GraphRbacManagementClient (stable:1.6)

2025/09/19 • 56 new methods

SignedInUser_Get (new)

Description	: Gets the details for the currently logged-in user.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/me

{

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

immutableId:

{

Description: This must be specified if you are using a federated domain for the user's userPrincipalName (UPN) property when creating a new user account. It is used to associate an on-premises Active Directory user account with their Azure AD user object. ,

Required: False ,

}

string ,

usageLocation:

{

Description: A two letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: "US", "JP", and "GB". ,

Required: False ,

}

string ,

givenName:

{

Description: The given name for the user. ,

Required: False ,

}

string ,

surname:

{

Description: The user's surname (family name or last name). ,

Required: False ,

}

string ,

userType:

{

Description: A string value that can be used to classify user types in your directory, such as 'Member' and 'Guest'. ,

Enum:

{

Member: No description available. ,

Guest: No description available. ,

}

Required: False ,

}

enum ,

accountEnabled:

{

Description: Whether the account is enabled. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the user. ,

Required: False ,

}

string ,

userPrincipalName:

{

Description: The principal name of the user. ,

Required: False ,

}

string ,

mailNickname:

{

Description: The mail alias for the user. ,

Required: False ,

}

string ,

mail:

{

Description: The primary email address of the user. ,

Required: False ,

}

string ,

signInNames:

{

Description: The sign-in names of the user. ,

Required: False ,

}

[

{

type:

{

Description: A string value that can be used to classify user sign-in types in your directory, such as 'emailAddress' or 'userName'. ,

Required: False ,

}

string ,

value:

{

Description: The sign-in used by the local account. Must be unique across the company/tenant. For example, 'johnc@example.com'. ,

Required: False ,

}

string ,

}

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

SignedInUser_ListOwnedObjects (new)

Description	: Get the list of directory objects that are owned by the user.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/me/ownedObjects

{

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of DirectoryObject. ,

Required: False ,

}

[

{

objectId:

{

Description: The object ID. ,

Required: False ,

}

string ,

objectType:

{

Description: The object type. ,

Required: True ,

}

string ,

deletionTimestamp:

{

Description: The time at which the directory object was deleted. ,

Format: date-time ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_Create (new)

Description	: Create a new application.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/applications

{

parameters:

{

Description: The parameters for creating an application. ,

Required: True ,

}

{

displayName:

{

Description: The display name of the application. ,

Required: True ,

}

string ,

identifierUris:

{

Description: A collection of URIs for the application. ,

Required: False ,

}

[

string ,

]

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (201)

{

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

allowGuestsSignIn:

{

Description: A property on the application to indicate if the application accepts other IDPs or not or partially accepts. ,

Required: False ,

}

boolean ,

allowPassthroughUsers:

{

Description: Indicates that the application supports pass through users who have no presence in the resource tenant. ,

Required: False ,

}

boolean ,

appLogoUrl:

{

Description: The url for the application logo image stored in a CDN. ,

Required: False ,

}

string ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Description: Specifies whether this app role definition can be assigned to users and groups by setting to 'User', or to other applications (that are accessing this application in daemon service scenarios) by setting to 'Application', or to both. ,

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Description: When creating or updating a role definition, this must be set to true (which is the default). To delete a role, this must first be set to false. At that point, in a subsequent call, this role may be removed. ,

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

appPermissions:

{

Description: The application permissions. ,

Required: False ,

}

[

string ,

]

availableToOtherTenants:

{

Description: Whether the application is available to other tenants. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the application. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the application to report errors when using the application. ,

Required: False ,

}

string ,

groupMembershipClaims:

{

Description: Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. ,

Enum:

{

None: No description available. ,

SecurityGroup: No description available. ,

All: No description available. ,

}

Required: False ,

}

enum ,

homepage:

{

Description: The home page of the application. ,

Required: False ,

}

string ,

identifierUris:

{

Description: A collection of URIs for the application. ,

Required: False ,

}

[

string ,

]

informationalUrls:

{

Description: URLs with more information about the application. ,

Required: False ,

}

{

termsOfService:

{

Description: The terms of service URI ,

Required: False ,

}

string ,

marketing:

{

Description: The marketing URI ,

Required: False ,

}

string ,

privacy:

{

Description: The privacy policy URI ,

Required: False ,

}

string ,

support:

{

Description: The support URI ,

Required: False ,

}

string ,

}

isDeviceOnlyAuthSupported:

{

Description: Specifies whether this application supports device authentication without a user. The default is false. ,

Required: False ,

}

boolean ,

keyCredentials:

{

Description: A collection of KeyCredential objects. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

knownClientApplications:

{

Description: Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource). ,

Required: False ,

}

[

string ,

]

logoutUrl:

{

Description: the url of the logout page ,

Required: False ,

}

string ,

oauth2AllowImplicitFlow:

{

Description: Whether to allow implicit grant flow for OAuth2 ,

Required: False ,

}

boolean ,

oauth2AllowUrlPathMatching:

{

Description: Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. ,

Required: False ,

}

boolean ,

oauth2Permissions:

{

Description: The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent. ,

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Description: When creating or updating a permission, this property must be set to true (which is the default). To delete a permission, this property must first be set to false. At that point, in a subsequent call, the permission may be removed. ,

Required: False ,

}

boolean ,

type:

{

Description: Specifies whether this scope permission can be consented to by an end user, or whether it is a tenant-wide permission that must be consented to by a Company Administrator. Possible values are "User" or "Admin". ,

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

oauth2RequirePostResponse:

{

Description: Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests will be allowed. ,

Required: False ,

}

boolean ,

orgRestrictions:

{

Description: A list of tenants allowed to access application. ,

Required: False ,

}

[

string ,

]

optionalClaims:

{

Description: Specifying the claims to be included in the token. ,

Required: False ,

}

{

idToken:

{

Description: Optional claims requested to be included in the id token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

accessToken:

{

Description: Optional claims requested to be included in the access token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

samlToken:

{

Description: Optional claims requested to be included in the saml token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

}

passwordCredentials:

{

Description: A collection of PasswordCredential objects ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preAuthorizedApplications:

{

Description: list of pre-authorized applications. ,

Required: False ,

}

[

{

appId:

{

Description: Represents the application id. ,

Required: False ,

}

string ,

permissions:

{

Description: Collection of required app permissions/entitlements from the resource application. ,

Required: False ,

}

[

{

directAccessGrant:

{

Description: Indicates whether the permission set is DirectAccess or impersonation. ,

Required: False ,

}

boolean ,

accessGrants:

{

Description: The list of permissions. ,

Required: False ,

}

[

string ,

]

}

]

extensions:

{

Description: Collection of extensions from the resource application. ,

Required: False ,

}

[

{

conditions:

{

Description: The extension's conditions. ,

Required: False ,

}

[

string ,

]

}

]

}

]

publicClient:

{

Description: Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. ,

Required: False ,

}

boolean ,

publisherDomain:

{

Description: Reliable domain which can be used to identify an application. ,

Required: False ,

}

string ,

replyUrls:

{

Description: A collection of reply URLs for the application. ,

Required: False ,

}

[

string ,

]

requiredResourceAccess:

{

Description: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. ,

Required: False ,

}

[

{

resourceAccess:

{

Description: The list of OAuth2.0 permission scopes and app roles that the application requires from the specified resource. ,

Required: True ,

}

[

{

id:

{

Description: The unique identifier for one of the OAuth2Permission or AppRole instances that the resource application exposes. ,

Required: True ,

}

string ,

type:

{

Description: Specifies whether the id property references an OAuth2Permission or an AppRole. Possible values are "scope" or "role". ,

Required: False ,

}

string ,

}

]

resourceAppId:

{

Description: The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application. ,

Required: False ,

}

string ,

}

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata for the application. ,

Required: False ,

}

string ,

signInAudience:

{

Description: Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). ,

Required: False ,

}

string ,

wwwHomepage:

{

Description: The primary Web page. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_List (new)

Description	: Lists applications by filter parameters.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/applications

{

$filter:

{

Description: The filters to apply to the operation. ,

Required: False ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of applications. ,

Required: False ,

}

[

{

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

allowGuestsSignIn:

{

Description: A property on the application to indicate if the application accepts other IDPs or not or partially accepts. ,

Required: False ,

}

boolean ,

allowPassthroughUsers:

{

Description: Indicates that the application supports pass through users who have no presence in the resource tenant. ,

Required: False ,

}

boolean ,

appLogoUrl:

{

Description: The url for the application logo image stored in a CDN. ,

Required: False ,

}

string ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

appPermissions:

{

Description: The application permissions. ,

Required: False ,

}

[

string ,

]

availableToOtherTenants:

{

Description: Whether the application is available to other tenants. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the application. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the application to report errors when using the application. ,

Required: False ,

}

string ,

groupMembershipClaims:

{

Description: Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. ,

Enum:

{

None: No description available. ,

SecurityGroup: No description available. ,

All: No description available. ,

}

Required: False ,

}

enum ,

homepage:

{

Description: The home page of the application. ,

Required: False ,

}

string ,

identifierUris:

{

Description: A collection of URIs for the application. ,

Required: False ,

}

[

string ,

]

informationalUrls:

{

Description: URLs with more information about the application. ,

Required: False ,

}

{

termsOfService:

{

Description: The terms of service URI ,

Required: False ,

}

string ,

marketing:

{

Description: The marketing URI ,

Required: False ,

}

string ,

privacy:

{

Description: The privacy policy URI ,

Required: False ,

}

string ,

support:

{

Description: The support URI ,

Required: False ,

}

string ,

}

isDeviceOnlyAuthSupported:

{

Description: Specifies whether this application supports device authentication without a user. The default is false. ,

Required: False ,

}

boolean ,

keyCredentials:

{

Description: A collection of KeyCredential objects. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

knownClientApplications:

{

Required: False ,

}

[

string ,

]

logoutUrl:

{

Description: the url of the logout page ,

Required: False ,

}

string ,

oauth2AllowImplicitFlow:

{

Description: Whether to allow implicit grant flow for OAuth2 ,

Required: False ,

}

boolean ,

oauth2AllowUrlPathMatching:

{

Description: Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. ,

Required: False ,

}

boolean ,

oauth2Permissions:

{

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

type:

{

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

oauth2RequirePostResponse:

{

Required: False ,

}

boolean ,

orgRestrictions:

{

Description: A list of tenants allowed to access application. ,

Required: False ,

}

[

string ,

]

optionalClaims:

{

Description: Specifying the claims to be included in the token. ,

Required: False ,

}

{

idToken:

{

Description: Optional claims requested to be included in the id token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

accessToken:

{

Description: Optional claims requested to be included in the access token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

samlToken:

{

Description: Optional claims requested to be included in the saml token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

}

passwordCredentials:

{

Description: A collection of PasswordCredential objects ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preAuthorizedApplications:

{

Description: list of pre-authorized applications. ,

Required: False ,

}

[

{

appId:

{

Description: Represents the application id. ,

Required: False ,

}

string ,

permissions:

{

Description: Collection of required app permissions/entitlements from the resource application. ,

Required: False ,

}

[

{

directAccessGrant:

{

Description: Indicates whether the permission set is DirectAccess or impersonation. ,

Required: False ,

}

boolean ,

accessGrants:

{

Description: The list of permissions. ,

Required: False ,

}

[

string ,

]

}

]

extensions:

{

Description: Collection of extensions from the resource application. ,

Required: False ,

}

[

{

conditions:

{

Description: The extension's conditions. ,

Required: False ,

}

[

string ,

]

}

]

}

]

publicClient:

{

Description: Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. ,

Required: False ,

}

boolean ,

publisherDomain:

{

Description: Reliable domain which can be used to identify an application. ,

Required: False ,

}

string ,

replyUrls:

{

Description: A collection of reply URLs for the application. ,

Required: False ,

}

[

string ,

]

requiredResourceAccess:

{

Required: False ,

}

[

{

resourceAccess:

{

Description: The list of OAuth2.0 permission scopes and app roles that the application requires from the specified resource. ,

Required: True ,

}

[

{

id:

{

Description: The unique identifier for one of the OAuth2Permission or AppRole instances that the resource application exposes. ,

Required: True ,

}

string ,

type:

{

Description: Specifies whether the id property references an OAuth2Permission or an AppRole. Possible values are "scope" or "role". ,

Required: False ,

}

string ,

}

]

resourceAppId:

{

Description: The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application. ,

Required: False ,

}

string ,

}

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata for the application. ,

Required: False ,

}

string ,

signInAudience:

{

Description: Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). ,

Required: False ,

}

string ,

wwwHomepage:

{

Description: The primary Web page. ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

DeletedApplications_Restore (new)

Description	: Restores the deleted application in the directory.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/deletedApplications/{objectId}/restore

{

objectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

allowGuestsSignIn:

{

Description: A property on the application to indicate if the application accepts other IDPs or not or partially accepts. ,

Required: False ,

}

boolean ,

allowPassthroughUsers:

{

Description: Indicates that the application supports pass through users who have no presence in the resource tenant. ,

Required: False ,

}

boolean ,

appLogoUrl:

{

Description: The url for the application logo image stored in a CDN. ,

Required: False ,

}

string ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

appPermissions:

{

Description: The application permissions. ,

Required: False ,

}

[

string ,

]

availableToOtherTenants:

{

Description: Whether the application is available to other tenants. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the application. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the application to report errors when using the application. ,

Required: False ,

}

string ,

groupMembershipClaims:

{

Description: Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. ,

Enum:

{

None: No description available. ,

SecurityGroup: No description available. ,

All: No description available. ,

}

Required: False ,

}

enum ,

homepage:

{

Description: The home page of the application. ,

Required: False ,

}

string ,

identifierUris:

{

Description: A collection of URIs for the application. ,

Required: False ,

}

[

string ,

]

informationalUrls:

{

Description: URLs with more information about the application. ,

Required: False ,

}

{

termsOfService:

{

Description: The terms of service URI ,

Required: False ,

}

string ,

marketing:

{

Description: The marketing URI ,

Required: False ,

}

string ,

privacy:

{

Description: The privacy policy URI ,

Required: False ,

}

string ,

support:

{

Description: The support URI ,

Required: False ,

}

string ,

}

isDeviceOnlyAuthSupported:

{

Description: Specifies whether this application supports device authentication without a user. The default is false. ,

Required: False ,

}

boolean ,

keyCredentials:

{

Description: A collection of KeyCredential objects. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

knownClientApplications:

{

Required: False ,

}

[

string ,

]

logoutUrl:

{

Description: the url of the logout page ,

Required: False ,

}

string ,

oauth2AllowImplicitFlow:

{

Description: Whether to allow implicit grant flow for OAuth2 ,

Required: False ,

}

boolean ,

oauth2AllowUrlPathMatching:

{

Description: Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. ,

Required: False ,

}

boolean ,

oauth2Permissions:

{

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

type:

{

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

oauth2RequirePostResponse:

{

Required: False ,

}

boolean ,

orgRestrictions:

{

Description: A list of tenants allowed to access application. ,

Required: False ,

}

[

string ,

]

optionalClaims:

{

Description: Specifying the claims to be included in the token. ,

Required: False ,

}

{

idToken:

{

Description: Optional claims requested to be included in the id token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

accessToken:

{

Description: Optional claims requested to be included in the access token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

samlToken:

{

Description: Optional claims requested to be included in the saml token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

}

passwordCredentials:

{

Description: A collection of PasswordCredential objects ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preAuthorizedApplications:

{

Description: list of pre-authorized applications. ,

Required: False ,

}

[

{

appId:

{

Description: Represents the application id. ,

Required: False ,

}

string ,

permissions:

{

Description: Collection of required app permissions/entitlements from the resource application. ,

Required: False ,

}

[

{

directAccessGrant:

{

Description: Indicates whether the permission set is DirectAccess or impersonation. ,

Required: False ,

}

boolean ,

accessGrants:

{

Description: The list of permissions. ,

Required: False ,

}

[

string ,

]

}

]

extensions:

{

Description: Collection of extensions from the resource application. ,

Required: False ,

}

[

{

conditions:

{

Description: The extension's conditions. ,

Required: False ,

}

[

string ,

]

}

]

}

]

publicClient:

{

Description: Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. ,

Required: False ,

}

boolean ,

publisherDomain:

{

Description: Reliable domain which can be used to identify an application. ,

Required: False ,

}

string ,

replyUrls:

{

Description: A collection of reply URLs for the application. ,

Required: False ,

}

[

string ,

]

requiredResourceAccess:

{

Required: False ,

}

[

{

resourceAccess:

{

Description: The list of OAuth2.0 permission scopes and app roles that the application requires from the specified resource. ,

Required: True ,

}

[

{

id:

{

Description: The unique identifier for one of the OAuth2Permission or AppRole instances that the resource application exposes. ,

Required: True ,

}

string ,

type:

{

Description: Specifies whether the id property references an OAuth2Permission or an AppRole. Possible values are "scope" or "role". ,

Required: False ,

}

string ,

}

]

resourceAppId:

{

Description: The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application. ,

Required: False ,

}

string ,

}

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata for the application. ,

Required: False ,

}

string ,

signInAudience:

{

Description: Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). ,

Required: False ,

}

string ,

wwwHomepage:

{

Description: The primary Web page. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

DeletedApplications_List (new)

Description	: Gets a list of deleted applications in the directory.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/deletedApplications

{

$filter:

{

Description: The filter to apply to the operation. ,

Required: False ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of applications. ,

Required: False ,

}

[

{

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

allowGuestsSignIn:

{

Description: A property on the application to indicate if the application accepts other IDPs or not or partially accepts. ,

Required: False ,

}

boolean ,

allowPassthroughUsers:

{

Description: Indicates that the application supports pass through users who have no presence in the resource tenant. ,

Required: False ,

}

boolean ,

appLogoUrl:

{

Description: The url for the application logo image stored in a CDN. ,

Required: False ,

}

string ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

appPermissions:

{

Description: The application permissions. ,

Required: False ,

}

[

string ,

]

availableToOtherTenants:

{

Description: Whether the application is available to other tenants. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the application. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the application to report errors when using the application. ,

Required: False ,

}

string ,

groupMembershipClaims:

{

Description: Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. ,

Enum:

{

None: No description available. ,

SecurityGroup: No description available. ,

All: No description available. ,

}

Required: False ,

}

enum ,

homepage:

{

Description: The home page of the application. ,

Required: False ,

}

string ,

identifierUris:

{

Description: A collection of URIs for the application. ,

Required: False ,

}

[

string ,

]

informationalUrls:

{

Description: URLs with more information about the application. ,

Required: False ,

}

{

termsOfService:

{

Description: The terms of service URI ,

Required: False ,

}

string ,

marketing:

{

Description: The marketing URI ,

Required: False ,

}

string ,

privacy:

{

Description: The privacy policy URI ,

Required: False ,

}

string ,

support:

{

Description: The support URI ,

Required: False ,

}

string ,

}

isDeviceOnlyAuthSupported:

{

Description: Specifies whether this application supports device authentication without a user. The default is false. ,

Required: False ,

}

boolean ,

keyCredentials:

{

Description: A collection of KeyCredential objects. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

knownClientApplications:

{

Required: False ,

}

[

string ,

]

logoutUrl:

{

Description: the url of the logout page ,

Required: False ,

}

string ,

oauth2AllowImplicitFlow:

{

Description: Whether to allow implicit grant flow for OAuth2 ,

Required: False ,

}

boolean ,

oauth2AllowUrlPathMatching:

{

Description: Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. ,

Required: False ,

}

boolean ,

oauth2Permissions:

{

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

type:

{

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

oauth2RequirePostResponse:

{

Required: False ,

}

boolean ,

orgRestrictions:

{

Description: A list of tenants allowed to access application. ,

Required: False ,

}

[

string ,

]

optionalClaims:

{

Description: Specifying the claims to be included in the token. ,

Required: False ,

}

{

idToken:

{

Description: Optional claims requested to be included in the id token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

accessToken:

{

Description: Optional claims requested to be included in the access token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

samlToken:

{

Description: Optional claims requested to be included in the saml token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

}

passwordCredentials:

{

Description: A collection of PasswordCredential objects ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preAuthorizedApplications:

{

Description: list of pre-authorized applications. ,

Required: False ,

}

[

{

appId:

{

Description: Represents the application id. ,

Required: False ,

}

string ,

permissions:

{

Description: Collection of required app permissions/entitlements from the resource application. ,

Required: False ,

}

[

{

directAccessGrant:

{

Description: Indicates whether the permission set is DirectAccess or impersonation. ,

Required: False ,

}

boolean ,

accessGrants:

{

Description: The list of permissions. ,

Required: False ,

}

[

string ,

]

}

]

extensions:

{

Description: Collection of extensions from the resource application. ,

Required: False ,

}

[

{

conditions:

{

Description: The extension's conditions. ,

Required: False ,

}

[

string ,

]

}

]

}

]

publicClient:

{

Description: Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. ,

Required: False ,

}

boolean ,

publisherDomain:

{

Description: Reliable domain which can be used to identify an application. ,

Required: False ,

}

string ,

replyUrls:

{

Description: A collection of reply URLs for the application. ,

Required: False ,

}

[

string ,

]

requiredResourceAccess:

{

Required: False ,

}

[

{

resourceAccess:

{

Description: The list of OAuth2.0 permission scopes and app roles that the application requires from the specified resource. ,

Required: True ,

}

[

{

id:

{

Description: The unique identifier for one of the OAuth2Permission or AppRole instances that the resource application exposes. ,

Required: True ,

}

string ,

type:

{

Description: Specifies whether the id property references an OAuth2Permission or an AppRole. Possible values are "scope" or "role". ,

Required: False ,

}

string ,

}

]

resourceAppId:

{

Description: The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application. ,

Required: False ,

}

string ,

}

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata for the application. ,

Required: False ,

}

string ,

signInAudience:

{

Description: Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). ,

Required: False ,

}

string ,

wwwHomepage:

{

Description: The primary Web page. ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

DeletedApplications_HardDelete (new)

Description	: Hard-delete an application.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/deletedApplications/{applicationObjectId}

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_Delete (new)

Description	: Delete an application.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/applications/{applicationObjectId}

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_Get (new)

Description	: Get an application by object ID.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/applications/{applicationObjectId}

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

allowGuestsSignIn:

{

Description: A property on the application to indicate if the application accepts other IDPs or not or partially accepts. ,

Required: False ,

}

boolean ,

allowPassthroughUsers:

{

Description: Indicates that the application supports pass through users who have no presence in the resource tenant. ,

Required: False ,

}

boolean ,

appLogoUrl:

{

Description: The url for the application logo image stored in a CDN. ,

Required: False ,

}

string ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

appPermissions:

{

Description: The application permissions. ,

Required: False ,

}

[

string ,

]

availableToOtherTenants:

{

Description: Whether the application is available to other tenants. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the application. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the application to report errors when using the application. ,

Required: False ,

}

string ,

groupMembershipClaims:

{

Description: Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. ,

Enum:

{

None: No description available. ,

SecurityGroup: No description available. ,

All: No description available. ,

}

Required: False ,

}

enum ,

homepage:

{

Description: The home page of the application. ,

Required: False ,

}

string ,

identifierUris:

{

Description: A collection of URIs for the application. ,

Required: False ,

}

[

string ,

]

informationalUrls:

{

Description: URLs with more information about the application. ,

Required: False ,

}

{

termsOfService:

{

Description: The terms of service URI ,

Required: False ,

}

string ,

marketing:

{

Description: The marketing URI ,

Required: False ,

}

string ,

privacy:

{

Description: The privacy policy URI ,

Required: False ,

}

string ,

support:

{

Description: The support URI ,

Required: False ,

}

string ,

}

isDeviceOnlyAuthSupported:

{

Description: Specifies whether this application supports device authentication without a user. The default is false. ,

Required: False ,

}

boolean ,

keyCredentials:

{

Description: A collection of KeyCredential objects. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

knownClientApplications:

{

Required: False ,

}

[

string ,

]

logoutUrl:

{

Description: the url of the logout page ,

Required: False ,

}

string ,

oauth2AllowImplicitFlow:

