openapi: 3.0.4 info: title: DirectoryObjects version: v1.0 servers: - url: https://graph.microsoft.com/v1.0/ description: Core paths: /directory/publicKeyInfrastructure: get: tags: - directory.publicKeyInfrastructureRoot summary: Get publicKeyInfrastructure from directory description: The collection of public key infrastructure instances for the certificate-based authentication feature for users in a Microsoft Entra tenant. operationId: directory_GetPublicKeyInfrastructure parameters: - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.publicKeyInfrastructureRoot' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.publicKeyInfrastructureRoot summary: Update the navigation property publicKeyInfrastructure in directory operationId: directory_UpdatePublicKeyInfrastructure requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.publicKeyInfrastructureRoot' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.publicKeyInfrastructureRoot' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.publicKeyInfrastructureRoot summary: Delete navigation property publicKeyInfrastructure for directory operationId: directory_DeletePublicKeyInfrastructure parameters: - name: If-Match in: header description: ETag style: simple schema: type: string responses: 2XX: description: Success default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations: get: tags: - directory.publicKeyInfrastructureRoot summary: List certificateBasedAuthPki objects description: Get a list of the certificateBasedAuthPki objects and their properties. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/publickeyinfrastructureroot-list-certificatebasedauthconfigurations?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure_ListCertificateBasedAuthConfiguration parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.certificateBasedAuthPkiCollectionResponse' default: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.publicKeyInfrastructureRoot summary: Create certificateBasedAuthPki description: Create a new certificateBasedAuthPki object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/publickeyinfrastructureroot-post-certificatebasedauthconfigurations?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure_CreateCertificateBasedAuthConfiguration requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation '/directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}': get: tags: - directory.publicKeyInfrastructureRoot summary: Get certificateBasedAuthPki description: Read the properties and relationships of a certificateBasedAuthPki object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/certificatebasedauthpki-get?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure_GetCertificateBasedAuthConfiguration parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.publicKeyInfrastructureRoot summary: Update certificateBasedAuthPki description: Update the properties of a certificateBasedAuthPki object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/certificatebasedauthpki-update?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure_UpdateCertificateBasedAuthConfiguration parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.publicKeyInfrastructureRoot summary: Delete certificateBasedAuthPki description: Delete a certificateBasedAuthPki object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/publickeyinfrastructureroot-delete-certificatebasedauthconfigurations?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure_DeleteCertificateBasedAuthConfiguration parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - name: If-Match in: header description: ETag style: simple schema: type: string responses: 2XX: description: Success default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation '/directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/certificateAuthorities': get: tags: - directory.publicKeyInfrastructureRoot summary: List certificateAuthorityDetail objects description: Get a list of the certificateAuthorityDetail objects and their properties. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/certificatebasedauthpki-list-certificateauthorities?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration_ListCertificateAuthority parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.certificateAuthorityDetailCollectionResponse' default: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directory.publicKeyInfrastructureRoot summary: Create certificateAuthorityDetail description: Create a new certificateAuthorityDetail object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/certificatebasedauthpki-post-certificateauthorities?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration_CreateCertificateAuthority parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki requestBody: description: New navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' required: true responses: 2XX: description: Created navigation property. content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation '/directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/certificateAuthorities/{certificateAuthorityDetail-id}': get: tags: - directory.publicKeyInfrastructureRoot summary: Get certificateAuthorities from directory description: The collection of certificate authorities contained in this public key infrastructure resource. operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration_GetCertificateAuthority parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - name: certificateAuthorityDetail-id in: path description: The unique identifier of certificateAuthorityDetail required: true style: simple schema: type: string x-ms-docs-key-type: certificateAuthorityDetail - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved navigation property content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directory.publicKeyInfrastructureRoot summary: Update certificateAuthorityDetail externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/certificateauthoritydetail-update?