diff --git a/config/ModulesMapping.jsonc b/config/ModulesMapping.jsonc index 935a3f07c51..2295ed850eb 100644 --- a/config/ModulesMapping.jsonc +++ b/config/ModulesMapping.jsonc @@ -1,4 +1,4 @@ -{ + { "Applications": "^applicationTemplates\\.|^applications\\.|^servicePrincipals\\.|^onPremisesPublishingProfiles\\.|^users.appRoleAssignment$|^groups.appRoleAssignment$", "Bookings": "^bookingBusinesses\\.|^bookingCurrencies\\.|^solutions.booking.*.Actions$|^solutions.bookingBusiness$|^solutions.bookingCurrency$|^solutions.virtualEventsRoot$|^solutions.booking.*.Functions$|^solutions.solutionsRoot$", "BusinessScenario": "^solutions.businessScenario$|^solutions.BusinessScenario.*.Actions$|^solutions.BusinessScenario.*.Functions$", @@ -19,7 +19,7 @@ "Files": "^drives\\.|^shares\\.|^users.drive$|^groups.drive$", "Financials": "^financials\\.", "Groups": "^groups.group$|^groups.directoryObject$|^groups.conversation$|^groups.endpoint$|^groups.extension$|^groups.groupLifecyclePolicy$|^groups.resourceSpecificPermissionGrant$|^groups.profilePhoto$|^groups.conversationThread$|^groupLifecyclePolicies\\.|^users.group$|^groups.directorySetting$|^groups.*.Actions$|^groups.*.Functions$|^groupSettings\\.|^groups.groupSetting$|^groupSettingTemplates\\.", - "Identity.DirectoryManagement": "^administrativeUnits\\.|^contacts\\.|^devices\\.|^domains\\.|^directoryRoles\\.|^directoryRoleTemplates\\.|^directorySettingTemplates\\.|^settings\\.|^subscribedSkus\\.|^contracts\\.|^directory\\.|^users.scopedRoleMembership$|^organization.organization$|^organization.organizationalBranding$|^organization.organizationSettings$|^organization.*.Actions$|^organization.extension$|^tenantRelationships.*.Actions$|admin.peopleAdminSettings$|^organization\\.partnerInformation$", + "Identity.DirectoryManagement": "^administrativeUnits\\.|^contacts\\.|^devices\\.|^domains\\.|^directoryRoles\\.|^directoryRoleTemplates\\.|^directorySettingTemplates\\.|^settings\\.|^subscribedSkus\\.|^contracts\\.|^directory\\.|^users.scopedRoleMembership$|^organization.organization$|^organization.organizationalBranding$|^organization.organizationSettings$|^organization.*.Actions$|^organization.extension$|^tenantRelationships.*.Actions$|^tenantRelationships.*.Functions$|admin.peopleAdminSettings$|^organization\\.partnerInformation$", "Identity.Governance": "^accessReviews\\.|^businessFlowTemplates\\.|^programs\\.|^programControls\\.|^programControlTypes\\.|^privilegedRoles\\.|^privilegedRoleAssignments\\.|^privilegedRoleAssignmentRequests\\.|^privilegedApproval\\.|^privilegedOperationEvents\\.|^privilegedAccess\\.|^agreements\\.|^users.agreementAcceptance$|^identityGovernance\\.|^roleManagement.rbacApplication$|^roleManagement.*.Functions$|roleManagement.*.Actions$", "Identity.SignIns": "^organization.certificateBasedAuthConfiguration$|^invitations\\.|^identityProviders\\.|^oauth2PermissionGrants\\.|^identityProtection\\.|^dataPolicyOperations\\.|^identity\\.|^trustFramework\\.|^informationProtection\\.|^policies\\.|^users.authentication$|^users.informationProtection$|^tenantRelationships.multiTenantOrganization$", "Identity.Partner": "^tenantRelationships.delegatedAdminRelationship$|^tenantRelationships.delegatedAdminCustomer$", @@ -40,4 +40,4 @@ "Users.Actions": "^users.*.Actions$", "Users.Functions": "^users.*.Functions$", "WindowsUpdates": "^admin.adminWindows$" -} \ No newline at end of file + } \ No newline at end of file diff --git a/openApiDocs/beta/Identity.DirectoryManagement.yml b/openApiDocs/beta/Identity.DirectoryManagement.yml index 5805a54eee6..09877472845 100644 --- a/openApiDocs/beta/Identity.DirectoryManagement.yml +++ b/openApiDocs/beta/Identity.DirectoryManagement.yml @@ -1,4 +1,4 @@ -openapi: 3.0.1 +openapi: 3.0.4 info: title: Identity.DirectoryManagement version: v1.0-beta @@ -2304,7 +2304,7 @@ paths: tags: - administrativeUnits.administrativeUnit.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -4270,7 +4270,7 @@ paths: tags: - contacts.orgContact.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -5684,7 +5684,7 @@ paths: tags: - contracts.contract.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -7533,7 +7533,7 @@ paths: tags: - devices.device.