{

Description: Whether to allow implicit grant flow for OAuth2 ,

Required: False ,

}

boolean ,

oauth2AllowUrlPathMatching:

{

Description: Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. ,

Required: False ,

}

boolean ,

oauth2Permissions:

{

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

type:

{

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

oauth2RequirePostResponse:

{

Required: False ,

}

boolean ,

orgRestrictions:

{

Description: A list of tenants allowed to access application. ,

Required: False ,

}

[

string ,

]

optionalClaims:

{

Description: Specifying the claims to be included in the token. ,

Required: False ,

}

{

idToken:

{

Description: Optional claims requested to be included in the id token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

accessToken:

{

Description: Optional claims requested to be included in the access token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

samlToken:

{

Description: Optional claims requested to be included in the saml token. ,

Required: False ,

}

[

{

name:

{

Description: Claim name. ,

Required: False ,

}

string ,

source:

{

Description: Claim source. ,

Required: False ,

}

string ,

essential:

{

Description: Is this a required claim. ,

Required: False ,

}

boolean ,

additionalProperties:

{

Required: False ,

}

object ,

}

]

}

passwordCredentials:

{

Description: A collection of PasswordCredential objects ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preAuthorizedApplications:

{

Description: list of pre-authorized applications. ,

Required: False ,

}

[

{

appId:

{

Description: Represents the application id. ,

Required: False ,

}

string ,

permissions:

{

Description: Collection of required app permissions/entitlements from the resource application. ,

Required: False ,

}

[

{

directAccessGrant:

{

Description: Indicates whether the permission set is DirectAccess or impersonation. ,

Required: False ,

}

boolean ,

accessGrants:

{

Description: The list of permissions. ,

Required: False ,

}

[

string ,

]

}

]

extensions:

{

Description: Collection of extensions from the resource application. ,

Required: False ,

}

[

{

conditions:

{

Description: The extension's conditions. ,

Required: False ,

}

[

string ,

]

}

]

}

]

publicClient:

{

Description: Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. ,

Required: False ,

}

boolean ,

publisherDomain:

{

Description: Reliable domain which can be used to identify an application. ,

Required: False ,

}

string ,

replyUrls:

{

Description: A collection of reply URLs for the application. ,

Required: False ,

}

[

string ,

]

requiredResourceAccess:

{

Required: False ,

}

[

{

resourceAccess:

{

Description: The list of OAuth2.0 permission scopes and app roles that the application requires from the specified resource. ,

Required: True ,

}

[

{

id:

{

Description: The unique identifier for one of the OAuth2Permission or AppRole instances that the resource application exposes. ,

Required: True ,

}

string ,

type:

{

Description: Specifies whether the id property references an OAuth2Permission or an AppRole. Possible values are "scope" or "role". ,

Required: False ,

}

string ,

}

]

resourceAppId:

{

Description: The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application. ,

Required: False ,

}

string ,

}

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata for the application. ,

Required: False ,

}

string ,

signInAudience:

{

Description: Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). ,

Required: False ,

}

string ,

wwwHomepage:

{

Description: The primary Web page. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_Patch (new)

Description	: Update an existing application.
Reference	: Link ¶

⚼ Request

PATCH: /{tenantID}/applications/{applicationObjectId}

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

parameters:

{

Description: Parameters to update an existing application. ,

Required: True ,

}

{

displayName:

{

Description: The display name of the application. ,

Required: False ,

}

string ,

identifierUris:

{

Description: A collection of URIs for the application. ,

Required: False ,

}

[

string ,

]

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_ListOwners (new)

Description	: The owners are a set of non-admin users who are allowed to modify this object.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/applications/{applicationObjectId}/owners

{

applicationObjectId:

{

Description: The object ID of the application for which to get owners. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of DirectoryObject. ,

Required: False ,

}

[

{

objectId:

{

Description: The object ID. ,

Required: False ,

}

string ,

objectType:

{

Description: The object type. ,

Required: True ,

}

string ,

deletionTimestamp:

{

Description: The time at which the directory object was deleted. ,

Format: date-time ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_AddOwner (new)

Description	: Add an owner to an application.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/applications/{applicationObjectId}/$links/owners

{

applicationObjectId:

{

Description: The object ID of the application to which to add the owner. ,

Required: True ,

}

string ,

parameters:

{

Description: The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd. ,

Required: True ,

}

{

url:

{

Description: A owner object URL, such as "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the owner (user, application, servicePrincipal, group) to be added. ,

Required: True ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_RemoveOwner (new)

Description	: Remove a member from owners.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/applications/{applicationObjectId}/$links/owners/{ownerObjectId}

{

applicationObjectId:

{

Description: The object ID of the application from which to remove the owner. ,

Required: True ,

}

string ,

ownerObjectId:

{

Description: Owner object id ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_ListKeyCredentials (new)

Description	: Get the keyCredentials associated with an application.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/applications/{applicationObjectId}/keyCredentials

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of KeyCredentials. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_UpdateKeyCredentials (new)

Description	: Update the keyCredentials associated with an application.
Reference	: Link ¶

⚼ Request

PATCH: /{tenantID}/applications/{applicationObjectId}/keyCredentials

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

parameters:

{

Description: Parameters to update the keyCredentials of an existing application. ,

Required: True ,

}

{

value:

{

Description: A collection of KeyCredentials. ,

Required: True ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_ListPasswordCredentials (new)

Description	: Get the passwordCredentials associated with an application.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/applications/{applicationObjectId}/passwordCredentials

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of PasswordCredentials. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_UpdatePasswordCredentials (new)

Description	: Update passwordCredentials associated with an application.
Reference	: Link ¶

⚼ Request

PATCH: /{tenantID}/applications/{applicationObjectId}/passwordCredentials

{

applicationObjectId:

{

Description: Application object ID. ,

Required: True ,

}

string ,

parameters:

{

Description: Parameters to update passwordCredentials of an existing application. ,

Required: True ,

}

{

value:

{

Description: A collection of PasswordCredentials. ,

Required: True ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_IsMemberOf (new)

Description	: Checks whether the specified user, group, contact, or service principal is a direct or transitive member of the specified group.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/isMemberOf

{

parameters:

{

Description: The check group membership parameters. ,

Required: True ,

}

{

groupId:

{

Description: The object ID of the group to check. ,

Required: True ,

}

string ,

memberId:

{

Description: The object ID of the contact, group, user, or service principal to check for membership in the specified group. ,

Required: True ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: True if the specified user, group, contact, or service principal has either direct or transitive membership in the specified group; otherwise, false. ,

Required: False ,

}

boolean ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_RemoveMember (new)

Description	: Remove a member from a group.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/groups/{groupObjectId}/$links/members/{memberObjectId}

{

groupObjectId:

{

Description: The object ID of the group from which to remove the member. ,

Required: True ,

}

string ,

memberObjectId:

{

Description: Member object id ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_AddMember (new)

Description	: Add a member to a group.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/groups/{groupObjectId}/$links/members

{

groupObjectId:

{

Description: The object ID of the group to which to add the member. ,

Required: True ,

}

string ,

parameters:

{

Description: The URL of the member object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd. ,

Required: True ,

}

{

url:

{

Description: A member object URL, such as "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the member (user, application, servicePrincipal, group) to be added. ,

Required: True ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_Create (new)

Description	: Create a group in the directory.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/groups

{

parameters:

{

Description: The parameters for the group to create. ,

Required: True ,

}

{

displayName:

{

Description: Group display name ,

Required: True ,

}

string ,

mailEnabled:

{

Description: Whether the group is mail-enabled. Must be false. This is because only pure security groups can be created using the Graph API. ,

Required: True ,

}

boolean ,

mailNickname:

{

Description: Mail nickname ,

Required: True ,

}

string ,

securityEnabled:

{

Description: Whether the group is a security group. Must be true. This is because only pure security groups can be created using the Graph API. ,

Required: True ,

}

boolean ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (201)

{

displayName:

{

Description: The display name of the group. ,

Required: False ,

}

string ,

mailEnabled:

{

Description: Whether the group is mail-enabled. Must be false. This is because only pure security groups can be created using the Graph API. ,

Required: False ,

}

boolean ,

mailNickname:

{

Description: The mail alias for the group. ,

Required: False ,

}

string ,

securityEnabled:

{

Description: Whether the group is security-enable. ,

Required: False ,

}

boolean ,

mail:

{

Description: The primary email address of the group. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_List (new)

Description	: Gets list of groups for the current tenant.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/groups

{

$filter:

{

Description: The filter to apply to the operation. ,

Required: False ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of Active Directory groups. ,

Required: False ,

}

[

{

displayName:

{

Description: The display name of the group. ,

Required: False ,

}

string ,

mailEnabled:

{

Description: Whether the group is mail-enabled. Must be false. This is because only pure security groups can be created using the Graph API. ,

Required: False ,

}

boolean ,

mailNickname:

{

Description: The mail alias for the group. ,

Required: False ,

}

string ,

securityEnabled:

{

Description: Whether the group is security-enable. ,

Required: False ,

}

boolean ,

mail:

{

Description: The primary email address of the group. ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_GetGroupMembers (new)

Description	: Gets the members of a group.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/groups/{objectId}/members

{

objectId:

{

Description: The object ID of the group whose members should be retrieved. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of DirectoryObject. ,

Required: False ,

}

[

{

objectId:

{

Description: The object ID. ,

Required: False ,

}

string ,

objectType:

{

Description: The object type. ,

Required: True ,

}

string ,

deletionTimestamp:

{

Description: The time at which the directory object was deleted. ,

Format: date-time ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_Get (new)

Description	: Gets group information from the directory.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/groups/{objectId}

{

objectId:

{

Description: The object ID of the user for which to get group information. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

displayName:

{

Description: The display name of the group. ,

Required: False ,

}

string ,

mailEnabled:

{

Description: Whether the group is mail-enabled. Must be false. This is because only pure security groups can be created using the Graph API. ,

Required: False ,

}

boolean ,

mailNickname:

{

Description: The mail alias for the group. ,

Required: False ,

}

string ,

securityEnabled:

{

Description: Whether the group is security-enable. ,

Required: False ,

}

boolean ,

mail:

{

Description: The primary email address of the group. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_Delete (new)

Description	: Delete a group from the directory.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/groups/{objectId}

{

objectId:

{

Description: The object ID of the group to delete. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_GetMemberGroups (new)

Description	: Gets a collection of object IDs of groups of which the specified group is a member.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/groups/{objectId}/getMemberGroups

{

objectId:

{

Description: The object ID of the group for which to get group membership. ,

Required: True ,

}

string ,

parameters:

{

Description: Group filtering parameters. ,

Required: True ,

}

{

securityEnabledOnly:

{

Description: If true, only membership in security-enabled groups should be checked. Otherwise, membership in all groups should be checked. ,

Required: True ,

}

boolean ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of group IDs of which the group is a member. ,

Required: False ,

}

[

string ,

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_ListOwners (new)

Description	: The owners are a set of non-admin users who are allowed to modify this object.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/groups/{objectId}/owners

{

objectId:

{

Description: The object ID of the group for which to get owners. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of DirectoryObject. ,

Required: False ,

}

[

{

objectId:

{

Description: The object ID. ,

Required: False ,

}

string ,

objectType:

{

Description: The object type. ,

Required: True ,

}

string ,

deletionTimestamp:

{

Description: The time at which the directory object was deleted. ,

Format: date-time ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_AddOwner (new)

Description	: Add an owner to a group.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/groups/{objectId}/$links/owners

{

objectId:

{

Description: The object ID of the application to which to add the owner. ,

Required: True ,

}

string ,

parameters:

{

Description: The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd. ,

Required: True ,

}

{

url:

{

Required: True ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Groups_RemoveOwner (new)

Description	: Remove a member from owners.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/groups/{objectId}/$links/owners/{ownerObjectId}

{

objectId:

{

Description: The object ID of the group from which to remove the owner. ,

Required: True ,

}

string ,

ownerObjectId:

{

Description: Owner object id ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_Create (new)

Description	: Creates a service principal in the directory.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/servicePrincipals

{

parameters:

{

Description: Parameters to create a service principal. ,

Required: True ,

}

{

appId:

{

Description: The application ID. ,

Required: True ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (201)

{

accountEnabled:

{

Description: whether or not the service principal account is enabled ,

Required: False ,

}

boolean ,

alternativeNames:

{

Description: alternative names ,

Required: False ,

}

[

string ,

]

appDisplayName:

{

Description: The display name exposed by the associated application. ,

Required: False ,

}

string ,

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

appOwnerTenantId:

{

Required: False ,

}

string ,

appRoleAssignmentRequired:

{

Description: Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. ,

Required: False ,

}

boolean ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

displayName:

{

Description: The display name of the service principal. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the associated application to report errors when using the application. ,

Required: False ,

}

string ,

homepage:

{

Description: The URL to the homepage of the associated application. ,

Required: False ,

}

string ,

keyCredentials:

{

Description: The collection of key credentials associated with the service principal. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

logoutUrl:

{

Description: A URL provided by the author of the associated application to logout ,

Required: False ,

}

string ,

oauth2Permissions:

{

Description: The OAuth 2.0 permissions exposed by the associated application. ,

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

type:

{

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

passwordCredentials:

{

Description: The collection of password credentials associated with the service principal. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preferredTokenSigningKeyThumbprint:

{

Description: The thumbprint of preferred certificate to sign the token ,

Required: False ,

}

string ,

publisherName:

{

Description: The publisher's name of the associated application ,

Required: False ,

}

string ,

replyUrls:

{

Description: The URLs that user tokens are sent to for sign in with the associated application. The redirect URIs that the oAuth 2.0 authorization code and access tokens are sent to for the associated application. ,

Required: False ,

}

[

string ,

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata of the associated application ,

Required: False ,

}

string ,

servicePrincipalNames:

{

Description: A collection of service principal names. ,

Required: False ,

}

[

string ,

]

servicePrincipalType:

{

Description: the type of the service principal ,

Required: False ,

}

string ,

tags:

{

Description: Optional list of tags that you can apply to your service principals. Not nullable. ,

Required: False ,

}

[

string ,

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_List (new)

Description	: Gets a list of service principals from the current tenant.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipals

{

$filter:

{

Description: The filter to apply to the operation. ,

Required: False ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: the list of service principals. ,

Required: False ,

}

[

{

accountEnabled:

{

Description: whether or not the service principal account is enabled ,

Required: False ,

}

boolean ,

alternativeNames:

{

Description: alternative names ,

Required: False ,

}

[

string ,

]

appDisplayName:

{

Description: The display name exposed by the associated application. ,

Required: False ,

}

string ,

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

appOwnerTenantId:

{

Required: False ,

}

string ,

appRoleAssignmentRequired:

{

Description: Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. ,

Required: False ,

}

boolean ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

displayName:

{

Description: The display name of the service principal. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the associated application to report errors when using the application. ,

Required: False ,

}

string ,

homepage:

{

Description: The URL to the homepage of the associated application. ,

Required: False ,

}

string ,

keyCredentials:

{

Description: The collection of key credentials associated with the service principal. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

logoutUrl:

{

Description: A URL provided by the author of the associated application to logout ,

Required: False ,

}

string ,

oauth2Permissions:

{

Description: The OAuth 2.0 permissions exposed by the associated application. ,

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

type:

{

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

passwordCredentials:

{

Description: The collection of password credentials associated with the service principal. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preferredTokenSigningKeyThumbprint:

{

Description: The thumbprint of preferred certificate to sign the token ,

Required: False ,

}

string ,

publisherName:

{

Description: The publisher's name of the associated application ,

Required: False ,

}

string ,

replyUrls:

{

Required: False ,

}

[

string ,

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata of the associated application ,

Required: False ,

}

string ,

servicePrincipalNames:

{

Description: A collection of service principal names. ,

Required: False ,

}

[

string ,

]

servicePrincipalType:

{

Description: the type of the service principal ,

Required: False ,

}

string ,

tags:

{

Description: Optional list of tags that you can apply to your service principals. Not nullable. ,

Required: False ,

}

[

string ,

]

}

]

odata.nextLink:

{

Description: the URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Applications_GetServicePrincipalsIdByAppId (new)