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration_UpdateCertificateAuthority parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - name: certificateAuthorityDetail-id in: path description: The unique identifier of certificateAuthorityDetail required: true style: simple schema: type: string x-ms-docs-key-type: certificateAuthorityDetail requestBody: description: New navigation property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directory.publicKeyInfrastructureRoot summary: Delete certificateAuthorityDetail description: Delete a certificateAuthorityDetail object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/certificatebasedauthpki-delete-certificateauthorities?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration_DeleteCertificateAuthority parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - name: certificateAuthorityDetail-id in: path description: The unique identifier of certificateAuthorityDetail required: true style: simple schema: type: string x-ms-docs-key-type: certificateAuthorityDetail - name: If-Match in: header description: ETag style: simple schema: type: string responses: 2XX: description: Success default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation '/directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/certificateAuthorities/$count': get: tags: - directory.publicKeyInfrastructureRoot summary: Get the number of the resource operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration.certificateAuthority_GetCount parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' default: $ref: '#/components/responses/error' '/directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPki-id}/microsoft.graph.upload': post: tags: - directory.publicKeyInfrastructureRoot summary: Invoke action upload description: 'Append additional certificate authority details to a certificateBasedAuthPki resource. Only one operation can run at a time and this operation can take up to 30 minutes to complete. To know whether another upload is in progress, call the Get certificateBasedAuthPki. The status property will have the value running.' externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/certificatebasedauthpki-upload?view=graph-rest-1.0 operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration_upload parameters: - name: certificateBasedAuthPki-id in: path description: The unique identifier of certificateBasedAuthPki required: true style: simple schema: type: string x-ms-docs-key-type: certificateBasedAuthPki requestBody: description: Action parameters content: application/json: schema: type: object properties: uploadUrl: type: string sha256FileHash: type: string additionalProperties: type: object required: true responses: 2XX: description: Success default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/$count: get: tags: - directory.publicKeyInfrastructureRoot summary: Get the number of the resource operationId: directory.publicKeyInfrastructure.certificateBasedAuthConfiguration_GetCount parameters: - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' default: $ref: '#/components/responses/error' /directoryObjects: get: tags: - directoryObjects.directoryObject summary: Get entities from directoryObjects operationId: directoryObject_ListDirectoryObject parameters: - name: ConsistencyLevel in: header description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' style: simple schema: type: string examples: example-1: description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: $ref: '#/components/responses/microsoft.graph.directoryObjectCollectionResponse' default: $ref: '#/components/responses/error' x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore x-ms-docs-operation-type: operation post: tags: - directoryObjects.directoryObject summary: Add new entity to directoryObjects operationId: directoryObject_CreateDirectoryObject requestBody: description: New entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' required: true responses: 2XX: description: Created entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation '/directoryObjects/{directoryObject-id}': get: tags: - directoryObjects.directoryObject summary: Get directoryObject description: Retrieve the properties and relationships of a directoryObject object. externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-get?view=graph-rest-1.0 operationId: directoryObject_GetDirectoryObject parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Retrieved entity content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation patch: tags: - directoryObjects.directoryObject summary: Update entity in directoryObjects operationId: directoryObject_UpdateDirectoryObject parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject requestBody: description: New property values content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' required: true responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation delete: tags: - directoryObjects.directoryObject summary: Delete directoryObject description: 'Delete a directory object, for example, a group, user, application, or service principal.' externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-delete?view=graph-rest-1.0 operationId: directoryObject_DeleteDirectoryObject parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject - name: If-Match in: header description: ETag style: simple schema: type: string responses: 2XX: description: Success default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation '/directoryObjects/{directoryObject-id}/microsoft.graph.checkMemberGroups': post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action checkMemberGroups description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 operationId: directoryObject_checkMemberGroup parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject requestBody: description: Action parameters content: application/json: schema: type: object properties: groupIds: type: array items: type: string additionalProperties: type: object required: true responses: 2XX: description: Success content: application/json: schema: type: object properties: value: type: array items: type: string '@odata.nextLink': type: string nullable: true additionalProperties: type: object default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore '/directoryObjects/{directoryObject-id}/microsoft.graph.checkMemberObjects': post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action checkMemberObjects operationId: directoryObject_checkMemberObject parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string additionalProperties: type: object required: true responses: 2XX: description: Success content: application/json: schema: type: object properties: value: type: array items: type: string '@odata.nextLink': type: string nullable: true additionalProperties: type: object default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore '/directoryObjects/{directoryObject-id}/microsoft.graph.getMemberGroups': post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action getMemberGroups description: 'Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.' externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmembergroups?view=graph-rest-1.0 operationId: directoryObject_getMemberGroup parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true additionalProperties: type: object required: true responses: 2XX: description: Success content: application/json: schema: type: object properties: value: type: array items: type: string '@odata.nextLink': type: string nullable: true additionalProperties: type: object default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore '/directoryObjects/{directoryObject-id}/microsoft.graph.getMemberObjects': post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action getMemberObjects description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\r\n- user\r\n- group\r\n- service principal\r\n- organizational contact\r\n- device\r\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 operationId: directoryObject_getMemberObject parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject requestBody: description: Action parameters content: application/json: schema: type: object properties: securityEnabledOnly: type: boolean default: false nullable: true additionalProperties: type: object required: true responses: 2XX: description: Success content: application/json: schema: type: object properties: value: type: array items: type: string '@odata.nextLink': type: string nullable: true additionalProperties: type: object default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore '/directoryObjects/{directoryObject-id}/microsoft.graph.restore': post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action restore description: "Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:\r\n- administrativeUnit\r\n- application\r\n- certificateBasedAuthPki\r\n- certificateAuthorityDetail\r\n- group\r\n- servicePrincipal\r\n- user If an item is accidentally deleted, you can fully restore the item. Additionally, restoring an application doesn't automatically restore the associated service principal automatically. You must call this API to explicitly restore the deleted service principal. A recently deleted item remains available for up to 30 days. After 30 days, the item is permanently deleted." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directory-deleteditems-restore?view=graph-rest-1.0 operationId: directoryObject_restore parameters: - name: directoryObject-id in: path description: The unique identifier of directoryObject required: true style: simple schema: type: string x-ms-docs-key-type: directoryObject responses: 2XX: description: Success content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObject' default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action /directoryObjects/$count: get: tags: - directoryObjects.directoryObject summary: Get the number of the resource operationId: directoryObject_GetCount parameters: - name: ConsistencyLevel in: header description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' style: simple schema: type: string examples: example-1: description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. value: eventual - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' responses: 2XX: $ref: '#/components/responses/ODataCountResponse' default: $ref: '#/components/responses/error' /directoryObjects/microsoft.graph.delta(): get: tags: - directoryObjects.directoryObject.Functions summary: Invoke function delta description: 'Get newly created, updated, or deleted directory objects without performing a full read of the entire directoryObject collection. For more information, see Use delta query to track changes in Microsoft Graph data for details.' externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-delta?view=graph-rest-1.0 operationId: directoryObject_delta parameters: - $ref: '#/components/parameters/top' - $ref: '#/components/parameters/skip' - $ref: '#/components/parameters/search' - $ref: '#/components/parameters/filter' - $ref: '#/components/parameters/count' - name: $select in: query description: Select properties to be returned style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $orderby in: query description: Order items by property values style: form explode: false schema: uniqueItems: true type: array items: type: string - name: $expand in: query description: Expand related entities style: form explode: false schema: uniqueItems: true type: array items: type: string responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' '@odata.nextLink': type: string nullable: true '@odata.deltaLink': type: string nullable: true additionalProperties: type: object default: $ref: '#/components/responses/error' x-ms-docs-operation-type: function x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryObjects/microsoft.graph.getAvailableExtensionProperties: post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action getAvailableExtensionProperties description: 'Return all directory extension definitions that are registered in a directory, including through multitenant apps. The following entities support extension properties:' externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getavailableextensionproperties?view=graph-rest-1.0 operationId: directoryObject_getAvailableExtensionProperty requestBody: description: Action parameters content: application/json: schema: type: object properties: isSyncedFromOnPremises: type: boolean default: false nullable: true additionalProperties: type: object required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of extensionProperty type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.extensionProperty' '@odata.nextLink': type: string nullable: true additionalProperties: type: object default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryObjects/microsoft.graph.getByIds: post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action getByIds description: 'Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:' externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getbyids?view=graph-rest-1.0 operationId: directoryObject_getGraphBPreId requestBody: description: Action parameters content: application/json: schema: type: object properties: ids: type: array items: type: string types: type: array items: type: string nullable: true additionalProperties: type: object required: true responses: 2XX: description: Success content: application/json: schema: title: Collection of directoryObject type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' '@odata.nextLink': type: string nullable: true additionalProperties: type: object default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action x-ms-pageable: nextLinkName: '@odata.nextLink' operationName: listMore /directoryObjects/microsoft.graph.validateProperties: post: tags: - directoryObjects.directoryObject.Actions summary: Invoke action validateProperties description: "Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:\r\n1. Validate the prefix and suffix naming policy\r\n2. Validate the custom banned words policy\r\n3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-validateproperties?view=graph-rest-1.0 operationId: directoryObject_validateProperty requestBody: description: Action parameters content: application/json: schema: type: object properties: entityType: type: string nullable: true displayName: type: string nullable: true mailNickname: type: string nullable: true onBehalfOfUserId: pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' type: string format: uuid nullable: true additionalProperties: type: object required: true responses: 2XX: description: Success default: $ref: '#/components/responses/error' x-ms-docs-operation-type: action components: schemas: microsoft.graph.publicKeyInfrastructureRoot: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: publicKeyInfrastructureRoot type: object properties: certificateBasedAuthConfigurations: type: array items: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' description: The collection of public key infrastructure instances for the certificate-based authentication feature for users. x-ms-navigationProperty: true additionalProperties: type: object microsoft.graph.certificateBasedAuthPki: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: certificateBasedAuthPki type: object properties: displayName: type: string description: The name of the object. Maximum length is 256 characters. nullable: true lastModifiedDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string description: The date and time when the object was created or last modified. format: date-time status: type: string description: The status of any asynchronous jobs runs on the object which can be upload or delete. nullable: true statusDetails: type: string description: The status details of the upload/deleted operation of PKI (Public Key Infrastructure). nullable: true certificateAuthorities: type: array items: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' description: The collection of certificate authorities contained in this public key infrastructure resource. x-ms-navigationProperty: true additionalProperties: type: object microsoft.graph.certificateAuthorityDetail: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: certificateAuthorityDetail type: object properties: certificate: type: string description: The public key of the certificate authority. format: base64url certificateAuthorityType: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityType' certificateRevocationListUrl: type: string description: The URL to check if the certificate is revoked. nullable: true createdDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string description: The date and time when the certificate authority was created. format: date-time nullable: true deltaCertificateRevocationListUrl: type: string nullable: true displayName: type: string description: The display name of the certificate authority. nullable: true expirationDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string description: The date and time when the certificate authority expires. Supports $filter (eq) and $orderby. format: date-time isIssuerHintEnabled: type: boolean description: Indicates whether the certificate picker presents the certificate authority to the user to use for authentication. Default value is false. Optional. nullable: true issuer: type: string description: The issuer of the certificate authority. nullable: true issuerSubjectKeyIdentifier: type: string description: The subject key identifier of