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -7898,6 +7898,68 @@ paths: default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation + '/devices/{device-id}/registeredOwners/{directoryObject-id}/microsoft.graph.appRoleAssignment': + get: + tags: + - devices.directoryObject + summary: Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment + operationId: device_GetRegisteredOwnerAsAppRoleAssignment + parameters: + - name: device-id + in: path + description: The unique identifier of device + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: device + - name: directoryObject-id + in: path + description: The unique identifier of directoryObject + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: directoryObject + - name: ConsistencyLevel + in: header + description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' + style: simple + schema: + type: string + examples: + example-1: + description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. + value: eventual + - name: $select + in: query + description: Select properties to be returned + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + - name: $expand + in: query + description: Expand related entities + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + responses: + 2XX: + description: Entity result. + content: + application/json: + schema: + $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' + default: + $ref: '#/components/responses/error' '/devices/{device-id}/registeredOwners/{directoryObject-id}/microsoft.graph.endpoint': get: tags: @@ -8233,6 +8295,106 @@ paths: default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation + '/devices/{device-id}/registeredOwners/microsoft.graph.appRoleAssignment': + get: + tags: + - devices.directoryObject + summary: Get the items of type microsoft.graph.appRoleAssignment in the microsoft.graph.directoryObject collection + operationId: device_ListRegisteredOwnerAsAppRoleAssignment + parameters: + - name: device-id + in: path + description: The unique identifier of device + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: device + - name: ConsistencyLevel + in: header + description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' + style: simple + schema: + type: string + examples: + example-1: + description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. + value: eventual + - $ref: '#/components/parameters/top' + - $ref: '#/components/parameters/skip' + - $ref: '#/components/parameters/search' + - $ref: '#/components/parameters/filter' + - $ref: '#/components/parameters/count' + - name: $orderby + in: query + description: Order items by property values + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + - name: $select + in: query + description: Select properties to be returned + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + - name: $expand + in: query + description: Expand related entities + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + responses: + 2XX: + $ref: '#/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse' + default: + $ref: '#/components/responses/error' + x-ms-pageable: + nextLinkName: '@odata.nextLink' + operationName: listMore + '/devices/{device-id}/registeredOwners/microsoft.graph.appRoleAssignment/$count': + get: + tags: + - devices.directoryObject + summary: Get the number of the resource + operationId: device.RegisteredOwner_GetCountAsAppRoleAssignment + parameters: + - name: device-id + in: path + description: The unique identifier of device + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: device + - name: ConsistencyLevel + in: header + description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' + style: simple + schema: + type: string + examples: + example-1: + description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. + value: eventual + - $ref: '#/components/parameters/search' + - $ref: '#/components/parameters/filter' + responses: + 2XX: + $ref: '#/components/responses/ODataCountResponse' + default: + $ref: '#/components/responses/error' '/devices/{device-id}/registeredOwners/microsoft.graph.endpoint': get: tags: @@ -8645,6 +8807,68 @@ paths: default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation + '/devices/{device-id}/registeredUsers/{directoryObject-id}/microsoft.graph.appRoleAssignment': + get: + tags: + - devices.directoryObject + summary: Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment + operationId: device_GetRegisteredUserAsAppRoleAssignment + parameters: + - name: device-id + in: path + description: The unique identifier of device + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: device + - name: directoryObject-id + in: path + description: The unique identifier of directoryObject + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: directoryObject + - name: ConsistencyLevel + in: header + description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' + style: simple + schema: + type: string + examples: + example-1: + description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. + value: eventual + - name: $select + in: query + description: Select properties to be returned + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + - name: $expand + in: query + description: Expand related entities + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + responses: + 2XX: + description: Entity result. + content: + application/json: + schema: + $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' + default: + $ref: '#/components/responses/error' '/devices/{device-id}/registeredUsers/{directoryObject-id}/microsoft.graph.endpoint': get: tags: @@ -8980,6 +9204,106 @@ paths: default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation + '/devices/{device-id}/registeredUsers/microsoft.graph.appRoleAssignment': + get: + tags: + - devices.directoryObject + summary: Get the items of type microsoft.graph.appRoleAssignment in the microsoft.graph.directoryObject collection + operationId: device_ListRegisteredUserAsAppRoleAssignment + parameters: + - name: device-id + in: path + description: The unique identifier of device + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: device + - name: ConsistencyLevel + in: header + description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' + style: simple + schema: + type: string + examples: + example-1: + description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. + value: eventual + - $ref: '#/components/parameters/top' + - $ref: '#/components/parameters/skip' + - $ref: '#/components/parameters/search' + - $ref: '#/components/parameters/filter' + - $ref: '#/components/parameters/count' + - name: $orderby + in: query + description: Order items by property values + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + - name: $select + in: query + description: Select properties to be returned + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + - name: $expand + in: query + description: Expand related entities + style: form + explode: false + schema: + uniqueItems: true + type: array + items: + type: string + responses: + 2XX: + $ref: '#/components/responses/microsoft.graph.appRoleAssignmentCollectionResponse' + default: + $ref: '#/components/responses/error' + x-ms-pageable: + nextLinkName: '@odata.nextLink' + operationName: listMore + '/devices/{device-id}/registeredUsers/microsoft.graph.appRoleAssignment/$count': + get: + tags: + - devices.directoryObject + summary: Get the number of the resource + operationId: device.RegisteredUser_GetCountAsAppRoleAssignment + parameters: + - name: device-id + in: path + description: The unique identifier of device + required: true + style: simple + schema: + type: string + x-ms-docs-key-type: device + - name: ConsistencyLevel + in: header + description: 'Indicates the requested consistency level. Documentation URL: https://docs.microsoft.com/graph/aad-advanced-queries' + style: simple + schema: + type: string + examples: + example-1: + description: $search and $count queries require the client to set the ConsistencyLevel HTTP header to 'eventual'. + value: eventual + - $ref: '#/components/parameters/search' + - $ref: '#/components/parameters/filter' + responses: + 2XX: + $ref: '#/components/responses/ODataCountResponse' + default: + $ref: '#/components/responses/error' '/devices/{device-id}/registeredUsers/microsoft.graph.endpoint': get: tags: @@ -14663,7 +14987,7 @@ paths: tags: - directory.directoryObject summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -22249,7 +22573,7 @@ paths: tags: - directoryRoles.directoryRole.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -23255,7 +23579,7 @@ paths: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -23912,7 +24236,7 @@ paths: tags: - directorySettingTemplates.directorySettingTemplate.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -28652,7 +28976,7 @@ paths: tags: - organization.organization.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-beta @@ -30123,6 +30447,64 @@ paths: default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation + '/tenantRelationships/microsoft.graph.findTenantInformationByDomainName(domainName=''{domainName}'')': + get: + tags: + - tenantRelationships.tenantRelationship.Functions + summary: Invoke function findTenantInformationByDomainName + description: 'Given a domain name, search for a tenant and read its tenantInformation. You can use this API to validate tenant information and use their tenantId to configure cross-tenant access settings between you and the tenant.' + externalDocs: + description: Find more info here + url: https://learn.microsoft.com/graph/api/tenantrelationship-findtenantinformationbydomainname?view=graph-rest-beta + operationId: tenantRelationship_findTenantInformationGraphBPreDomainName + parameters: + - name: domainName + in: path + description: 'Usage: domainName=''{domainName}''' + required: true + style: simple + schema: + type: string + nullable: true + responses: + 2XX: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/microsoft.graph.tenantInformation' + default: + $ref: '#/components/responses/error' + x-ms-docs-operation-type: function + '/tenantRelationships/microsoft.graph.findTenantInformationByTenantId(tenantId=''{tenantId}'')': + get: + tags: + - tenantRelationships.tenantRelationship.Functions + summary: Invoke function findTenantInformationByTenantId + description: 'Given a tenant ID, search for a tenant and read its tenantInformation. You can use this API to validate tenant information and use their tenantId to configure cross-tenant cross-tenant access settings between you and the tenant.' + externalDocs: + description: Find more info here + url: https://learn.microsoft.com/graph/api/tenantrelationship-findtenantinformationbytenantid?view=graph-rest-beta + operationId: tenantRelationship_findTenantInformationGraphBPreTenantId + parameters: + - name: tenantId + in: path + description: 'Usage: tenantId=''{tenantId}''' + required: true + style: simple + schema: + type: string + nullable: true + responses: + 2XX: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/microsoft.graph.tenantInformation' + default: + $ref: '#/components/responses/error' + x-ms-docs-operation-type: function '/users/{user-id}/scopedRoleMemberOf': get: tags: @@ -31916,7 +32298,7 @@ components: type: array items: type: string - description: 'A list of additional email addresses for the user; for example: [''bob@contoso.com'', ''Robert@fabrikam.com''].NOTE: This property can''t contain accent characters.Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0).' + description: 'A list of additional email addresses for the user; for example: [''bob@contoso.com'', ''Robert@fabrikam.com'']. Can store up to 250 values, each with a limit of 250 characters. NOTE: This property can''t contain accent characters.Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0).' passwordPolicies: type: string description: 'Specifies password policies for the user. This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two may be specified together; for example: DisablePasswordExpiration, DisableStrongPassword. For more information on the default password policies, see Microsoft Entra password policies. Supports $filter (ne, not, and eq on null values).' @@ -32483,6 +32865,49 @@ components: x-ms-navigationProperty: true additionalProperties: type: object + microsoft.graph.appRoleAssignment: + allOf: + - $ref: '#/components/schemas/microsoft.graph.directoryObject' + - title: appRoleAssignment + type: object + properties: + appRoleId: + pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' + type: string + description: 'The identifier (id) for the app role that is assigned to the principal. This app role must be exposed in the appRoles property on the resource application''s service principal (resourceId). If the resource application hasn''t declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create.' + format: uuid + creationTimestamp: + pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' + type: string + description: 'The time when the app role assignment was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only.' + format: date-time + nullable: true + principalDisplayName: + type: string + description: 'The display name of the user, group, or service principal that was granted the app role assignment. Maximum length is 256 characters. Read-only. Supports $filter (eq and startswith).' + nullable: true + principalId: + pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' + type: string + description: 'The unique identifier (id) for the user, security group, or service principal being granted the app role. Security groups with dynamic memberships are supported. Required on create.' + format: uuid + nullable: true + principalType: + type: string + description: 'The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only.' + nullable: true + resourceDisplayName: + type: string + description: The display name of the resource app's service principal to which the assignment is made. Maximum length is 256 characters. + nullable: true + resourceId: + pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' + type: string + description: The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only). + format: uuid + nullable: true + additionalProperties: + type: object microsoft.graph.endpoint: allOf: - $ref: '#/components/schemas/microsoft.graph.directoryObject' @@ -33835,6 +34260,27 @@ components: description: A list of all subscription IDs associated with this SKU. additionalProperties: type: object + microsoft.graph.tenantInformation: + title: tenantInformation + type: object + properties: + defaultDomainName: + type: string + description: Primary domain name of a Microsoft Entra tenant. + nullable: true + displayName: + type: string + description: Display name of a Microsoft Entra tenant. + nullable: true + federationBrandName: + type: string + description: Name shown to users that sign in to a Microsoft Entra tenant. + nullable: true + tenantId: + type: string + description: Unique identifier of a Microsoft Entra tenant. + additionalProperties: + type: object microsoft.graph.entity: title: entity type: object @@ -33969,7 +34415,7 @@ components: readOnly: true isPublisherAttested: type: boolean - description: Indicates whether the application has been self-attested by the application developer or the publisher. + description: Indicates whether the application developer or publisher completed Publisher Attestation. nullable: true lastCertificationDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' @@ -34699,49 +35145,6 @@ components: nullable: true additionalProperties: type: object - microsoft.graph.appRoleAssignment: - allOf: - - $ref: '#/components/schemas/microsoft.graph.entity' - - title: appRoleAssignment - type: object - properties: - appRoleId: - pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' - type: string - description: 'The identifier (id) for the app role that is assigned to the principal. This app role must be exposed in the appRoles property on the resource application''s service principal (resourceId). If the resource application hasn''t declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create.' - format: uuid - creationTimestamp: - pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' - type: string - description: 'The time when the app role assignment was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only.' - format: date-time - nullable: true - principalDisplayName: - type: string - description: 'The display name of the user, group, or service principal that was granted the app role assignment. Maximum length is 256 characters. Read-only. Supports $filter (eq and startswith).' - nullable: true - principalId: - pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' - type: string - description: 'The unique identifier (id) for the user, security group, or service principal being granted the app role. Security groups with dynamic memberships are supported. Required on create.' - format: uuid - nullable: true - principalType: - type: string - description: 'The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only.' - nullable: true - resourceDisplayName: - type: string - description: The display name of the resource app's service principal to which the assignment is made. Maximum length is 256 characters. - nullable: true - resourceId: - pattern: '^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' - type: string - description: The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only). - format: uuid - nullable: true - additionalProperties: - type: object microsoft.graph.calendar: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' @@ -36528,6 +36931,8 @@ components: description: The results of every partner agent's installation status on Cloud PC. powerState: $ref: '#/components/schemas/microsoft.graph.cloudPcPowerState' + productType: + $ref: '#/components/schemas/microsoft.graph.cloudPcProductType' provisioningPolicyId: type: string description: The provisioning policy ID of the Cloud PC. @@ -37784,7 +38189,7 @@ components: type: array items: $ref: '#/components/schemas/microsoft.graph.appLogCollectionRequest' - description: Indicates collection of App Log Upload Request. + description: The collection property of AppLogUploadRequest. x-ms-navigationProperty: true additionalProperties: type: object @@ -38316,6 +38721,8 @@ components: description: 'When set to true, documents in the user''s Office Delve are disabled. Users can control this setting in Office Delve.' contactMergeSuggestions: $ref: '#/components/schemas/microsoft.graph.contactMergeSuggestions' + exchange: + $ref: '#/components/schemas/microsoft.graph.exchangeSettings' itemInsights: $ref: '#/components/schemas/microsoft.graph.userInsightsSettings' regionalAndLanguageSettings: @@ -38692,11 +39099,11 @@ components: properties: key: type: string - description: Key. + description: Contains the name of the field that a value is associated with. nullable: true value: type: string - description: Value. + description: Contains the corresponding value for the specified key. nullable: true additionalProperties: type: object @@ -39613,6 +40020,19 @@ components: nullable: true additionalProperties: type: object + microsoft.graph.appRoleAssignmentCollectionResponse: + title: Collection of appRoleAssignment + type: object + properties: + value: + type: array + items: + $ref: '#/components/schemas/microsoft.graph.appRoleAssignment' + '@odata.nextLink': + type: string + nullable: true + additionalProperties: + type: object microsoft.graph.endpointCollectionResponse: title: Collection of endpoint type: object @@ -42026,7 +42446,7 @@ components: type: array items: $ref: '#/components/schemas/microsoft.graph.chatMessage' - description: A collection of all the messages in the channel. A navigation property. Nullable. + description: A collection of all the messages in the channel. Nullable. x-ms-navigationProperty: true sharedWithTeams: type: array @@ -42038,7 +42458,7 @@ components: type: array items: $ref: '#/components/schemas/microsoft.graph.teamsTab' - description: A collection of all the tabs in the channel. A navigation property. + description: A collection of all the tabs in the channel. x-ms-navigationProperty: true additionalProperties: type: object @@ -42134,6 +42554,10 @@ components: type: boolean description: Indicates whether the schedule is enabled for the team. Required. nullable: true + isActivitiesIncludedWhenCopyingShiftsEnabled: + type: boolean + description: Indicates whether copied shifts include activities from the original shift. + nullable: true isCrossLocationShiftRequestApprovalRequired: type: boolean description: Indicates whether approval is required by a manager of this schedule for cross location shift requests. @@ -43284,6 +43708,8 @@ components: properties: capabilityType: $ref: '#/components/schemas/microsoft.graph.cloudPcDisasterRecoveryCapabilityType' + licenseType: + $ref: '#/components/schemas/microsoft.graph.cloudPcDisasterRecoveryLicenseType' primaryRegion: type: string description: The primary and mainly used region where the Cloud PC is located. @@ -43395,6 +43821,16 @@ components: - poweredOff - unknownFutureValue type: string + microsoft.graph.cloudPcProductType: + title: cloudPcProductType + enum: + - enterprise + - frontline + - devBox + - powerAutomate + - business + - unknownFutureValue + type: string microsoft.graph.cloudPcProvisioningType: title: cloudPcProvisioningType enum: @@ -47464,6 +47900,22 @@ components: nullable: true additionalProperties: type: object + microsoft.graph.exchangeSettings: + allOf: + - $ref: '#/components/schemas/microsoft.graph.entity' + - title: exchangeSettings + type: object + properties: + inPlaceArchiveMailboxId: + type: string + description: The unique identifier for the user's in-place archive mailbox. + nullable: true + primaryMailboxId: + type: string + description: The unique identifier for the user's primary mailbox. + nullable: true + additionalProperties: + type: object microsoft.graph.userInsightsSettings: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' @@ -51053,7 +51505,7 @@ components: nullable: true contentType: type: string - description: 'The media type of the content attachment. The possible values are: reference: The attachment is a link to another file. Populate the contentURL with the link to the object.forwardedMessageReference: The attachment is a reference to a forwarded message. Populate the content with the original message context.Any contentType that is supported by the Bot Framework''s Attachment object.application/vnd.microsoft.card.codesnippet: A code snippet. application/vnd.microsoft.card.announcement: An announcement header.' + description: 'The media type of the content attachment. The possible values are: reference: The attachment is a link to another file. Populate the contentURL with the link to the object.forwardedMessageReference: The attachment is a reference to a forwarded message. Populate the content with the original message context.Any contentType that is supported by the Bot Framework''s Attachment object.application/vnd.microsoft.card.codesnippet: Either a code snippet or place holder. application/vnd.microsoft.card.announcement: An announcement header. application/vnd.microsoft.card.fluidEmbedCard: A Microsoft Loop component.' nullable: true contentUrl: type: string @@ -51253,6 +51705,13 @@ components: - failback - unknownFutureValue type: string + microsoft.graph.cloudPcDisasterRecoveryLicenseType: + title: cloudPcDisasterRecoveryLicenseType + enum: + - none + - standard + - unknownFutureValue + type: string microsoft.graph.actionState: title: actionState enum: @@ -55326,6 +55785,7 @@ components: - project - driveItem - user + - teamsChannel type: string microsoft.graph.plannerCreationSourceKind: title: plannerCreationSourceKind @@ -56026,6 +56486,10 @@ components: type: string description: The time the entry is recorded. format: date-time + isAtApprovedLocation: + type: boolean + description: Indicates whether this action happens at an approved location. + nullable: true notes: $ref: '#/components/schemas/microsoft.graph.itemBody' additionalProperties: @@ -58038,6 +58502,10 @@ components: type: boolean description: 'If true, the restriction isn''t enforced for SAML applications in Microsoft Entra ID; else, the restriction is enforced for those applications.' nullable: true + isStateSetByMicrosoft: + type: boolean + description: 'If true, Microsoft sets the identifierUriRestriction state. If false, the tenant modifies the identifierUriRestriction state. Read-only.' + readOnly: true restrictForAppsCreatedAfterDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string @@ -61499,6 +61967,12 @@ components: application/json: schema: $ref: '#/components/schemas/microsoft.graph.deviceTemplateCollectionResponse' + microsoft.graph.appRoleAssignmentCollectionResponse: + description: Retrieved collection + content: + application/json: + schema: + $ref: '#/components/schemas/microsoft.graph.appRoleAssignmentCollectionResponse' microsoft.graph.endpointCollectionResponse: description: Retrieved collection content: diff --git a/openApiDocs/v1.0/Identity.DirectoryManagement.yml b/openApiDocs/v1.0/Identity.DirectoryManagement.yml index 8dc7fa2bbc0..6642ccecfae 100644 --- a/openApiDocs/v1.0/Identity.DirectoryManagement.yml +++ b/openApiDocs/v1.0/Identity.DirectoryManagement.yml @@ -1,4 +1,4 @@ -openapi: 3.0.1 +openapi: 3.0.4 info: title: Identity.DirectoryManagement version: v1.0 @@ -1641,7 +1641,7 @@ paths: tags: - contacts.orgContact.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 @@ -1805,7 +1805,7 @@ paths: tags: - contacts.orgContact.Actions summary: Invoke action getMemberObjects - description: 'Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.' + description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 @@ -2916,7 +2916,7 @@ paths: tags: - contracts.contract.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 @@ -3080,7 +3080,7 @@ paths: tags: - contracts.contract.Actions summary: Invoke action getMemberObjects - description: 'Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.' + description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 @@ -4339,7 +4339,7 @@ paths: tags: - devices.device.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 @@ -4503,7 +4503,7 @@ paths: tags: - devices.device.Actions summary: Invoke action getMemberObjects - description: 'Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.' + description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 @@ -10241,7 +10241,7 @@ paths: tags: - directory.directoryObject summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 @@ -10449,7 +10449,7 @@ paths: tags: - directory.directoryObject summary: Invoke action getMemberObjects - description: 'Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.' + description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 @@ -13566,7 +13566,7 @@ paths: tags: - directoryRoles.directoryRole.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 @@ -13730,7 +13730,7 @@ paths: tags: - directoryRoles.directoryRole.Actions summary: Invoke action getMemberObjects - description: 'Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.' + description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 @@ -14575,7 +14575,7 @@ paths: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 @@ -14739,7 +14739,7 @@ paths: tags: - directoryRoleTemplates.directoryRoleTemplate.Actions summary: Invoke action getMemberObjects - description: 'Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.' + description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 @@ -16374,10 +16374,10 @@ paths: tags: - organization.organization summary: Get organization - description: 'Get the properties and relationships of the currently authenticated organization. Since the organization resource supports extensions, you can also use the GET operation to get custom properties and extension data in an organization instance.' + description: Read properties and relationships of the organization object. externalDocs: description: Find more info here - url: https://learn.microsoft.com/graph/api/organization-get?view=graph-rest-1.0 + url: https://learn.microsoft.com/graph/api/intune-onboarding-organization-get?view=graph-rest-1.0 operationId: organization_GetOrganization parameters: - name: organization-id @@ -16422,10 +16422,10 @@ paths: tags: - organization.organization summary: Update organization - description: Update the properties of a organization object. + description: 