Description	: Gets an object id for a given application id from the current tenant.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipalsByAppId/{applicationID}/objectId

{

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

applicationID:

{

Description: The application ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: The Object ID of the service principal with the specified application ID. ,

Required: False ,

}

string ,

odata.metadata:

{

Description: The URL representing edm equivalent. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_Update (new)

Description	: Updates a service principal in the directory.
Reference	: Link ¶

⚼ Request

PATCH: /{tenantID}/servicePrincipals/{objectId}

{

objectId:

{

Description: The object ID of the service principal to delete. ,

Required: True ,

}

string ,

parameters:

{

Description: Parameters to update a service principal. ,

Required: True ,

}

object ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_Delete (new)

Description	: Deletes a service principal from the directory.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/servicePrincipals/{objectId}

{

objectId:

{

Description: The object ID of the service principal to delete. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_Get (new)

Description	: Gets service principal information from the directory. Query by objectId or pass a filter to query by appId
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipals/{objectId}

{

objectId:

{

Description: The object ID of the service principal to get. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

accountEnabled:

{

Description: whether or not the service principal account is enabled ,

Required: False ,

}

boolean ,

alternativeNames:

{

Description: alternative names ,

Required: False ,

}

[

string ,

]

appDisplayName:

{

Description: The display name exposed by the associated application. ,

Required: False ,

}

string ,

appId:

{

Description: The application ID. ,

Required: False ,

}

string ,

appOwnerTenantId:

{

Required: False ,

}

string ,

appRoleAssignmentRequired:

{

Description: Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. ,

Required: False ,

}

boolean ,

appRoles:

{

Description: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. ,

Required: False ,

}

[

{

id:

{

Description: Unique role identifier inside the appRoles collection. ,

Required: False ,

}

string ,

allowedMemberTypes:

{

Required: False ,

}

[

string ,

]

description:

{

Description: Permission help text that appears in the admin app assignment and consent experiences. ,

Required: False ,

}

string ,

displayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

value:

{

Description: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. ,

Required: False ,

}

string ,

}

]

displayName:

{

Description: The display name of the service principal. ,

Required: False ,

}

string ,

errorUrl:

{

Description: A URL provided by the author of the associated application to report errors when using the application. ,

Required: False ,

}

string ,

homepage:

{

Description: The URL to the homepage of the associated application. ,

Required: False ,

}

string ,

keyCredentials:

{

Description: The collection of key credentials associated with the service principal. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

logoutUrl:

{

Description: A URL provided by the author of the associated application to logout ,

Required: False ,

}

string ,

oauth2Permissions:

{

Description: The OAuth 2.0 permissions exposed by the associated application. ,

Required: False ,

}

[

{

adminConsentDescription:

{

Description: Permission help text that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

adminConsentDisplayName:

{

Description: Display name for the permission that appears in the admin consent and app assignment experiences. ,

Required: False ,

}

string ,

id:

{

Description: Unique scope permission identifier inside the oauth2Permissions collection. ,

Required: False ,

}

string ,

isEnabled:

{

Required: False ,

}

boolean ,

type:

{

Required: False ,

}

string ,

userConsentDescription:

{

Description: Permission help text that appears in the end user consent experience. ,

Required: False ,

}

string ,

userConsentDisplayName:

{

Description: Display name for the permission that appears in the end user consent experience. ,

Required: False ,

}

string ,

value:

{

Description: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. ,

Required: False ,

}

string ,

}

]

passwordCredentials:

{

Description: The collection of password credentials associated with the service principal. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

preferredTokenSigningKeyThumbprint:

{

Description: The thumbprint of preferred certificate to sign the token ,

Required: False ,

}

string ,

publisherName:

{

Description: The publisher's name of the associated application ,

Required: False ,

}

string ,

replyUrls:

{

Required: False ,

}

[

string ,

]

samlMetadataUrl:

{

Description: The URL to the SAML metadata of the associated application ,

Required: False ,

}

string ,

servicePrincipalNames:

{

Description: A collection of service principal names. ,

Required: False ,

}

[

string ,

]

servicePrincipalType:

{

Description: the type of the service principal ,

Required: False ,

}

string ,

tags:

{

Description: Optional list of tags that you can apply to your service principals. Not nullable. ,

Required: False ,

}

[

string ,

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_ListAppRoleAssignedTo (new)

Description	: Principals (users, groups, and service principals) that are assigned to this service principal.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipals/{objectId}/appRoleAssignedTo

{

objectId:

{

Description: The object ID of the service principal for which to get owners. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of AppRoleAssignment. ,

Required: False ,

}

[

{

id:

{

Description: The role id that was assigned to the principal. This role must be declared by the target resource application resourceId in its appRoles property. ,

Required: False ,

}

string ,

principalDisplayName:

{

Description: The display name of the principal that was granted the access. ,

Required: False ,

}

string ,

principalId:

{

Description: The unique identifier (objectId) for the principal being granted the access. ,

Required: False ,

}

string ,

principalType:

{

Description: The type of principal. This can either be "User", "Group" or "ServicePrincipal". ,

Required: False ,

}

string ,

resourceDisplayName:

{

Description: The display name of the resource to which the assignment was made. ,

Required: False ,

}

string ,

resourceId:

{

Description: The unique identifier (objectId) for the target resource (service principal) for which the assignment was made. ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_ListAppRoleAssignments (new)

Description	: Applications that the service principal is assigned to.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipals/{objectId}/appRoleAssignments

{

objectId:

{

Description: The object ID of the service principal for which to get owners. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of AppRoleAssignment. ,

Required: False ,

}

[

{

id:

{

Description: The role id that was assigned to the principal. This role must be declared by the target resource application resourceId in its appRoles property. ,

Required: False ,

}

string ,

principalDisplayName:

{

Description: The display name of the principal that was granted the access. ,

Required: False ,

}

string ,

principalId:

{

Description: The unique identifier (objectId) for the principal being granted the access. ,

Required: False ,

}

string ,

principalType:

{

Description: The type of principal. This can either be "User", "Group" or "ServicePrincipal". ,

Required: False ,

}

string ,

resourceDisplayName:

{

Description: The display name of the resource to which the assignment was made. ,

Required: False ,

}

string ,

resourceId:

{

Description: The unique identifier (objectId) for the target resource (service principal) for which the assignment was made. ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_ListOwners (new)

Description	: The owners are a set of non-admin users who are allowed to modify this object.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipals/{objectId}/owners

{

objectId:

{

Description: The object ID of the service principal for which to get owners. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of DirectoryObject. ,

Required: False ,

}

[

{

objectId:

{

Description: The object ID. ,

Required: False ,

}

string ,

objectType:

{

Description: The object type. ,

Required: True ,

}

string ,

deletionTimestamp:

{

Description: The time at which the directory object was deleted. ,

Format: date-time ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_AddOwner (new)

Description	: Add an owner to a service principal.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/servicePrincipals/{objectId}/$links/owners

{

objectId:

{

Description: The object ID of the service principal to which to add the owner. ,

Required: True ,

}

string ,

parameters:

{

Description: The URL of the owner object, such as https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd. ,

Required: True ,

}

{

url:

{

Required: True ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_RemoveOwner (new)

Description	: Remove a member from owners.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/servicePrincipals/{objectId}/$links/owners/{ownerObjectId}

{

objectId:

{

Description: The object ID of the service principal from which to remove the owner. ,

Required: True ,

}

string ,

ownerObjectId:

{

Description: Owner object id ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_ListKeyCredentials (new)

Description	: Get the keyCredentials associated with the specified service principal.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipals/{objectId}/keyCredentials

{

objectId:

{

Description: The object ID of the service principal for which to get keyCredentials. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of KeyCredentials. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_UpdateKeyCredentials (new)

Description	: Update the keyCredentials associated with a service principal.
Reference	: Link ¶

⚼ Request

PATCH: /{tenantID}/servicePrincipals/{objectId}/keyCredentials

{

objectId:

{

Description: The object ID for which to get service principal information. ,

Required: True ,

}

string ,

parameters:

{

Description: Parameters to update the keyCredentials of an existing service principal. ,

Required: True ,

}

{

value:

{

Description: A collection of KeyCredentials. ,

Required: True ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

usage:

{

Description: Usage. Acceptable values are 'Verify' and 'Sign'. ,

Required: False ,

}

string ,

type:

{

Description: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Required: False ,

}

string ,

}

]

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_ListPasswordCredentials (new)

Description	: Gets the passwordCredentials associated with a service principal.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/servicePrincipals/{objectId}/passwordCredentials

{

objectId:

{

Description: The object ID of the service principal. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of PasswordCredentials. ,

Required: False ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

ServicePrincipals_UpdatePasswordCredentials (new)

Description	: Updates the passwordCredentials associated with a service principal.
Reference	: Link ¶

⚼ Request

PATCH: /{tenantID}/servicePrincipals/{objectId}/passwordCredentials

{

objectId:

{

Description: The object ID of the service principal. ,

Required: True ,

}

string ,

parameters:

{

Description: Parameters to update the passwordCredentials of an existing service principal. ,

Required: True ,

}

{

value:

{

Description: A collection of PasswordCredentials. ,

Required: True ,

}

[

{

startDate:

{

Description: Start date. ,

Format: date-time ,

Required: False ,

}

string ,

endDate:

{

Description: End date. ,

Format: date-time ,

Required: False ,

}

string ,

keyId:

{

Description: Key ID. ,

Required: False ,

}

string ,

value:

{

Description: Key value. ,

Required: False ,

}

string ,

customKeyIdentifier:

{

Description: Custom Key Identifier ,

Format: byte ,

Required: False ,

}

string ,

}

]

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Users_Create (new)

Description	: Create a new user.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/users

{

parameters:

{

Description: Parameters to create a user. ,

Required: True ,

}

{

accountEnabled:

{

Description: Whether the account is enabled. ,

Required: True ,

}

boolean ,

displayName:

{

Description: The display name of the user. ,

Required: True ,

}

string ,

passwordProfile:

{

Description: Password Profile ,

Required: True ,

}

{

password:

{

Description: Password ,

Required: True ,

}

string ,

forceChangePasswordNextLogin:

{

Description: Whether to force a password change on next login. ,

Required: False ,

}

boolean ,

}

userPrincipalName:

{

Description: The user principal name (someuser@contoso.com). It must contain one of the verified domains for the tenant. ,

Required: True ,

}

string ,

mailNickname:

{

Description: The mail alias for the user. ,

Required: True ,

}

string ,

mail:

{

Description: The primary email address of the user. ,

Required: False ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (201)

{

immutableId:

{

Required: False ,

}

string ,

usageLocation:

{

Required: False ,

}

string ,

givenName:

{

Description: The given name for the user. ,

Required: False ,

}

string ,

surname:

{

Description: The user's surname (family name or last name). ,

Required: False ,

}

string ,

userType:

{

Description: A string value that can be used to classify user types in your directory, such as 'Member' and 'Guest'. ,

Enum:

{

Member: No description available. ,

Guest: No description available. ,

}

Required: False ,

}

enum ,

accountEnabled:

{

Description: Whether the account is enabled. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the user. ,

Required: False ,

}

string ,

userPrincipalName:

{

Description: The principal name of the user. ,

Required: False ,

}

string ,

mailNickname:

{

Description: The mail alias for the user. ,

Required: False ,

}

string ,

mail:

{

Description: The primary email address of the user. ,

Required: False ,

}

string ,

signInNames:

{

Description: The sign-in names of the user. ,

Required: False ,

}

[

{

type:

{

Description: A string value that can be used to classify user sign-in types in your directory, such as 'emailAddress' or 'userName'. ,

Required: False ,

}

string ,

value:

{

Description: The sign-in used by the local account. Must be unique across the company/tenant. For example, 'johnc@example.com'. ,

Required: False ,

}

string ,

}

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Users_List (new)

Description	: Gets list of users for the current tenant.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/users

{

$filter:

{

Description: The filter to apply to the operation. ,

Required: False ,

}

string ,

$expand:

{

Description: The expand value for the operation result. ,

Required: False ,

}

string ,

$top:

{

Description: (Optional) Set the maximum number of results per response. ,

Required: False ,

}

integer ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: the list of users. ,

Required: False ,

}

[

{

immutableId:

{

Required: False ,

}

string ,

usageLocation:

{

Required: False ,

}

string ,

givenName:

{

Description: The given name for the user. ,

Required: False ,

}

string ,

surname:

{

Description: The user's surname (family name or last name). ,

Required: False ,

}

string ,

userType:

{

Description: A string value that can be used to classify user types in your directory, such as 'Member' and 'Guest'. ,

Enum:

{

Member: No description available. ,

Guest: No description available. ,

}

Required: False ,

}

enum ,

accountEnabled:

{

Description: Whether the account is enabled. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the user. ,

Required: False ,

}

string ,

userPrincipalName:

{

Description: The principal name of the user. ,

Required: False ,

}

string ,

mailNickname:

{

Description: The mail alias for the user. ,

Required: False ,

}

string ,

mail:

{

Description: The primary email address of the user. ,

Required: False ,

}

string ,

signInNames:

{

Description: The sign-in names of the user. ,

Required: False ,

}

[

{

type:

{

Description: A string value that can be used to classify user sign-in types in your directory, such as 'emailAddress' or 'userName'. ,

Required: False ,

}

string ,

value:

{

Description: The sign-in used by the local account. Must be unique across the company/tenant. For example, 'johnc@example.com'. ,

Required: False ,

}

string ,

}

]

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Users_Get (new)

Description	: Gets user information from the directory.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/users/{upnOrObjectId}

{

upnOrObjectId:

{

Description: The object ID or principal name of the user for which to get information. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

immutableId:

{

Required: False ,

}

string ,

usageLocation:

{

Required: False ,

}

string ,

givenName:

{

Description: The given name for the user. ,

Required: False ,

}

string ,

surname:

{

Description: The user's surname (family name or last name). ,

Required: False ,

}

string ,

userType:

{

Description: A string value that can be used to classify user types in your directory, such as 'Member' and 'Guest'. ,

Enum:

{

Member: No description available. ,

Guest: No description available. ,

}

Required: False ,

}

enum ,

accountEnabled:

{

Description: Whether the account is enabled. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the user. ,

Required: False ,

}

string ,

userPrincipalName:

{

Description: The principal name of the user. ,

Required: False ,

}

string ,

mailNickname:

{

Description: The mail alias for the user. ,

Required: False ,

}

string ,

mail:

{

Description: The primary email address of the user. ,

Required: False ,

}

string ,

signInNames:

{

Description: The sign-in names of the user. ,

Required: False ,

}

[

{

type:

{

Description: A string value that can be used to classify user sign-in types in your directory, such as 'emailAddress' or 'userName'. ,

Required: False ,

}

string ,

value:

{

Description: The sign-in used by the local account. Must be unique across the company/tenant. For example, 'johnc@example.com'. ,

Required: False ,

}

string ,

}

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Users_Update (new)

Description	: Updates a user.
Reference	: Link ¶

⚼ Request

PATCH: /{tenantID}/users/{upnOrObjectId}

{

upnOrObjectId:

{

Description: The object ID or principal name of the user to update. ,

Required: True ,

}

string ,

parameters:

{

Description: Parameters to update an existing user. ,

Required: True ,

}

{

accountEnabled:

{

Description: Whether the account is enabled. ,

Required: False ,

}

boolean ,

displayName:

{

Description: The display name of the user. ,

Required: False ,

}

string ,

passwordProfile:

{

Description: The password profile of the user. ,

Required: False ,

}

{

password:

{

Description: Password ,

Required: True ,

}

string ,

forceChangePasswordNextLogin:

{

Description: Whether to force a password change on next login. ,

Required: False ,

}

boolean ,

}

userPrincipalName:

{

Description: The user principal name (someuser@contoso.com). It must contain one of the verified domains for the tenant. ,

Required: False ,

}

string ,

mailNickname:

{

Description: The mail alias for the user. ,

Required: False ,

}

string ,

mail:

{

Description: The primary email address of the user. ,

Required: False ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Users_Delete (new)

Description	: Delete a user.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/users/{upnOrObjectId}

{

upnOrObjectId:

{

Description: The object ID or principal name of the user to delete. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Users_GetMemberGroups (new)