certificate authority. nullable: true thumbprint: type: string description: 'The thumbprint of certificate authority certificate. Supports $filter (eq, startswith).' additionalProperties: type: object microsoft.graph.directoryObject: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' - title: directoryObject type: object properties: deletedDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string description: Date and time when this object was deleted. Always null when the object hasn't been deleted. format: date-time nullable: true additionalProperties: type: object microsoft.graph.extensionProperty: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' - title: extensionProperty type: object properties: appDisplayName: type: string description: Display name of the application object on which this extension property is defined. Read-only. nullable: true dataType: type: string description: 'Specifies the data type of the value the extension property can hold. Following values are supported. Binary - 256 bytes maximumBooleanDateTime - Must be specified in ISO 8601 format. Will be stored in UTC.Integer - 32-bit value.LargeInteger - 64-bit value.String - 256 characters maximumNot nullable. For multivalued directory extensions, these limits apply per value in the collection.' isMultiValued: type: boolean description: 'Defines the directory extension as a multi-valued property. When true, the directory extension property can store a collection of objects of the dataType; for example, a collection of string types such as ''extensionb7b1c57b532f40b8b5ed4b7a7ba67401jobGroupTracker'': [''String 1'', ''String 2'']. The default value is false. Supports $filter (eq).' isSyncedFromOnPremises: type: boolean description: Indicates if this extension property was synced from on-premises active directory using Microsoft Entra Connect. Read-only. nullable: true name: type: string description: Name of the extension property. Not nullable. Supports $filter (eq). targetObjects: type: array items: type: string description: Following values are supported. Not nullable. UserGroupAdministrativeUnitApplicationDeviceOrganization additionalProperties: type: object microsoft.graph.entity: title: entity type: object properties: id: type: string description: The unique identifier for an entity. Read-only. additionalProperties: type: object microsoft.graph.certificateAuthorityType: title: certificateAuthorityType enum: - root - intermediate - unknownFutureValue type: string microsoft.graph.ODataErrors.ODataError: required: - error type: object properties: error: $ref: '#/components/schemas/microsoft.graph.ODataErrors.MainError' additionalProperties: type: object microsoft.graph.certificateBasedAuthPkiCollectionResponse: title: Collection of certificateBasedAuthPki type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPki' '@odata.nextLink': type: string nullable: true additionalProperties: type: object microsoft.graph.certificateAuthorityDetailCollectionResponse: title: Collection of certificateAuthorityDetail type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetail' '@odata.nextLink': type: string nullable: true additionalProperties: type: object ODataCountResponse: type: integer format: int32 microsoft.graph.directoryObjectCollectionResponse: title: Collection of directoryObject type: object properties: value: type: array items: $ref: '#/components/schemas/microsoft.graph.directoryObject' '@odata.nextLink': type: string nullable: true additionalProperties: type: object microsoft.graph.ODataErrors.MainError: required: - code - message type: object properties: code: type: string message: type: string x-ms-primary-error-message: true target: type: string nullable: true details: type: array items: $ref: '#/components/schemas/microsoft.graph.ODataErrors.ErrorDetails' innerError: $ref: '#/components/schemas/microsoft.graph.ODataErrors.InnerError' additionalProperties: type: object microsoft.graph.ODataErrors.ErrorDetails: required: - code - message type: object properties: code: type: string message: type: string target: type: string nullable: true additionalProperties: type: object microsoft.graph.ODataErrors.InnerError: type: object additionalProperties: type: object description: The structure of this object is service-specific responses: error: description: error content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.ODataErrors.ODataError' microsoft.graph.certificateBasedAuthPkiCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateBasedAuthPkiCollectionResponse' microsoft.graph.certificateAuthorityDetailCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.certificateAuthorityDetailCollectionResponse' ODataCountResponse: description: The count of the resource content: text/plain: schema: $ref: '#/components/schemas/ODataCountResponse' microsoft.graph.directoryObjectCollectionResponse: description: Retrieved collection content: application/json: schema: $ref: '#/components/schemas/microsoft.graph.directoryObjectCollectionResponse' parameters: top: name: $top in: query description: Show only the first n items style: form explode: false schema: minimum: 0 type: integer example: 50 skip: name: $skip in: query description: Skip the first n items style: form explode: false schema: minimum: 0 type: integer search: name: $search in: query description: Search items by search phrases style: form explode: false schema: type: string filter: name: $filter in: query description: Filter items by property values style: form explode: false schema: type: string count: name: $count in: query description: Include count of items style: form explode: false schema: type: boolean securitySchemes: azureaadv2: type: oauth2 flows: authorizationCode: authorizationUrl: https://login.microsoftonline.com/common/oauth2/v2.0/authorize tokenUrl: https://login.microsoftonline.com/common/oauth2/v2.0/token scopes: { } security: - azureaadv2: [ ]