokenLifetimePolicy summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.tokenLifetimePolicies.GetCount-4121 parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/tokenLifetimePolicies/$ref: description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.tokenLifetimePolicy summary: Microsoft Graph List assigned tokenLifetimePolicies description: >- List the tokenLifetimePolicy objects that are assigned to a servicePrincipal. Only one object is returned in the collection because only one tokenLifetimePolicy can be assigned to a service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-tokenlifetimepolicies?view=graph-rest-1.0 operationId: servicePrincipals.ListRefTokenLifetimePolicies parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/StringCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - servicePrincipals.tokenLifetimePolicy summary: Microsoft Graph Add tokenLifetimePolicy description: >- Assign a tokenLifetimePolicy to a servicePrincipal. You can have multiple tokenLifetimePolicy policies in a tenant but can assign only one tokenLifetimePolicy per service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-post-tokenlifetimepolicies?view=graph-rest-1.0 operationId: servicePrincipals.CreateRefTokenLifetimePolicies requestBody: $ref: '#/components/requestBodies/refPostBody' responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.tokenLifetimePolicy summary: Microsoft Graph Remove tokenLifetimePolicies description: Remove a tokenLifetimePolicy object from a service principal. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete-tokenlifetimepolicies?view=graph-rest-1.0 operationId: servicePrincipals.DeleteRefTokenLifetimePolicies parameters: - name: If-Match in: header description: ETag schema: type: string - name: '@id' in: query description: The delete Uri required: true schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf: description: >- Provides operations to manage the transitiveMemberOf property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph List servicePrincipal transitive memberOf description: >- Get the groups and directory roles that this servicePrincipal is a member of. This operation is transitive and will include all groups that this service principal is a nested member of. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-list-transitivememberof?view=graph-rest-1.0 operationId: servicePrincipals.ListTransitiveMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryObjectCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/{directoryObject-id}: description: >- Provides operations to manage the transitiveMemberOf property of the microsoft.graph.servicePrincipal entity. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get transitiveMemberOf from servicePrincipals operationId: servicePrincipals.GetTransitiveMemberOf parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/{directoryObject-id}/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit operationId: servicePrincipals.GetTransitiveMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.administrativeUnit' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/{directoryObject-id}/graph.directoryRole: description: Casts the previous resource to directoryRole. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.directoryRole operationId: servicePrincipals.GetTransitiveMemberOf.AsDirectoryRole parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryRole' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/{directoryObject-id}/graph.group: description: Casts the previous resource to group. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the item of type microsoft.graph.directoryObject as microsoft.graph.group operationId: servicePrincipals.GetTransitiveMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Entity result. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.group' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true schema: type: string x-ms-docs-key-type: directoryObject /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.transitiveMemberOf.GetCount-4794 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/graph.administrativeUnit: description: Casts the previous resource to administrativeUnit. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.administrativeUnit in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListTransitiveMemberOf.AsAdministrativeUnit parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.administrativeUnitCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/graph.administrativeUnit/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.TransitiveMemberOf.GetCount.AsAdministrativeUnit-4450 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/graph.directoryRole: description: Casts the previous resource to directoryRole. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.directoryRole in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListTransitiveMemberOf.AsDirectoryRole parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: >- #/components/responses/microsoft.graph.directoryRoleCollectionResponse 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/graph.directoryRole/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.TransitiveMemberOf.GetCount.AsDirectoryRole-8951 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/graph.group: description: Casts the previous resource to group. get: tags: - servicePrincipals.directoryObject summary: >- Microsoft Graph Get the items of type microsoft.graph.group in the microsoft.graph.directoryObject collection operationId: servicePrincipals.ListTransitiveMemberOf.AsGroup parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.groupCollectionResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals/{servicePrincipal-id}/transitiveMemberOf/graph.group/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.directoryObject summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.TransitiveMemberOf.GetCount.AsGroup-e005 parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' parameters: - name: servicePrincipal-id in: path description: The unique identifier of servicePrincipal required: true schema: type: string x-ms-docs-key-type: servicePrincipal /servicePrincipals(appId='{appId}'): description: Provides operations to manage the collection of servicePrincipal entities. get: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Get servicePrincipal description: Retrieve the properties and relationships of a servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-get?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.GetServicePrincipalByAppId parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Upsert servicePrincipal description: >- Create a new servicePrincipal object if it doesn't exist, or update the properties of an existing servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-upsert?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.UpdateServicePrincipalByAppId requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.servicePrincipal' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Delete servicePrincipal description: Delete a servicePrincipal object. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delete?view=graph-rest-1.0 operationId: servicePrincipals.servicePrincipal.DeleteServicePrincipalByAppId parameters: - name: If-Match in: header description: ETag schema: type: string responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation parameters: - name: appId in: path description: Alternate key of servicePrincipal required: true schema: type: string nullable: true /servicePrincipals/$count: description: Provides operations to count the resources in the collection. get: tags: - servicePrincipals.servicePrincipal summary: Microsoft Graph Get the number of the resource operationId: servicePrincipals.GetCount-da6d parameters: - name: ConsistencyLevel in: header description: >- Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries schema: type: string examples: example-1: description: >- $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' /servicePrincipals/delta(): description: Provides operations to call the delta method. get: tags: - servicePrincipals.servicePrincipal.Functions summary: Microsoft Graph Invoke function delta description: >- Get newly created, updated, or deleted service principals without having to perform a full read of the entire resource collection. For more information, see Use delta query to track changes in Microsoft Graph data for details. externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/serviceprincipal-delta?view=graph-rest-1.0 operationId: servicePrincipals.delta parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of servicePrincipal type: object allOf: - $ref: '#/components/schemas/BaseDeltaFunctionResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.servicePrincipal 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-grouped-path: - /servicePrincipals/delta() /servicePrincipals/getAvailableExtensionProperties: description: Provides operations to call the getAvailableExtensionProperties method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action getAvailableExtensionProperties description: >- Return all directory extension definitions that are registered in a directory, including through multitenant apps. The following entities support extension properties: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getavailableextensionproperties?view=graph-rest-1.0 operationId: servicePrincipals.getAvailableExtensionProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: isSyncedFromOnPremises: type: boolean default: false nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of extensionProperty type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: >- #/components/schemas/microsoft.graph.extensionProperty 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /servicePrincipals/getByIds: description: Provides operations to call the getByIds method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action getByIds description: >- Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to: externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-getbyids?view=graph-rest-1.0 operationId: servicePrincipals.getByIds requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string types: type: array items: type: string nullable: true required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object allOf: - $ref: '#/components/schemas/BaseCollectionPaginationCountResponse' - type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /servicePrincipals/validateProperties: description: Provides operations to call the validateProperties method. post: tags: - servicePrincipals.servicePrincipal.Actions summary: Microsoft Graph Invoke action validateProperties description: "Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:\r\n1. Validate the prefix and suffix naming policy\r\n2. Validate the custom banned words policy\r\n3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy." externalDocs: description: Find more info here url: >- https://learn.microsoft.com/graph/api/directoryobject-validateproperties?view=graph-rest-1.0 operationId: servicePrincipals.validateProperties requestBody: description: Action parameters content: application/json: schema: type: object properties: entityType: type: string nullable: true displayName: type: string nullable: true mailNickname: type: string nullable: true onBehalfOfUserId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string format: uuid nullable: true required: true responses: '204': description: Success 4XX: $ref: '#/components/responses/error' 5XX: $ref: '#/components/responses/error' x-ms-docs-operation-type: action components: schemas: microsoft.graph.servicePrincipal: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: servicePrincipal required: - '@odata.type' type: object properties: accountEnabled: type: boolean description: >- true if the service principal account is enabled; otherwise, false. If set to false, then no users are able to sign in to this app, even if they're assigned to it. Supports $filter (eq, ne, not, in). nullable: true addIns: type: array items: $ref: '#/components/schemas/microsoft.graph.addIn' description: >- Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its 'FileHandler' functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on. alternativeNames: type: array items: type: string description: >- Used to retrieve service principals by subscription, identify resource group and full resource IDs for managed identities. Supports $filter (eq, not, ge, le, startsWith). appDescription: type: string description: The description exposed by the associated application. nullable: true appDisplayName: type: string description: >- The display name exposed by the associated application. Maximum length is 256 characters. nullable: true appId: type: string description: >- The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, not, in, startsWith). nullable: true applicationTemplateId: type: string description: >- Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the service principal wasn't created from an application template. nullable: true appOwnerOrganizationId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Contains the tenant ID where the application is registered. This is applicable only to service principals backed by applications. Supports $filter (eq, ne, NOT, ge, le). format: uuid nullable: true appRoleAssignmentRequired: type: boolean description: >- Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter (eq, ne, NOT). appRoles: type: array items: $ref: '#/components/schemas/microsoft.graph.appRole' description: >- The roles exposed by the application that's linked to this service principal. For more information, see the appRoles property definition on the application entity. Not nullable. customSecurityAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeValue - type: object nullable: true description: >- An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role. description: type: string description: >- Free text field to provide an internal end-user facing description of the service principal. End-user portals such MyApps displays the application description in this field. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true disabledByMicrosoftStatus: type: string description: >- Specifies whether Microsoft has disabled the registered application. The possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). nullable: true displayName: type: string description: >- The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true homepage: type: string description: Home page or landing page of the application. nullable: true info: anyOf: - $ref: '#/components/schemas/microsoft.graph.informationalUrl' - type: object nullable: true description: >- Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values). keyCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.keyCredential' description: >- The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, le). loginUrl: type: string description: >- Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL. nullable: true logoutUrl: type: string description: >- Specifies the URL that the Microsoft's authorization service uses to sign out a user using OpenID Connect front-channel, back-channel, or SAML sign out protocols. nullable: true notes: type: string description: >- Free text field to capture information about the service principal, typically used for operational purposes. Maximum allowed size is 1,024 characters. nullable: true notificationEmailAddresses: type: array items: type: string description: >- Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery applications. oauth2PermissionScopes: type: array items: $ref: '#/components/schemas/microsoft.graph.permissionScope' description: >- The delegated permissions exposed by the application. For more information, see the oauth2PermissionScopes property on the application entity's api property. Not nullable. passwordCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.passwordCredential' description: >- The collection of password credentials associated with the application. Not nullable. preferredSingleSignOnMode: type: string description: >- Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. Note: This field might be null for older SAML apps and for OIDC applications where it isn't set automatically. nullable: true preferredTokenSigningKeyThumbprint: type: string description: >- This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which certificate is used to sign the SAML responses. For applications that aren't SAML, don't write or otherwise rely on this property. nullable: true replyUrls: type: array items: type: string description: >- The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable. resourceSpecificApplicationPermissions: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermission description: >- The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for Teams apps accessing to specific chats and teams using Microsoft Graph. Read-only. samlSingleSignOnSettings: anyOf: - $ref: >- #/components/schemas/microsoft.graph.samlSingleSignOnSettings - type: object nullable: true description: The collection for settings related to saml single sign-on. servicePrincipalNames: type: array items: type: string description: >- Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the 'aud' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith). servicePrincipalType: type: string description: >- Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren't issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can't be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn't have an associated app registration. The appId value doesn't associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use. nullable: true signInAudience: type: string description: >- Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values are:AzureADMyOrg: Users with a Microsoft work or school account in my organization's Microsoft Entra tenant (single-tenant).AzureADMultipleOrgs: Users with a Microsoft work or school account in any organization's Microsoft Entra tenant (multitenant).AzureADandPersonalMicrosoftAccount: Users with a personal Microsoft account, or a work or school account in any organization's Microsoft Entra tenant.PersonalMicrosoftAccount: Users with a personal Microsoft account only. nullable: true tags: type: array items: type: string description: >- Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated application entity's tags property.Supports $filter (eq, not, ge, le, startsWith). tokenEncryptionKeyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. format: uuid nullable: true verifiedPublisher: anyOf: - $ref: '#/components/schemas/microsoft.graph.verifiedPublisher' - type: object nullable: true description: >- Specifies the verified publisher of the application that's linked to this service principal. appManagementPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.appManagementPolicy' description: The appManagementPolicy applied to this application. x-ms-navigationProperty: true appRoleAssignedTo: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- App role assignments for this app or service, granted to users, groups, and other service principals. Supports $expand. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- App role assignment for another app or service, granted to this service principal. Supports $expand. x-ms-navigationProperty: true claimsMappingPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.claimsMappingPolicy' description: >- The claimsMappingPolicies assigned to this service principal. Supports $expand. x-ms-navigationProperty: true createdObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects created by this service principal. Read-only. Nullable. x-ms-navigationProperty: true delegatedPermissionClassifications: type: array items: $ref: >- #/components/schemas/microsoft.graph.delegatedPermissionClassification x-ms-navigationProperty: true endpoints: type: array items: $ref: '#/components/schemas/microsoft.graph.endpoint' x-ms-navigationProperty: true federatedIdentityCredentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential description: >- Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count eq 0, /$count ne 0). x-ms-navigationProperty: true homeRealmDiscoveryPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' description: >- The homeRealmDiscoveryPolicies assigned to this service principal. Supports $expand. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true oauth2PermissionGrants: type: array items: $ref: '#/components/schemas/microsoft.graph.oAuth2PermissionGrant' description: >- Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. Read-only. Nullable. x-ms-navigationProperty: true ownedObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that this service principal owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that are owners of this servicePrincipal. The owners are a set of nonadmin users or servicePrincipals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. x-ms-navigationProperty: true remoteDesktopSecurityConfiguration: anyOf: - $ref: >- #/components/schemas/microsoft.graph.remoteDesktopSecurityConfiguration - type: object nullable: true description: >- The remoteDesktopSecurityConfiguration object applied to this service principal. Supports $filter (eq) for isRemoteDesktopProtocolEnabled property. x-ms-navigationProperty: true synchronization: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronization' - type: object nullable: true description: >- Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. x-ms-navigationProperty: true tokenIssuancePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenIssuancePolicy' description: The tokenIssuancePolicies assigned to this service principal. x-ms-navigationProperty: true tokenLifetimePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenLifetimePolicy' description: The tokenLifetimePolicies assigned to this service principal. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.servicePrincipal' x-ms-discriminator-value: '#microsoft.graph.servicePrincipal' microsoft.graph.appManagementPolicy: allOf: - $ref: '#/components/schemas/microsoft.graph.policyBase' - title: appManagementPolicy required: - '@odata.type' type: object properties: isEnabled: type: boolean description: Denotes whether the policy is enabled. restrictions: anyOf: - $ref: >- #/components/schemas/microsoft.graph.customAppManagementConfiguration - type: object nullable: true description: >- Restrictions that apply to an application or service principal object. appliesTo: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Collection of applications and service principals to which the policy is applied. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.appManagementPolicy' x-ms-discriminator-value: '#microsoft.graph.appManagementPolicy' microsoft.graph.appRoleAssignment: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: appRoleAssignment required: - '@odata.type' type: object properties: appRoleId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- The identifier (id) for the app role that's assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application hasn't declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create. format: uuid createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The time when the app role assignment was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. format: date-time nullable: true principalDisplayName: type: string description: >- The display name of the user, group, or service principal that was granted the app role assignment. Maximum length is 256 characters. Read-only. Supports $filter (eq and startswith). nullable: true principalId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- The unique identifier (id) for the user, security group, or service principal being granted the app role. Security groups with dynamic memberships are supported. Required on create. format: uuid nullable: true principalType: type: string description: >- The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only. nullable: true resourceDisplayName: type: string description: >- The display name of the resource app's service principal to which the assignment is made. Maximum length is 256 characters. nullable: true resourceId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only). format: uuid nullable: true '@odata.type': type: string default: '#microsoft.graph.appRoleAssignment' x-ms-discriminator-value: '#microsoft.graph.appRoleAssignment' microsoft.graph.directoryObject: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: directoryObject required: - '@odata.type' type: object properties: deletedDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Date and time when this object was deleted. Always null when the object hasn't been deleted. format: date-time nullable: true '@odata.type': type: string discriminator: propertyName: '@odata.type' mapping: '#microsoft.graph.administrativeUnit': '#/components/schemas/microsoft.graph.administrativeUnit' '#microsoft.graph.application': '#/components/schemas/microsoft.graph.application' '#microsoft.graph.appRoleAssignment': '#/components/schemas/microsoft.graph.appRoleAssignment' '#microsoft.graph.certificateAuthorityDetail': '#/components/schemas/microsoft.graph.certificateAuthorityDetail' '#microsoft.graph.certificateBasedAuthPki': '#/components/schemas/microsoft.graph.certificateBasedAuthPki' '#microsoft.graph.contract': '#/components/schemas/microsoft.graph.contract' '#microsoft.graph.device': '#/components/schemas/microsoft.graph.device' '#microsoft.graph.directoryObjectPartnerReference': >- #/components/schemas/microsoft.graph.directoryObjectPartnerReference '#microsoft.graph.directoryRole': '#/components/schemas/microsoft.graph.directoryRole' '#microsoft.graph.directoryRoleTemplate': '#/components/schemas/microsoft.graph.directoryRoleTemplate' '#microsoft.graph.endpoint': '#/components/schemas/microsoft.graph.endpoint' '#microsoft.graph.extensionProperty': '#/components/schemas/microsoft.graph.extensionProperty' '#microsoft.graph.group': '#/components/schemas/microsoft.graph.group' '#microsoft.graph.groupSettingTemplate': '#/components/schemas/microsoft.graph.groupSettingTemplate' '#microsoft.graph.multiTenantOrganizationMember': >- #/components/schemas/microsoft.graph.multiTenantOrganizationMember '#microsoft.graph.organization': '#/components/schemas/microsoft.graph.organization' '#microsoft.graph.orgContact': '#/components/schemas/microsoft.graph.orgContact' '#microsoft.graph.policyBase': '#/components/schemas/microsoft.graph.policyBase' '#microsoft.graph.appManagementPolicy': '#/components/schemas/microsoft.graph.appManagementPolicy' '#microsoft.graph.authorizationPolicy': '#/components/schemas/microsoft.graph.authorizationPolicy' '#microsoft.graph.crossTenantAccessPolicy': '#/components/schemas/microsoft.graph.crossTenantAccessPolicy' '#microsoft.graph.identitySecurityDefaultsEnforcementPolicy': >- #/components/schemas/microsoft.graph.identitySecurityDefaultsEnforcementPolicy '#microsoft.graph.permissionGrantPolicy': '#/components/schemas/microsoft.graph.permissionGrantPolicy' '#microsoft.graph.stsPolicy': '#/components/schemas/microsoft.graph.stsPolicy' '#microsoft.graph.activityBasedTimeoutPolicy': '#/components/schemas/microsoft.graph.activityBasedTimeoutPolicy' '#microsoft.graph.claimsMappingPolicy': '#/components/schemas/microsoft.graph.claimsMappingPolicy' '#microsoft.graph.homeRealmDiscoveryPolicy': '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' '#microsoft.graph.tokenIssuancePolicy': '#/components/schemas/microsoft.graph.tokenIssuancePolicy' '#microsoft.graph.tokenLifetimePolicy': '#/components/schemas/microsoft.graph.tokenLifetimePolicy' '#microsoft.graph.tenantAppManagementPolicy': '#/components/schemas/microsoft.graph.tenantAppManagementPolicy' '#microsoft.graph.resourceSpecificPermissionGrant': >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant '#microsoft.graph.servicePrincipal': '#/components/schemas/microsoft.graph.servicePrincipal' '#microsoft.graph.user': '#/components/schemas/microsoft.graph.user' microsoft.graph.endpoint: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: endpoint required: - '@odata.type' type: object properties: capability: type: string providerId: type: string nullable: true providerName: type: string nullable: true providerResourceId: type: string nullable: true uri: type: string '@odata.type': type: string default: '#microsoft.graph.endpoint' x-ms-discriminator-value: '#microsoft.graph.endpoint' microsoft.graph.federatedIdentityCredential: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: federatedIdentityCredential required: - '@odata.type' type: object properties: audiences: type: array items: type: string description: >- The audience that can appear in the external token. This field is mandatory and should be set to api://AzureADTokenExchange for Microsoft Entra ID. It says what Microsoft identity platform should accept in the aud claim in the incoming token. This value represents Microsoft Entra ID in your external identity provider and has no fixed value across identity providers - you might need to create a new application registration in your identity provider to serve as the audience of this token. This field can only accept a single value and has a limit of 600 characters. Required. description: type: string description: >- The unvalidated description of the federated identity credential, provided by the user. It has a limit of 600 characters. Optional. nullable: true issuer: type: string description: >- The URL of the external identity provider, which must match the issuer claim of the external token being exchanged. The combination of the values of issuer and subject must be unique within the app. It has a limit of 600 characters. Required. name: type: string description: >- The unique identifier for the federated identity credential, which has a limit of 120 characters and must be URL friendly. The string is immutable after it's created. Alternate key. Required. Not nullable. Supports $filter (eq). subject: type: string description: >- Required. The identifier of the external software workload within the external identity provider. Like the audience value, it has no fixed format; each identity provider uses their own - sometimes a GUID, sometimes a colon delimited identifier, sometimes arbitrary strings. The value here must match the sub claim within the token presented to Microsoft Entra ID. The combination of issuer and subject must be unique within the app. It has a limit of 600 characters. Supports $filter (eq). '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.federatedIdentityCredential' microsoft.graph.administrativeUnit: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: administrativeUnit required: - '@odata.type' type: object properties: description: type: string description: >- An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search. nullable: true displayName: type: string description: >- Display name for the administrative unit. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true isMemberManagementRestricted: type: boolean description: >- true if members of this administrative unit should be treated as sensitive, which requires specific permissions to manage. If not set, the default value is null and the default behavior is false. Use this property to define administrative units with roles that don't inherit from tenant-level administrators, and where the management of individual member objects is limited to administrators scoped to a restricted management administrative unit. This property is immutable and can't be changed later. For more information on how to work with restricted management administrative units, see Restricted management administrative units in Microsoft Entra ID. nullable: true membershipRule: type: string description: >- The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic administrative units and dynamic groups, see Manage rules for dynamic membership groups in Microsoft Entra ID. nullable: true membershipRuleProcessingState: type: string description: >- Controls whether the dynamic membership rule is actively processed. Set to On to activate the dynamic membership rule, or Paused to stop updating membership dynamically. nullable: true membershipType: type: string description: >- Indicates the membership type for the administrative unit. The possible values are: dynamic, assigned. If not set, the default value is null and the default behavior is assigned. nullable: true visibility: type: string description: >- Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership. If not set, the default value is null and the default behavior is public. When set to HiddenMembership, only members of the administrative unit can list other members of the administrative unit. nullable: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for this administrative unit. Nullable. x-ms-navigationProperty: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Users and groups that are members of this administrative unit. Supports $expand. x-ms-navigationProperty: true scopedRoleMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' description: Scoped-role members of this administrative unit. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.administrativeUnit' x-ms-discriminator-value: '#microsoft.graph.administrativeUnit' microsoft.graph.directoryRole: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: directoryRole required: - '@odata.type' type: object properties: description: type: string description: >- The description for the directory role. Read-only. Supports $filter (eq), $search, $select. nullable: true displayName: type: string description: >- The display name for the directory role. Read-only. Supports $filter (eq), $search, $select. nullable: true roleTemplateId: type: string description: >- The id of the directoryRoleTemplate that this role is based on. The property must be specified when activating a directory role in a tenant with a POST operation. After the directory role has been activated, the property is read only. Supports $filter (eq), $select. nullable: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true scopedMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' description: >- Members of this directory role that are scoped to administrative units. Read-only. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.directoryRole' x-ms-discriminator-value: '#microsoft.graph.directoryRole' microsoft.graph.group: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: group required: - '@odata.type' type: object properties: allowExternalSenders: type: boolean description: >- Indicates if people external to the organization can send messages to the group. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true assignedLabels: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLabel' description: >- The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. Returned only on $select. This property can be updated only in delegated scenarios where the caller requires both the Microsoft Graph permission and a supported administrator role. assignedLicenses: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLicense' description: >- The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq). Read-only. autoSubscribeNewMembers: type: boolean description: >- Indicates if new members added to the group are autosubscribed to receive email notifications. You can set this property in a PATCH request for the group; don't set it in the initial POST request that creates the group. Default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true classification: type: string description: >- Describes a classification for the group (such as low, medium, or high business impact). Valid values for this property are defined by creating a ClassificationList setting value, based on the template definition.Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group was created. The value can't be modified and is automatically populated when the group is created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. format: date-time nullable: true description: type: string description: >- An optional description for the group. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true displayName: type: string description: >- The display name for the group. This property is required when a group is created and can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true expirationDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group is set to expire. It's null for security groups, but for Microsoft 365 groups, it represents when the group is set to expire as defined in the groupLifecyclePolicy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. format: date-time nullable: true groupTypes: type: array items: type: string description: >- Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; otherwise, it's either a security group or a distribution group. For details, see groups overview.If the collection includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. Supports $filter (eq, not). hasMembersWithLicenseErrors: type: boolean description: >- Indicates whether there are members in this group that have license errors from its group-based license assignment. This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have members with license errors (that is, filter for this property being true). See an example. Supports $filter (eq). nullable: true hideFromAddressLists: type: boolean description: >- True if the group isn't displayed in certain parts of the Outlook UI: the Address Book, address lists for selecting message recipients, and the Browse Groups dialog for searching groups; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true hideFromOutlookClients: type: boolean description: >- True if the group isn't displayed in Outlook clients, such as Outlook for Windows and Outlook on the web; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true isArchived: type: boolean description: >- When a group is associated with a team, this property determines whether the team is in read-only mode.To read this property, use the /group/{groupId}/team endpoint or the Get team API. To update this property, use the archiveTeam and unarchiveTeam APIs. nullable: true isAssignableToRole: type: boolean description: >- Indicates whether this group can be assigned to a Microsoft Entra role. Optional. This property can only be set while creating the group and is immutable. If set to true, the securityEnabled property must also be set to true, visibility must be Hidden, and the group can't be a dynamic group (that is, groupTypes can't contain DynamicMembership). Only callers with at least the Privileged Role Administrator role can set this property. The caller must also be assigned the RoleManagement.ReadWrite.Directory permission to set this property or update the membership of such groups. For more, see Using a group to manage Microsoft Entra role assignmentsUsing this feature requires a Microsoft Entra ID P1 license. Returned by default. Supports $filter (eq, ne, not). nullable: true isManagementRestricted: type: boolean description: >- Indicates whether the group is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a group member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isSubscribedByMail: type: boolean description: >- Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). nullable: true licenseProcessingState: anyOf: - $ref: '#/components/schemas/microsoft.graph.licenseProcessingState' - type: object nullable: true description: >- Indicates the status of the group license assignment to all group members. The default value is false. Read-only. Possible values: QueuedForProcessing, ProcessingInProgress, and ProcessingComplete.Returned only on $select. Read-only. mail: type: string description: >- The SMTP address for the group, for example, 'serviceadmins@contoso.com'. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true mailEnabled: type: boolean description: >- Specifies whether the group is mail-enabled. Required. Returned by default. Supports $filter (eq, ne, not). nullable: true mailNickname: type: string description: >- The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the ASCII character set 0 - 127 except the following characters: @ () / [] ' ; : <> , SPACE. Required. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true membershipRule: type: string description: >- The rule that determines members for this group if the group is a dynamic group (groupTypes contains DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). nullable: true membershipRuleProcessingState: type: string description: >- Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by default. Supports $filter (eq, ne, not, in). nullable: true onPremisesDomainName: type: string description: >- Contains the on-premises domain FQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Indicates the last time at which the group was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesNetBiosName: type: string description: >- Contains the on-premises netBios name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Read-only. nullable: true onPremisesProvisioningErrors: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesProvisioningError description: >- Errors when using Microsoft synchronization product during provisioning. Returned by default. Supports $filter (eq, not). onPremisesSamAccountName: type: string description: >- Contains the on-premises SAM account name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith). Read-only. nullable: true onPremisesSecurityIdentifier: type: string description: >- Contains the on-premises security identifier (SID) for the group synchronized from on-premises to the cloud. Read-only. Returned by default. Supports $filter (eq including on null values). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this group is synced from an on-premises directory; false if this group was originally synced from an on-premises directory but is no longer synced; null if this object has never synced from an on-premises directory (default). Returned by default. Read-only. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true preferredDataLocation: type: string description: >- The preferred data location for the Microsoft 365 group. By default, the group inherits the group creator's preferred data location. To set this property, the calling app must be granted the Directory.ReadWrite.All permission and the user be assigned at least one of the following Microsoft Entra roles: User Account Administrator Directory Writer Exchange Administrator SharePoint Administrator For more information about this property, see OneDrive Online Multi-Geo. Nullable. Returned by default. nullable: true preferredLanguage: type: string description: >- The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example, en-US. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true proxyAddresses: type: array items: type: string description: >- Email addresses for the group that direct to the same group mailbox. For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. The any operator is required to filter expressions on multi-valued properties. Returned by default. Read-only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). renewedDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Timestamp of when the group was last renewed. This value can't be modified directly and is only updated via the renew service action. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. format: date-time nullable: true securityEnabled: type: boolean description: >- Specifies whether the group is a security group. Required. Returned by default. Supports $filter (eq, ne, not, in). nullable: true securityIdentifier: type: string description: >- Security identifier of the group, used in Windows scenarios. Read-only. Returned by default. nullable: true serviceProvisioningErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.serviceProvisioningError' description: >- Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a group object. Supports $filter (eq, not, for isResolved and serviceInstance). theme: type: string description: >- Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange, or Red. Returned by default. nullable: true uniqueName: type: string description: >- The unique identifier that can be assigned to a group and used as an alternate key. Immutable. Read-only. nullable: true unseenCount: maximum: 2147483647 minimum: -2147483648 type: number description: >- Count of conversations that received new posts since the signed-in user last visited the group. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). format: int32 nullable: true visibility: type: string description: >- Specifies the group join policy and group content visibility for groups. The possible values are: Private, Public, or HiddenMembership. HiddenMembership can be set only for Microsoft 365 groups when the groups are created. It can't be updated later. Other values of visibility can be updated after group creation. If visibility value isn't specified during group creation on Microsoft Graph, a security group is created as Private by default, and the Microsoft 365 group is Public. Groups assignable to roles are always Private. To learn more, see group visibility options. Returned by default. Nullable. nullable: true acceptedSenders: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The list of users or groups allowed to create posts or calendar events in this group. If this list is nonempty, then only users or groups listed here are allowed to post. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- Represents the app roles granted to a group for an application. Supports $expand. x-ms-navigationProperty: true calendar: anyOf: - $ref: '#/components/schemas/microsoft.graph.calendar' - type: object nullable: true description: The group's calendar. Read-only. x-ms-navigationProperty: true calendarView: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The calendar view for the calendar. Read-only. x-ms-navigationProperty: true conversations: type: array items: $ref: '#/components/schemas/microsoft.graph.conversation' description: The group's conversations. x-ms-navigationProperty: true createdOnBehalfOf: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The user (or application) that created the group. NOTE: This property isn't set if the user is an administrator. Read-only. x-ms-navigationProperty: true drive: anyOf: - $ref: '#/components/schemas/microsoft.graph.drive' - type: object nullable: true description: The group's default drive. Read-only. x-ms-navigationProperty: true drives: type: array items: $ref: '#/components/schemas/microsoft.graph.drive' description: The group's drives. Read-only. x-ms-navigationProperty: true events: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The group's calendar events. x-ms-navigationProperty: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the group. Read-only. Nullable. x-ms-navigationProperty: true groupLifecyclePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.groupLifecyclePolicy' description: >- The collection of lifecycle policies for this group. Read-only. Nullable. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Groups that this group is a member of. HTTP Methods: GET (supported for all groups). Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true members: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The members of this group, who can be users, devices, other groups, or service principals. Supports the List members, Add member, and Remove member operations. Nullable. Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=members($select=id,userPrincipalName,displayName). x-ms-navigationProperty: true membersWithLicenseErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- A list of group members with license errors from this group-based license assignment. Read-only. x-ms-navigationProperty: true onenote: anyOf: - $ref: '#/components/schemas/microsoft.graph.onenote' - type: object nullable: true x-ms-navigationProperty: true onPremisesSyncBehavior: anyOf: - $ref: '#/components/schemas/microsoft.graph.onPremisesSyncBehavior' - type: object nullable: true x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The owners of the group who can be users or service principals. Limited to 100 owners. Nullable. If this property isn't specified when creating a Microsoft 365 group the calling user (admin or non-admin) is automatically assigned as the group owner. A non-admin user can't explicitly add themselves to this collection when they're creating the group. For more information, see the related known issue. For security groups, the admin user isn't automatically added to this collection. For more information, see the related known issue. Supports $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1); Supports $expand including nested $select. For example, /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=owners($select=id,userPrincipalName,displayName). x-ms-navigationProperty: true permissionGrants: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant x-ms-navigationProperty: true photo: anyOf: - $ref: '#/components/schemas/microsoft.graph.profilePhoto' - type: object nullable: true description: The group's profile photo x-ms-navigationProperty: true photos: type: array items: $ref: '#/components/schemas/microsoft.graph.profilePhoto' description: The profile photos owned by the group. Read-only. Nullable. x-ms-navigationProperty: true planner: anyOf: - $ref: '#/components/schemas/microsoft.graph.plannerGroup' - type: object nullable: true description: >- Entry-point to Planner resource that might exist for a Unified Group. x-ms-navigationProperty: true rejectedSenders: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The list of users or groups not allowed to create posts or calendar events in this group. Nullable x-ms-navigationProperty: true settings: type: array items: $ref: '#/components/schemas/microsoft.graph.groupSetting' description: >- Settings that can govern this group's behavior, like whether members can invite guests to the group. Nullable. x-ms-navigationProperty: true sites: type: array items: $ref: '#/components/schemas/microsoft.graph.site' description: >- The list of SharePoint sites in this group. Access the default site with /sites/root. x-ms-navigationProperty: true team: anyOf: - $ref: '#/components/schemas/microsoft.graph.team' - type: object nullable: true description: The team associated with this group. x-ms-navigationProperty: true threads: type: array items: $ref: '#/components/schemas/microsoft.graph.conversationThread' description: The group's conversation threads. Nullable. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups that a group is a member of, either directly or through nested membership. Nullable. x-ms-navigationProperty: true transitiveMembers: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: The direct and transitive members of a group. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.group' description: Represents a Microsoft Entra group. x-ms-discriminator-value: '#microsoft.graph.group' microsoft.graph.keyCredential: title: keyCredential required: - '@odata.type' type: object properties: customKeyIdentifier: type: string description: >- A 40-character binary type that can be used to identify the credential. Optional. When not provided in the payload, defaults to the thumbprint of the certificate. format: base64url nullable: true displayName: type: string description: >- The friendly name for the key, with a maximum length of 90 characters. Longer values are accepted but shortened. Optional. nullable: true endDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time at which the credential expires. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. format: date-time nullable: true key: type: string description: >- The certificate's raw data in byte array converted to Base64 string. Returned only on $select for a single object, that is, GET applications/{applicationId}?$select=keyCredentials or GET servicePrincipals/{servicePrincipalId}?$select=keyCredentials; otherwise, it's always null. From a .cer certificate, you can read the key using the Convert.ToBase64String() method. For more information, see Get the certificate key. format: base64url nullable: true keyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: The unique identifier (GUID) for the key. format: uuid nullable: true startDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time at which the credential becomes valid.The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. format: date-time nullable: true type: type: string description: >- The type of key credential; for example, Symmetric, AsymmetricX509Cert. nullable: true usage: type: string description: >- A string that describes the purpose for which the key can be used; for example, Verify. nullable: true '@odata.type': type: string microsoft.graph.passwordCredential: title: passwordCredential required: - '@odata.type' type: object properties: customKeyIdentifier: type: string description: Do not use. format: base64url nullable: true displayName: type: string description: Friendly name for the password. Optional. nullable: true endDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time at which the password expires represented using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Optional. format: date-time nullable: true hint: type: string description: Contains the first three characters of the password. Read-only. nullable: true keyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: The unique identifier for the password. format: uuid nullable: true secretText: type: string description: >- Read-only; Contains the strong passwords generated by Microsoft Entra ID that are 16-64 characters in length. The generated password value is only returned during the initial POST request to addPassword. There is no way to retrieve this password in the future. nullable: true startDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time at which the password becomes valid. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Optional. format: date-time nullable: true '@odata.type': type: string microsoft.graph.selfSignedCertificate: title: selfSignedCertificate required: - '@odata.type' type: object properties: customKeyIdentifier: type: string description: Custom key identifier. format: base64url nullable: true displayName: type: string description: The friendly name for the key. nullable: true endDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time at which the credential expires. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. format: date-time nullable: true key: type: string description: The value for the key credential. Should be a Base-64 encoded value. format: base64url nullable: true keyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: The unique identifier (GUID) for the key. format: uuid nullable: true startDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time at which the credential becomes valid. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. format: date-time nullable: true thumbprint: type: string description: The thumbprint value for the key. nullable: true type: type: string description: The type of key credential. AsymmetricX509Cert. nullable: true usage: type: string description: >- A string that describes the purpose for which the key can be used. The possible value is Verify. nullable: true '@odata.type': type: string BaseCollectionPaginationCountResponse: title: Base collection pagination and count responses type: object properties: '@odata.count': type: integer format: int64 nullable: true '@odata.nextLink': type: string nullable: true microsoft.graph.oAuth2PermissionGrant: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: oAuth2PermissionGrant required: - '@odata.type' type: object properties: clientId: type: string description: >- The object id (not appId) of the client service principal for the application that's authorized to act on behalf of a signed-in user when accessing an API. Required. Supports $filter (eq only). consentType: type: string description: >- Indicates if authorization is granted for the client application to impersonate all users or only a specific user. AllPrincipals indicates authorization to impersonate all users. Principal indicates authorization to impersonate a specific user. Consent on behalf of all users can be granted by an administrator. Nonadmin users might be authorized to consent on behalf of themselves in some cases, for some delegated permissions. Required. Supports $filter (eq only). nullable: true principalId: type: string description: >- The id of the user on behalf of whom the client is authorized to access the resource, when consentType is Principal. If consentType is AllPrincipals this value is null. Required when consentType is Principal. Supports $filter (eq only). nullable: true resourceId: type: string description: >- The id of the resource service principal to which access is authorized. This identifies the API that the client is authorized to attempt to call on behalf of a signed-in user. Supports $filter (eq only). scope: type: string description: >- A space-separated list of the claim values for delegated permissions that should be included in access tokens for the resource application (the API). For example, openid User.Read GroupMember.Read.All. Each claim value should match the value field of one of the delegated permissions defined by the API, listed in the oauth2PermissionScopes property of the resource service principal. Must not exceed 3,850 characters in length. nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.oAuth2PermissionGrant' microsoft.graph.application: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: application required: - '@odata.type' type: object properties: addIns: type: array items: $ref: '#/components/schemas/microsoft.graph.addIn' description: >- Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams can set the addIns property for its 'FileHandler' functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on. api: anyOf: - $ref: '#/components/schemas/microsoft.graph.apiApplication' - type: object nullable: true description: Specifies settings for an application that implements a web API. appId: type: string description: >- The unique identifier for the application that is assigned to an application by Microsoft Entra ID. Not nullable. Read-only. Alternate key. Supports $filter (eq). nullable: true applicationTemplateId: type: string description: >- Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the app wasn't created from an application template. nullable: true appRoles: type: array items: $ref: '#/components/schemas/microsoft.graph.appRole' description: >- The collection of roles defined for the application. With app role assignments, these roles can be assigned to users, groups, or service principals associated with other applications. Not nullable. authenticationBehaviors: anyOf: - $ref: '#/components/schemas/microsoft.graph.authenticationBehaviors' - type: object nullable: true certification: anyOf: - $ref: '#/components/schemas/microsoft.graph.certification' - type: object nullable: true description: Specifies the certification status of the application. createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time the application was registered. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, in, and eq on null values) and $orderby. format: date-time nullable: true defaultRedirectUri: type: string nullable: true description: type: string description: >- Free text field to provide a description of the application object to end users. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. nullable: true disabledByMicrosoftStatus: type: string description: >- Specifies whether Microsoft has disabled the registered application. The possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). nullable: true displayName: type: string description: >- The display name for the application. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. nullable: true groupMembershipClaims: type: string description: >- Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. To set this attribute, use one of the following valid string values: None, SecurityGroup (for security groups and Microsoft Entra roles), All (this gets all of the security groups, distribution groups, and Microsoft Entra directory roles that the signed-in user is a member of). nullable: true identifierUris: type: array items: type: string description: >- Also known as App ID URI, this value is set when an application is used as a resource app. The identifierUris acts as the prefix for the scopes you reference in your API's code, and it must be globally unique across Microsoft Entra ID. For more information on valid identifierUris patterns and best practices, see Microsoft Entra application registration security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). info: anyOf: - $ref: '#/components/schemas/microsoft.graph.informationalUrl' - type: object nullable: true description: >- Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values). isDeviceOnlyAuthSupported: type: boolean description: >- Specifies whether this application supports device authentication without a user. The default is false. nullable: true isFallbackPublicClient: type: boolean description: >- Specifies the fallback application type as public client, such as an installed application running on a mobile device. The default value is false, which means the fallback application type is confidential client such as a web app. There are certain scenarios where Microsoft Entra ID can't determine the client application type. For example, the ROPC flow where it's configured without specifying a redirect URI. In those cases, Microsoft Entra ID interprets the application type based on the value of this property. nullable: true keyCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.keyCredential' description: >- The collection of key credentials associated with the application. Not nullable. Supports $filter (eq, not, ge, le). logo: type: string description: The main logo for the application. Not nullable. format: base64url nativeAuthenticationApisEnabled: anyOf: - $ref: >- #/components/schemas/microsoft.graph.nativeAuthenticationApisEnabled - type: object nullable: true description: >- Specifies whether the Native Authentication APIs are enabled for the application. The possible values are: none and all. Default is none. For more information, see Native Authentication. notes: type: string description: Notes relevant for the management of the application. nullable: true oauth2RequirePostResponse: type: boolean optionalClaims: anyOf: - $ref: '#/components/schemas/microsoft.graph.optionalClaims' - type: object nullable: true description: >- Application developers can configure optional claims in their Microsoft Entra applications to specify the claims that are sent to their application by the Microsoft security token service. For more information, see How to: Provide optional claims to your app. parentalControlSettings: anyOf: - $ref: '#/components/schemas/microsoft.graph.parentalControlSettings' - type: object nullable: true description: Specifies parental control settings for an application. passwordCredentials: type: array items: $ref: '#/components/schemas/microsoft.graph.passwordCredential' description: >- The collection of password credentials associated with the application. Not nullable. publicClient: anyOf: - $ref: '#/components/schemas/microsoft.graph.publicClientApplication' - type: object nullable: true description: >- Specifies settings for installed clients such as desktop or mobile devices. publisherDomain: type: string description: >- The verified publisher domain for the application. Read-only. For more information, see How to: Configure an application's publisher domain. Supports $filter (eq, ne, ge, le, startsWith). nullable: true requestSignatureVerification: anyOf: - $ref: >- #/components/schemas/microsoft.graph.requestSignatureVerification - type: object nullable: true description: >- Specifies whether this application requires Microsoft Entra ID to verify the signed authentication requests. requiredResourceAccess: type: array items: $ref: '#/components/schemas/microsoft.graph.requiredResourceAccess' description: >- Specifies the resources that the application needs to access. This property also specifies the set of delegated permissions and application roles that it needs for each of those resources. This configuration of access to the required resources drives the consent experience. No more than 50 resource services (APIs) can be configured. Beginning mid-October 2021, the total number of required permissions must not exceed 400. For more information, see Limits on requested permissions per app. Not nullable. Supports $filter (eq, not, ge, le). samlMetadataUrl: type: string description: >- The URL where the service exposes SAML metadata for federation. This property is valid only for single-tenant applications. Nullable. nullable: true serviceManagementReference: type: string description: >- References application or service contact information from a Service or Asset Management database. Nullable. nullable: true servicePrincipalLockConfiguration: anyOf: - $ref: >- #/components/schemas/microsoft.graph.servicePrincipalLockConfiguration - type: object nullable: true description: >- Specifies whether sensitive properties of a multitenant application should be locked for editing after the application is provisioned in a tenant. Nullable. null by default. signInAudience: type: string description: >- Specifies the Microsoft accounts that are supported for the current application. The possible values are: AzureADMyOrg (default), AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, and PersonalMicrosoftAccount. See more in the table. The value of this object also limits the number of permissions an app can request. For more information, see Limits on requested permissions per app. The value for this property has implications on other app object properties. As a result, if you change this property, you might need to change other properties first. For more information, see Validation differences for signInAudience.Supports $filter (eq, ne, not). nullable: true spa: anyOf: - $ref: '#/components/schemas/microsoft.graph.spaApplication' - type: object nullable: true description: >- Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and access tokens. tags: type: array items: type: string description: >- Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here will also appear in the tags property of any associated service principals.Supports $filter (eq, not, ge, le, startsWith) and $search. tokenEncryptionKeyId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: >- Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. format: uuid nullable: true uniqueName: type: string description: >- The unique identifier that can be assigned to an application and used as an alternate key. Immutable. Read-only. nullable: true verifiedPublisher: anyOf: - $ref: '#/components/schemas/microsoft.graph.verifiedPublisher' - type: object nullable: true description: >- Specifies the verified publisher of the application. For more information about how publisher verification helps support application security, trustworthiness, and compliance, see Publisher verification. web: anyOf: - $ref: '#/components/schemas/microsoft.graph.webApplication' - type: object nullable: true description: Specifies settings for a web application. appManagementPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.appManagementPolicy' description: The appManagementPolicy applied to this application. x-ms-navigationProperty: true createdOnBehalfOf: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: Supports $filter (/$count eq 0, /$count ne 0). Read-only. x-ms-navigationProperty: true extensionProperties: type: array items: $ref: '#/components/schemas/microsoft.graph.extensionProperty' description: >- Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0). x-ms-navigationProperty: true federatedIdentityCredentials: type: array items: $ref: >- #/components/schemas/microsoft.graph.federatedIdentityCredential description: >- Federated identities for applications. Supports $expand and $filter (startsWith, /$count eq 0, /$count ne 0). x-ms-navigationProperty: true homeRealmDiscoveryPolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.homeRealmDiscoveryPolicy' x-ms-navigationProperty: true owners: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects that are owners of this application. The owners are a set of nonadmin users or service principals who are allowed to modify this object. Supports $expand, $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. x-ms-navigationProperty: true synchronization: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronization' - type: object nullable: true description: >- Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. x-ms-navigationProperty: true tokenIssuancePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenIssuancePolicy' x-ms-navigationProperty: true tokenLifetimePolicies: type: array items: $ref: '#/components/schemas/microsoft.graph.tokenLifetimePolicy' x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.application' x-ms-discriminator-value: '#microsoft.graph.application' microsoft.graph.user: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: user required: - '@odata.type' type: object properties: aboutMe: type: string description: >- A freeform text entry field for the user to describe themselves. Returned only on $select. nullable: true accountEnabled: type: boolean description: >- true if the account is enabled; otherwise, false. This property is required when a user is created. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true ageGroup: type: string description: >- Sets the age group of the user. Allowed values: null, Minor, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true assignedLicenses: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedLicense' description: >- The licenses that are assigned to the user, including inherited (group-based) licenses. This property doesn't differentiate between directly assigned and inherited licenses. Use the licenseAssignmentStates property to identify the directly assigned and inherited licenses. Not nullable. Returned only on $select. Supports $filter (eq, not, /$count eq 0, /$count ne 0). assignedPlans: type: array items: $ref: '#/components/schemas/microsoft.graph.assignedPlan' description: >- The plans that are assigned to the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq and not). authorizationInfo: anyOf: - $ref: '#/components/schemas/microsoft.graph.authorizationInfo' - type: object nullable: true birthday: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. format: date-time businessPhones: type: array items: type: string description: >- The telephone numbers for the user. NOTE: Although it's a string collection, only one number can be set for this property. Read-only for users synced from the on-premises directory. Returned by default. Supports $filter (eq, not, ge, le, startsWith). city: type: string description: >- The city where the user is located. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true companyName: type: string description: >- The name of the company that the user is associated with. This property can be useful for describing the company that a guest comes from. The maximum length is 64 characters.Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true consentProvidedForMinor: type: string description: >- Sets whether consent was obtained for minors. Allowed values: null, Granted, Denied, and NotRequired. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). nullable: true country: type: string description: >- The country or region where the user is located; for example, US or UK. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true createdDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time the user was created, in ISO 8601 format and UTC. The value can't be modified and is automatically populated when the entity is created. Nullable. For on-premises users, the value represents when they were first created in Microsoft Entra ID. Property is null for some users created before June 2018 and on-premises users that were synced to Microsoft Entra ID before June 2018. Read-only. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). format: date-time nullable: true creationType: type: string description: >- Indicates whether the user account was created through one of the following methods: As a regular school or work account (null). As an external account (Invitation). As a local account for an Azure Active Directory B2C tenant (LocalAccount). Through self-service sign-up by an internal user using email verification (EmailVerified). Through self-service sign-up by a guest signing up through a link that is part of a user flow (SelfServiceSignUp). Read-only.Returned only on $select. Supports $filter (eq, ne, not, in). nullable: true customSecurityAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.customSecurityAttributeValue - type: object nullable: true description: >- An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). The filter value is case-sensitive. To read this property, the calling app must be assigned the CustomSecAttributeAssignment.Read.All permission. To write this property, the calling app must be assigned the CustomSecAttributeAssignment.ReadWrite.All permissions. To read or write this property in delegated scenarios, the admin must be assigned the Attribute Assignment Administrator role. department: type: string description: >- The name of the department in which the user works. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, and eq on null values). nullable: true deviceEnrollmentLimit: maximum: 2147483647 minimum: -2147483648 type: number description: >- The limit on the maximum number of devices that the user is permitted to enroll. Allowed values are 5 or 1000. format: int32 displayName: type: string description: >- The name displayed in the address book for the user. This value is usually the combination of the user's first name, middle initial, and family name. This property is required when a user is created and it can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values), $orderby, and $search. nullable: true employeeHireDate: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the user was hired or will start work in a future hire. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). format: date-time nullable: true employeeId: type: string description: >- The employee identifier assigned to the user by the organization. The maximum length is 16 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true employeeLeaveDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The date and time when the user left or will leave the organization. To read this property, the calling app must be assigned the User-LifeCycleInfo.Read.All permission. To write this property, the calling app must be assigned the User.Read.All and User-LifeCycleInfo.ReadWrite.All permissions. To read this property in delegated scenarios, the admin needs at least one of the following Microsoft Entra roles: Lifecycle Workflows Administrator (least privilege), Global Reader. To write this property in delegated scenarios, the admin needs the Global Administrator role. Supports $filter (eq, ne, not , ge, le, in). For more information, see Configure the employeeLeaveDateTime property for a user. format: date-time nullable: true employeeOrgData: anyOf: - $ref: '#/components/schemas/microsoft.graph.employeeOrgData' - type: object nullable: true description: >- Represents organization data (for example, division and costCenter) associated with a user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). employeeType: type: string description: >- Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith). nullable: true externalUserState: type: string description: >- For a guest invited to the tenant using the invitation API, this property represents the invited user's invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. Returned only on $select. Supports $filter (eq, ne, not , in). nullable: true externalUserStateChangeDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Shows the timestamp for the latest change to the externalUserState property. Returned only on $select. Supports $filter (eq, ne, not , in). format: date-time nullable: true faxNumber: type: string description: >- The fax number of the user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true givenName: type: string description: >- The given name (first name) of the user. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true hireDate: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. Note: This property is specific to SharePoint in Microsoft 365. We recommend using the native employeeHireDate property to set and update hire date values using Microsoft Graph APIs. format: date-time identities: type: array items: $ref: '#/components/schemas/microsoft.graph.objectIdentity' description: >- Represents the identities that can be used to sign in to this user account. Microsoft (also known as a local account), organizations, or social identity providers such as Facebook, Google, and Microsoft can provide identity and tie it to a user account. It might contain multiple items with the same signInType value. Returned only on $select. Supports $filter (eq) with limitations. imAddresses: type: array items: type: string nullable: true description: >- The instant message voice-over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith). interests: type: array items: type: string nullable: true description: >- A list for the user to describe their interests. Returned only on $select. isManagementRestricted: type: boolean description: >- true if the user is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a user who is a member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. nullable: true isResourceAccount: type: boolean description: Don't use – reserved for future use. nullable: true jobTitle: type: string description: >- The user's job title. Maximum length is 128 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). nullable: true lastPasswordChangeDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- The time when this Microsoft Entra user last changed their password or when their password was created, whichever date the latest action was performed. The date and time information uses ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. format: date-time nullable: true legalAgeGroupClassification: type: string description: >- Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, Undefined, MinorWithOutParentalConsent, MinorWithParentalConsent, MinorNoParentalConsentRequired, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. nullable: true licenseAssignmentStates: type: array items: $ref: '#/components/schemas/microsoft.graph.licenseAssignmentState' description: >- State of license assignments for this user. Also indicates licenses that are directly assigned or the user inherited through group memberships. Read-only. Returned only on $select. mail: type: string description: >- The SMTP address for the user, for example, jeff@contoso.com. Changes to this property update the user's proxyAddresses collection to include the value as an SMTP address. This property can't contain accent characters. NOTE: We don't recommend updating this property for Azure AD B2C user profiles. Use the otherMails property instead. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith, and eq on null values). nullable: true mailboxSettings: anyOf: - $ref: '#/components/schemas/microsoft.graph.mailboxSettings' - type: object nullable: true description: >- Settings for the primary mailbox of the signed-in user. You can get or update settings for sending automatic replies to incoming messages, locale, and time zone. Returned only on $select. mailNickname: type: string description: >- The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true mobilePhone: type: string description: >- The primary cellular telephone number for the user. Read-only for users synced from the on-premises directory. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) and $search. nullable: true mySite: type: string description: The URL for the user's site. Returned only on $select. nullable: true officeLocation: type: string description: >- The office location in the user's place of business. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true onPremisesDistinguishedName: type: string description: >- Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. nullable: true onPremisesDomainName: type: string description: >- Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. nullable: true onPremisesExtensionAttributes: anyOf: - $ref: >- #/components/schemas/microsoft.graph.onPremisesExtensionAttributes - type: object nullable: true description: >- Contains extensionAttributes1-15 for the user. These extension attributes are also known as Exchange custom attributes 1-15. Each attribute can store up to 1024 characters. For an onPremisesSyncEnabled user, the source of authority for this set of properties is the on-premises and is read-only. For a cloud-only user (where onPremisesSyncEnabled is false), these properties can be set during the creation or update of a user object. For a cloud-only user previously synced from on-premises Active Directory, these properties are read-only in Microsoft Graph but can be fully managed through the Exchange Admin Center or the Exchange Online V2 module in PowerShell. Returned only on $select. Supports $filter (eq, ne, not, in). onPremisesImmutableId: type: string description: >- This property is used to associate an on-premises Active Directory user account to their Microsoft Entra user object. This property must be specified when creating a new user account in the Graph if you're using a federated domain for the user's userPrincipalName (UPN) property. NOTE: The $ and _ characters can't be used when specifying this property. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). nullable: true onPremisesLastSyncDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Indicates the last time at which the object was synced with the on-premises directory; for example: 2013-02-16T03:04:54Z. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). format: date-time nullable: true onPremisesProvisioningErrors: type: array items: $ref: >- #/components/schemas/microsoft.graph.onPremisesProvisioningError description: >- Errors when using Microsoft synchronization product during provisioning. Returned only on $select. Supports $filter (eq, not, ge, le). onPremisesSamAccountName: type: string description: >- Contains the on-premises samAccountName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). nullable: true onPremisesSecurityIdentifier: type: string description: >- Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. Read-only. Returned only on $select. Supports $filter (eq including on null values). nullable: true onPremisesSyncEnabled: type: boolean description: >- true if this user object is currently being synced from an on-premises Active Directory (AD); otherwise the user isn't being synced and can be managed in Microsoft Entra ID. Read-only. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). nullable: true onPremisesUserPrincipalName: type: string description: >- Contains the on-premises userPrincipalName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). nullable: true otherMails: type: array items: type: string description: >- A list of other email addresses for the user; for example: ['bob@contoso.com', 'Robert@fabrikam.com']. Can store up to 250 values, each with a limit of 250 characters. NOTE: This property can't contain accent characters. Returned only on $select. Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0). passwordPolicies: type: string description: >- Specifies password policies for the user. This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two might be specified together; for example: DisablePasswordExpiration, DisableStrongPassword. Returned only on $select. For more information on the default password policies, see Microsoft Entra password policies. Supports $filter (ne, not, and eq on null values). nullable: true passwordProfile: anyOf: - $ref: '#/components/schemas/microsoft.graph.passwordProfile' - type: object nullable: true description: >- Specifies the password profile for the user. The profile contains the user's password. This property is required when a user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies property. By default, a strong password is required. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). To update this property: User-PasswordProfile.ReadWrite.All is the least privileged permission to update this property. In delegated scenarios, the User Administrator Microsoft Entra role is the least privileged admin role supported to update this property for nonadmin users. Privileged Authentication Administrator is the least privileged role that's allowed to update this property for all administrators in the tenant. In general, the signed-in user must have a higher privileged administrator role as indicated in Who can reset passwords. In app-only scenarios, the calling app must be assigned a supported permission and at least the User Administrator Microsoft Entra role. pastProjects: type: array items: type: string nullable: true description: >- A list for the user to enumerate their past projects. Returned only on $select. postalCode: type: string description: >- The postal code for the user's postal address. The postal code is specific to the user's country or region. In the United States of America, this attribute contains the ZIP code. Maximum length is 40 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true preferredDataLocation: type: string description: >- The preferred data location for the user. For more information, see OneDrive Online Multi-Geo. nullable: true preferredLanguage: type: string description: >- The preferred language for the user. The preferred language format is based on RFC 4646. The name is a combination of an ISO 639 two-letter lowercase culture code associated with the language, and an ISO 3166 two-letter uppercase subculture code associated with the country or region. Example: 'en-US', or 'es-ES'. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) nullable: true preferredName: type: string description: >- The preferred name for the user. Not Supported. This attribute returns an empty string.Returned only on $select. nullable: true print: anyOf: - $ref: '#/components/schemas/microsoft.graph.userPrint' - type: object nullable: true provisionedPlans: type: array items: $ref: '#/components/schemas/microsoft.graph.provisionedPlan' description: >- The plans that are provisioned for the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le). proxyAddresses: type: array items: type: string description: >- For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. Changes to the mail property update this collection to include the value as an SMTP address. For more information, see mail and proxyAddresses properties. The proxy address prefixed with SMTP (capitalized) is the primary proxy address, while those addresses prefixed with smtp are the secondary proxy addresses. For Azure AD B2C accounts, this property has a limit of 10 unique addresses. Read-only in Microsoft Graph; you can update this property only through the Microsoft 365 admin center. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). responsibilities: type: array items: type: string nullable: true description: >- A list for the user to enumerate their responsibilities. Returned only on $select. schools: type: array items: type: string nullable: true description: >- A list for the user to enumerate the schools they attended. Returned only on $select. securityIdentifier: type: string description: >- Security identifier (SID) of the user, used in Windows scenarios. Read-only. Returned by default. Supports $select and $filter (eq, not, ge, le, startsWith). nullable: true serviceProvisioningErrors: type: array items: $ref: '#/components/schemas/microsoft.graph.serviceProvisioningError' description: >- Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a user object. Supports $filter (eq, not, for isResolved and serviceInstance). showInAddressList: type: boolean description: >- Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead. Represents whether the user should be included in the Outlook global address list. See Known issue. nullable: true signInActivity: anyOf: - $ref: '#/components/schemas/microsoft.graph.signInActivity' - type: object nullable: true description: >- Get the last signed-in date and request ID of the sign-in for a given user. Read-only.Returned only on $select. Supports $filter (eq, ne, not, ge, le) but not with any other filterable properties. Note: Details for this property require a Microsoft Entra ID P1 or P2 license and the AuditLog.Read.All permission.This property isn't returned for a user who never signed in or last signed in before April 2020. signInSessionsValidFromDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Any refresh tokens or session tokens (session cookies) issued before this time are invalid. Applications get an error when using an invalid refresh or session token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application needs to acquire a new refresh token by requesting the authorized endpoint. Read-only. Use revokeSignInSessions to reset. Returned only on $select. format: date-time nullable: true skills: type: array items: type: string nullable: true description: >- A list for the user to enumerate their skills. Returned only on $select. state: type: string description: >- The state or province in the user's address. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true streetAddress: type: string description: >- The street address of the user's place of business. Maximum length is 1,024 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true surname: type: string description: >- The user's surname (family name or last name). Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true usageLocation: type: string description: >- A two-letter country code (ISO standard 3166). Required for users that are assigned licenses due to legal requirements to check for availability of services in countries/regions. Examples include: US, JP, and GB. Not nullable. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). nullable: true userPrincipalName: type: string description: >- The user principal name (UPN) of the user. The UPN is an Internet-style sign-in name for the user based on the Internet standard RFC 822. By convention, this value should map to the user's email name. The general format is alias@domain, where the domain must be present in the tenant's collection of verified domains. This property is required when a user is created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization.NOTE: This property can't contain accent characters. Only the following characters are allowed A - Z, a - z, 0 - 9, ' . - _ ! # ^ ~. For the complete list of allowed characters, see username policies. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith) and $orderby. nullable: true userType: type: string description: >- A string value that can be used to classify user types in your directory. The possible values are Member and Guest. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). NOTE: For more information about the permissions for members and guests, see What are the default user permissions in Microsoft Entra ID? nullable: true activities: type: array items: $ref: '#/components/schemas/microsoft.graph.userActivity' description: The user's activities across devices. Read-only. Nullable. x-ms-navigationProperty: true agreementAcceptances: type: array items: $ref: '#/components/schemas/microsoft.graph.agreementAcceptance' description: >- The user's terms of use acceptance statuses. Read-only. Nullable. x-ms-navigationProperty: true appRoleAssignments: type: array items: $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' description: >- Represents the app roles a user is granted for an application. Supports $expand. x-ms-navigationProperty: true authentication: anyOf: - $ref: '#/components/schemas/microsoft.graph.authentication' - type: object nullable: true description: The authentication methods that are supported for the user. x-ms-navigationProperty: true calendar: anyOf: - $ref: '#/components/schemas/microsoft.graph.calendar' - type: object nullable: true description: The user's primary calendar. Read-only. x-ms-navigationProperty: true calendarGroups: type: array items: $ref: '#/components/schemas/microsoft.graph.calendarGroup' description: The user's calendar groups. Read-only. Nullable. x-ms-navigationProperty: true calendars: type: array items: $ref: '#/components/schemas/microsoft.graph.calendar' description: The user's calendars. Read-only. Nullable. x-ms-navigationProperty: true calendarView: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: The calendar view for the calendar. Read-only. Nullable. x-ms-navigationProperty: true chats: type: array items: $ref: '#/components/schemas/microsoft.graph.chat' x-ms-navigationProperty: true cloudClipboard: anyOf: - $ref: '#/components/schemas/microsoft.graph.cloudClipboardRoot' - type: object nullable: true x-ms-navigationProperty: true cloudPCs: type: array items: $ref: '#/components/schemas/microsoft.graph.cloudPC' description: The user's Cloud PCs. Read-only. Nullable. x-ms-navigationProperty: true contactFolders: type: array items: $ref: '#/components/schemas/microsoft.graph.contactFolder' description: The user's contacts folders. Read-only. Nullable. x-ms-navigationProperty: true contacts: type: array items: $ref: '#/components/schemas/microsoft.graph.contact' description: The user's contacts. Read-only. Nullable. x-ms-navigationProperty: true createdObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: Directory objects that the user created. Read-only. Nullable. x-ms-navigationProperty: true dataSecurityAndGovernance: anyOf: - $ref: >- #/components/schemas/microsoft.graph.userDataSecurityAndGovernance - type: object nullable: true description: >- The data security and governance settings for the user. Read-only. Nullable. x-ms-navigationProperty: true deviceManagementTroubleshootingEvents: type: array items: $ref: >- #/components/schemas/microsoft.graph.deviceManagementTroubleshootingEvent description: The list of troubleshooting events for this user. x-ms-navigationProperty: true directReports: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The users and contacts that report to the user. (The users and contacts that have their manager property set to this user.) Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true drive: anyOf: - $ref: '#/components/schemas/microsoft.graph.drive' - type: object nullable: true description: The user's OneDrive. Read-only. x-ms-navigationProperty: true drives: type: array items: $ref: '#/components/schemas/microsoft.graph.drive' description: A collection of drives available for this user. Read-only. x-ms-navigationProperty: true employeeExperience: anyOf: - $ref: '#/components/schemas/microsoft.graph.employeeExperienceUser' - type: object nullable: true x-ms-navigationProperty: true events: type: array items: $ref: '#/components/schemas/microsoft.graph.event' description: >- The user's events. Default is to show Events under the Default Calendar. Read-only. Nullable. x-ms-navigationProperty: true extensions: type: array items: $ref: '#/components/schemas/microsoft.graph.extension' description: >- The collection of open extensions defined for the user. Read-only. Supports $expand. Nullable. x-ms-navigationProperty: true followedSites: type: array items: $ref: '#/components/schemas/microsoft.graph.site' x-ms-navigationProperty: true inferenceClassification: anyOf: - $ref: '#/components/schemas/microsoft.graph.inferenceClassification' - type: object nullable: true description: >- Relevance classification of the user's messages based on explicit designations that override inferred relevance or importance. x-ms-navigationProperty: true insights: anyOf: - $ref: '#/components/schemas/microsoft.graph.itemInsights' - type: object nullable: true description: >- Represents relationships between a user and items such as OneDrive for work or school documents, calculated using advanced analytics and machine learning techniques. Read-only. Nullable. x-ms-navigationProperty: true joinedTeams: type: array items: $ref: '#/components/schemas/microsoft.graph.team' x-ms-navigationProperty: true licenseDetails: type: array items: $ref: '#/components/schemas/microsoft.graph.licenseDetails' description: A collection of this user's license details. Read-only. x-ms-navigationProperty: true mailFolders: type: array items: $ref: '#/components/schemas/microsoft.graph.mailFolder' description: The user's mail folders. Read-only. Nullable. x-ms-navigationProperty: true managedAppRegistrations: type: array items: $ref: '#/components/schemas/microsoft.graph.managedAppRegistration' description: Zero or more managed app registrations that belong to the user. x-ms-navigationProperty: true managedDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.managedDevice' description: The managed devices associated with the user. x-ms-navigationProperty: true manager: anyOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - type: object nullable: true description: >- The user or contact that is this user's manager. Read-only. Supports $expand. x-ms-navigationProperty: true memberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups and directory roles that the user is a member of. Read-only. Nullable. Supports $expand. x-ms-navigationProperty: true messages: type: array items: $ref: '#/components/schemas/microsoft.graph.message' description: The messages in a mailbox or folder. Read-only. Nullable. x-ms-navigationProperty: true oauth2PermissionGrants: type: array items: $ref: '#/components/schemas/microsoft.graph.oAuth2PermissionGrant' x-ms-navigationProperty: true onenote: anyOf: - $ref: '#/components/schemas/microsoft.graph.onenote' - type: object nullable: true x-ms-navigationProperty: true onlineMeetings: type: array items: $ref: '#/components/schemas/microsoft.graph.onlineMeeting' description: >- Information about a meeting, including the URL used to join a meeting, the attendees list, and the description. x-ms-navigationProperty: true outlook: anyOf: - $ref: '#/components/schemas/microsoft.graph.outlookUser' - type: object nullable: true x-ms-navigationProperty: true ownedDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Devices the user owns. Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true ownedObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Directory objects the user owns. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). x-ms-navigationProperty: true people: type: array items: $ref: '#/components/schemas/microsoft.graph.person' description: People that are relevant to the user. Read-only. Nullable. x-ms-navigationProperty: true permissionGrants: type: array items: $ref: >- #/components/schemas/microsoft.graph.resourceSpecificPermissionGrant description: List all resource-specific permission grants of a user. x-ms-navigationProperty: true photo: anyOf: - $ref: '#/components/schemas/microsoft.graph.profilePhoto' - type: object nullable: true description: The user's profile photo. Read-only. x-ms-navigationProperty: true photos: type: array items: $ref: '#/components/schemas/microsoft.graph.profilePhoto' description: >- The collection of the user's profile photos in different sizes. Read-only. x-ms-navigationProperty: true planner: anyOf: - $ref: '#/components/schemas/microsoft.graph.plannerUser' - type: object nullable: true description: >- Entry-point to the Planner resource that might exist for a user. Read-only. x-ms-navigationProperty: true presence: anyOf: - $ref: '#/components/schemas/microsoft.graph.presence' - type: object nullable: true x-ms-navigationProperty: true registeredDevices: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- Devices that are registered for the user. Read-only. Nullable. Supports $expand and returns up to 100 objects. x-ms-navigationProperty: true scopedRoleMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.scopedRoleMembership' x-ms-navigationProperty: true settings: anyOf: - $ref: '#/components/schemas/microsoft.graph.userSettings' - type: object nullable: true x-ms-navigationProperty: true solutions: anyOf: - $ref: '#/components/schemas/microsoft.graph.userSolutionRoot' - type: object nullable: true description: >- The identifier that relates the user to the working time schedule triggers. Read-Only. Nullable x-ms-navigationProperty: true sponsors: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The users and groups responsible for this guest's privileges in the tenant and keeping the guest's information and access updated. (HTTP Methods: GET, POST, DELETE.). Supports $expand. x-ms-navigationProperty: true teamwork: anyOf: - $ref: '#/components/schemas/microsoft.graph.userTeamwork' - type: object nullable: true description: >- A container for Microsoft Teams features available for the user. Read-only. Nullable. x-ms-navigationProperty: true todo: anyOf: - $ref: '#/components/schemas/microsoft.graph.todo' - type: object nullable: true description: Represents the To Do services available to a user. x-ms-navigationProperty: true transitiveMemberOf: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' description: >- The groups, including nested groups, and directory roles that a user is a member of. Nullable. x-ms-navigationProperty: true '@odata.type': type: string default: '#microsoft.graph.user' description: Represents a Microsoft Entra user account. x-ms-discriminator-value: '#microsoft.graph.user' microsoft.graph.targetDeviceGroup: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: targetDeviceGroup required: - '@odata.type' type: object properties: displayName: type: string description: Display name for the target device group. nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.targetDeviceGroup' microsoft.graph.synchronization: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: synchronization required: - '@odata.type' type: object properties: secrets: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationSecretKeyStringValuePair description: >- Represents a collection of credentials to access provisioned cloud applications. jobs: type: array items: $ref: '#/components/schemas/microsoft.graph.synchronizationJob' description: >- Performs synchronization by periodically running in the background, polling for changes in one directory, and pushing them to another directory. x-ms-navigationProperty: true templates: type: array items: $ref: '#/components/schemas/microsoft.graph.synchronizationTemplate' description: >- Preconfigured synchronization settings for a particular application. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.synchronization' microsoft.graph.synchronizationJob: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: synchronizationJob required: - '@odata.type' type: object properties: schedule: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronizationSchedule' - type: object nullable: true description: Schedule used to run the job. Read-only. status: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronizationStatus' - type: object nullable: true description: >- Status of the job, which includes when the job was last run, current job state, and errors. synchronizationJobSettings: type: array items: $ref: '#/components/schemas/microsoft.graph.keyValuePair' description: >- Settings associated with the job. Some settings are inherited from the template. templateId: type: string description: Identifier of the synchronization template this job is based on. nullable: true bulkUpload: anyOf: - $ref: '#/components/schemas/microsoft.graph.bulkUpload' - type: object nullable: true description: The bulk upload operation for the job. x-ms-navigationProperty: true schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' - type: object nullable: true description: The synchronization schema configured for the job. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.synchronizationJob' microsoft.graph.bulkUpload: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: bulkUpload required: - '@odata.type' type: object properties: '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.bulkUpload' microsoft.graph.stringKeyStringValuePair: title: stringKeyStringValuePair required: - '@odata.type' type: object properties: key: type: string description: Key. nullable: true value: type: string description: Value. nullable: true '@odata.type': type: string microsoft.graph.synchronizationSchema: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: synchronizationSchema required: - '@odata.type' type: object properties: synchronizationRules: type: array items: $ref: '#/components/schemas/microsoft.graph.synchronizationRule' description: >- A collection of synchronization rules configured for the synchronizationJob or synchronizationTemplate. version: type: string description: >- The version of the schema, updated automatically with every schema change. nullable: true directories: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryDefinition' description: Contains the collection of directories and all of their objects. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.synchronizationSchema' microsoft.graph.directoryDefinition: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: directoryDefinition required: - '@odata.type' type: object properties: discoverabilities: $ref: >- #/components/schemas/microsoft.graph.directoryDefinitionDiscoverabilities discoveryDateTime: pattern: >- ^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$ type: string description: >- Represents the discovery date and time using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. format: date-time nullable: true name: type: string description: >- Name of the directory. Must be unique within the synchronization schema. Not nullable. nullable: true objects: type: array items: $ref: '#/components/schemas/microsoft.graph.objectDefinition' description: Collection of objects supported by the directory. readOnly: type: boolean description: Whether this object is read-only. version: type: string description: >- Read only value that indicates version discovered. null if discovery hasn't yet occurred. nullable: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.directoryDefinition' microsoft.graph.attributeDefinition: title: attributeDefinition required: - '@odata.type' type: object properties: anchor: type: boolean description: >- true if the attribute should be used as the anchor for the object. Anchor attributes must have a unique value identifying an object, and must be immutable. Default is false. One, and only one, of the object's attributes must be designated as the anchor to support synchronization. apiExpressions: type: array items: $ref: '#/components/schemas/microsoft.graph.stringKeyStringValuePair' caseExact: type: boolean description: >- true if value of this attribute should be treated as case-sensitive. This setting affects how the synchronization engine detects changes for the attribute. defaultValue: type: string description: The default value of the attribute. nullable: true flowNullValues: type: boolean description: '''true'' to allow null values for attributes.' metadata: type: array items: $ref: >- #/components/schemas/microsoft.graph.attributeDefinitionMetadataEntry description: Metadata for the given object. multivalued: type: boolean description: true if an attribute can have multiple values. Default is false. mutability: $ref: '#/components/schemas/microsoft.graph.mutability' name: type: string description: >- Name of the attribute. Must be unique within the object definition. Not nullable. nullable: true referencedObjects: type: array items: $ref: '#/components/schemas/microsoft.graph.referencedObject' description: >- For attributes with reference type, lists referenced objects (for example, the manager attribute would list User as the referenced object). required: type: boolean description: >- true if attribute is required. Object can not be created if any of the required attributes are missing. If during synchronization, the required attribute has no value, the default value will be used. If default the value was not set, synchronization will record an error. type: $ref: '#/components/schemas/microsoft.graph.attributeType' '@odata.type': type: string microsoft.graph.synchronizationTemplate: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: synchronizationTemplate required: - '@odata.type' type: object properties: applicationId: pattern: >- ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ type: string description: Identifier of the application this template belongs to. format: uuid default: type: boolean description: >- true if this template is recommended to be the default for the application. description: type: string description: Description of the template. nullable: true discoverable: type: boolean description: >- true if this template should appear in the collection of templates available for the application instance (service principal). factoryTag: type: string description: >- One of the well-known factory tags supported by the synchronization engine. The factoryTag tells the synchronization engine which implementation to use when processing jobs based on this template. nullable: true metadata: type: array items: $ref: >- #/components/schemas/microsoft.graph.synchronizationMetadataEntry description: >- Additional extension properties. Unless mentioned explicitly, metadata values should not be changed. schema: anyOf: - $ref: '#/components/schemas/microsoft.graph.synchronizationSchema' - type: object nullable: true description: >- Default synchronization schema for the jobs based on this template. x-ms-navigationProperty: true '@odata.type': type: string x-ms-discriminator-value: '#microsoft.graph.synchronizationTemplate' BaseDeltaFunctionResponse: title: Base delta function response type: object properties: '@odata.nextLink': type: string nullable: true '@odata.deltaLink': type: string nullable: true parameters: top: name: $top in: query description: Show only the first n items style: form explode: false schema: minimum: 0 type: integer example: 50 skip: name: $skip in: query description: Skip the first n items style: form explode: false schema: minimum: 0 type: integer search: name: $search in: query description: Search items by search phrases style: form explode: false schema: type: string filter: name: $filter in: query description: Filter items by property values style: form explode: false schema: type: string count: name: $count in: query description: Include count of items style: form explode: false schema: type: boolean examples: {} responses: error: description: error content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.ODataErrors.ODataError' ODataCountResponse: description: The count of the resource content: text/plain: schema: $ref: '#/components/schemas/ODataCountResponse' StringCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/StringCollectionResponse' microsoft.graph.endpointCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.endpointCollectionResponse' microsoft.graph.groupCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.groupCollectionResponse' microsoft.graph.applicationCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.applicationCollectionResponse' microsoft.graph.userCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.userCollectionResponse' tags: - name: servicePrincipals.appManagementPolicy - name: servicePrincipals.appRoleAssignment - name: servicePrincipals.claimsMappingPolicy - name: servicePrincipals.delegatedPermissionClassification - name: servicePrincipals.directoryObject - name: servicePrincipals.endpoint - name: servicePrincipals.federatedIdentityCredential - name: servicePrincipals.homeRealmDiscoveryPolicy - name: servicePrincipals.oAuth2PermissionGrant - name: servicePrincipals.remoteDesktopSecurityConfiguration - name: servicePrincipals.servicePrincipal - name: servicePrincipals.servicePrincipal.Actions - name: servicePrincipals.servicePrincipal.Functions - name: servicePrincipals.synchronization - name: servicePrincipals.tokenIssuancePolicy - name: servicePrincipals.tokenLifetimePolicy