Description	: Gets a collection that contains the object IDs of the groups of which the user is a member.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/users/{objectId}/getMemberGroups

{

objectId:

{

Description: The object ID of the user for which to get group membership. ,

Required: True ,

}

string ,

parameters:

{

Description: User filtering parameters. ,

Required: True ,

}

{

securityEnabledOnly:

{

Description: If true, only membership in security-enabled groups should be checked. Otherwise, membership in all groups should be checked. ,

Required: True ,

}

boolean ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of group IDs of which the user is a member. ,

Required: False ,

}

[

string ,

]

}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}

Objects_GetObjectsByObjectIds (new)

Description	: Gets the directory objects specified in a list of object IDs. You can also specify which resource collections (users, groups, etc.) should be searched by specifying the optional types parameter.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/getObjectsByObjectIds

{

parameters:

{

Description: Objects filtering parameters. ,

Required: True ,

}

{

objectIds:

{

Description: The requested object IDs. ,

Required: False ,

}

[

string ,

]

types:

{

Description: The requested object types. ,

Required: False ,

}

[

string ,

]

includeDirectoryObjectReferences:

{

Description: If true, also searches for object IDs in the partner tenant. ,

Required: False ,

}

boolean ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: A collection of DirectoryObject. ,

Required: False ,

}

[

{

objectId:

{

Description: The object ID. ,

Required: False ,

}

string ,

objectType:

{

Description: The object type. ,

Required: True ,

}

string ,

deletionTimestamp:

{

Description: The time at which the directory object was deleted. ,

Format: date-time ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: The URL to get the next set of results. ,

Required: False ,

}

string ,

}

Domains_List (new)

Description	: Gets a list of domains for the current tenant.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/domains

{

$filter:

{

Description: The filter to apply to the operation. ,

Required: False ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: the list of domains. ,

Required: False ,

}

[

{

authenticationType:

{

Description: the type of the authentication into the domain. ,

Required: False ,

}

string ,

isDefault:

{

Description: if this is the default domain in the tenant. ,

Required: False ,

}

boolean ,

isVerified:

{

Description: if this domain's ownership is verified. ,

Required: False ,

}

boolean ,

name:

{

Description: the domain name. ,

Required: True ,

}

string ,

}

]

}

Domains_Get (new)

Description	: Gets a specific domain in the current tenant.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/domains/{domainName}

{

domainName:

{

Description: name of the domain. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

authenticationType:

{

Description: the type of the authentication into the domain. ,

Required: False ,

}

string ,

isDefault:

{

Description: if this is the default domain in the tenant. ,

Required: False ,

}

boolean ,

isVerified:

{

Description: if this domain's ownership is verified. ,

Required: False ,

}

boolean ,

name:

{

Description: the domain name. ,

Required: True ,

}

string ,

}

OAuth2PermissionGrant_List (new)

Description	: Queries OAuth2 permissions grants for the relevant SP ObjectId of an app.
Reference	: Link ¶

⚼ Request

GET: /{tenantID}/oauth2PermissionGrants

{

$filter:

{

Description: This is the Service Principal ObjectId associated with the app ,

Required: False ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (200)

{

value:

{

Description: the list of oauth2 permissions grants ,

Required: False ,

}

[

{

odata.type:

{

Description: Microsoft.DirectoryServices.OAuth2PermissionGrant ,

Required: False ,

}

string ,

clientId:

{

Description: The id of the resource's service principal granted consent to impersonate the user when accessing the resource (represented by the resourceId property). ,

Required: False ,

}

string ,

objectId:

{

Description: The id of the permission grant ,

Required: False ,

}

string ,

consentType:

{

Description: Indicates if consent was provided by the administrator (on behalf of the organization) or by an individual. ,

Enum:

{

AllPrincipals: No description available. ,

Principal: No description available. ,

}

Required: False ,

}

enum ,

principalId:

{

Description: When consent type is Principal, this property specifies the id of the user that granted consent and applies only for that user. ,

Required: False ,

}

string ,

resourceId:

{

Description: Object Id of the resource you want to grant ,

Required: False ,

}

string ,

scope:

{

Description: Specifies the value of the scope claim that the resource application should expect in the OAuth 2.0 access token. For example, User.Read ,

Required: False ,

}

string ,

startTime:

{

Description: Start time for TTL ,

Required: False ,

}

string ,

expiryTime:

{

Description: Expiry time for TTL ,

Required: False ,

}

string ,

}

]

odata.nextLink:

{

Description: the URL to get the next set of results. ,

Required: False ,

}

string ,

}

OAuth2PermissionGrant_Create (new)

Description	: Grants OAuth2 permissions for the relevant resource Ids of an app.
Reference	: Link ¶

⚼ Request

POST: /{tenantID}/oauth2PermissionGrants

{

body:

{

Description: The relevant app Service Principal Object Id and the Service Principal Object Id you want to grant. ,

Required: False ,

}

{

odata.type:

{

Description: Microsoft.DirectoryServices.OAuth2PermissionGrant ,

Required: False ,

}

string ,

clientId:

{

Description: The id of the resource's service principal granted consent to impersonate the user when accessing the resource (represented by the resourceId property). ,

Required: False ,

}

string ,

objectId:

{

Description: The id of the permission grant ,

Required: False ,

}

string ,

consentType:

{

Description: Indicates if consent was provided by the administrator (on behalf of the organization) or by an individual. ,

Enum:

{

AllPrincipals: No description available. ,

Principal: No description available. ,

}

Required: False ,

}

enum ,

principalId:

{

Description: When consent type is Principal, this property specifies the id of the user that granted consent and applies only for that user. ,

Required: False ,

}

string ,

resourceId:

{

Description: Object Id of the resource you want to grant ,

Required: False ,

}

string ,

scope:

{

Description: Specifies the value of the scope claim that the resource application should expect in the OAuth 2.0 access token. For example, User.Read ,

Required: False ,

}

string ,

startTime:

{

Description: Start time for TTL ,

Required: False ,

}

string ,

expiryTime:

{

Description: Expiry time for TTL ,

Required: False ,

}

string ,

}

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (201)

{

odata.type:

{

Description: Microsoft.DirectoryServices.OAuth2PermissionGrant ,

Required: False ,

}

string ,

clientId:

{

Description: The id of the resource's service principal granted consent to impersonate the user when accessing the resource (represented by the resourceId property). ,

Required: False ,

}

string ,

objectId:

{

Description: The id of the permission grant ,

Required: False ,

}

string ,

consentType:

{

Description: Indicates if consent was provided by the administrator (on behalf of the organization) or by an individual. ,

Enum:

{

AllPrincipals: No description available. ,

Principal: No description available. ,

}

Required: False ,

}

enum ,

principalId:

{

Description: When consent type is Principal, this property specifies the id of the user that granted consent and applies only for that user. ,

Required: False ,

}

string ,

resourceId:

{

Description: Object Id of the resource you want to grant ,

Required: False ,

}

string ,

scope:

{

Description: Specifies the value of the scope claim that the resource application should expect in the OAuth 2.0 access token. For example, User.Read ,

Required: False ,

}

string ,

startTime:

{

Description: Start time for TTL ,

Required: False ,

}

string ,

expiryTime:

{

Description: Expiry time for TTL ,

Required: False ,

}

string ,

}

OAuth2PermissionGrant_Delete (new)

Description	: Delete a OAuth2 permission grant for the relevant resource Ids of an app.
Reference	: Link ¶

⚼ Request

DELETE: /{tenantID}/oauth2PermissionGrants/{objectId}

{

objectId:

{

Description: The object ID of a permission grant. ,

Required: True ,

}

string ,

api-version:

{

Description: Client API version. ,

Required: True ,

}

string ,

tenantID:

{

Description: The tenant ID. ,

Required: True ,

}

string ,

}

⚐ Response (204)

{}

⚐ Response (default)

{

odata.error:

{

Description: A Graph API error. ,

Required: False ,

}

{

code:

{

Description: Error code. ,

Required: False ,

}

string ,

message:

{

Description: Error Message. ,

Required: False ,

}

{

value:

{

Description: Error message value. ,

Required: False ,

}

string ,

}