'Update the properties of the currently authenticated organization. In this case, organization is defined as a collection of exactly one record, and so its ID must be specified in the request. The ID is also known as the tenantId of the organization.' externalDocs: description: Find more info here - url: https://learn.microsoft.com/graph/api/intune-onboarding-organization-update?view=graph-rest-1.0 + url: https://learn.microsoft.com/graph/api/organization-update?view=graph-rest-1.0 operationId: organization_UpdateOrganization parameters: - name: organization-id @@ -17625,11 +17625,11 @@ paths: get: tags: - organization.organizationalBranding - summary: Get organizationalBranding - description: 'Retrieve the default organizational branding object, if the Accept-Language header is set to 0 or default. If no default organizational branding object exists, this method returns a 404 Not Found error. If the Accept-Language header is set to an existing locale identified by the value of its id, this method retrieves the branding for the specified locale. This method retrieves only non-Stream properties, for example, usernameHintText and signInPageText. To retrieve Stream types of the default branding, for example, bannerLogo and backgroundImage, use the GET organizationalBrandingLocalization method.' + summary: Get organizationalBrandingLocalization + description: 'Read the properties and relationships of an organizationalBrandingLocalization object. To retrieve a localization branding object, specify the value of id in the URL.' externalDocs: description: Find more info here - url: https://learn.microsoft.com/graph/api/organizationalbranding-get?view=graph-rest-1.0 + url: https://learn.microsoft.com/graph/api/organizationalbrandinglocalization-get?view=graph-rest-1.0 operationId: organization.branding_GetLocalizationsBannerLogo parameters: - name: organization-id @@ -19062,7 +19062,7 @@ paths: tags: - organization.organization.Actions summary: Invoke action checkMemberGroups - description: 'Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.' + description: "Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-checkmembergroups?view=graph-rest-1.0 @@ -19226,7 +19226,7 @@ paths: tags: - organization.organization.Actions summary: Invoke action getMemberObjects - description: 'Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.' + description: "Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:\n- user\n- group\n- service principal\n- organizational contact\n- device\n- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles." externalDocs: description: Find more info here url: https://learn.microsoft.com/graph/api/directoryobject-getmemberobjects?view=graph-rest-1.0 @@ -19671,6 +19671,64 @@ paths: default: $ref: '#/components/responses/error' x-ms-docs-operation-type: operation + '/tenantRelationships/microsoft.graph.findTenantInformationByDomainName(domainName=''{domainName}'')': + get: + tags: + - tenantRelationships.tenantRelationship.Functions + summary: Invoke function findTenantInformationByDomainName + description: 'Given a domain name, search for a tenant and read its tenantInformation. You can use this API to validate tenant information and use the tenantId to configure cross-tenant access settings between you and the tenant.' + externalDocs: + description: Find more info here + url: https://learn.microsoft.com/graph/api/tenantrelationship-findtenantinformationbydomainname?view=graph-rest-1.0 + operationId: tenantRelationship_findTenantInformationGraphBPreDomainName + parameters: + - name: domainName + in: path + description: 'Usage: domainName=''{domainName}''' + required: true + style: simple + schema: + type: string + nullable: true + responses: + 2XX: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/microsoft.graph.tenantInformation' + default: + $ref: '#/components/responses/error' + x-ms-docs-operation-type: function + '/tenantRelationships/microsoft.graph.findTenantInformationByTenantId(tenantId=''{tenantId}'')': + get: + tags: + - tenantRelationships.tenantRelationship.Functions + summary: Invoke function findTenantInformationByTenantId + description: 'Given a tenant ID, search for a tenant and read its tenantInformation. You can use this API to validate tenant information and use the tenantId to configure cross-tenant cross-tenant access settings between you and the tenant.' + externalDocs: + description: Find more info here + url: https://learn.microsoft.com/graph/api/tenantrelationship-findtenantinformationbytenantid?view=graph-rest-1.0 + operationId: tenantRelationship_findTenantInformationGraphBPreTenantId + parameters: + - name: tenantId + in: path + description: 'Usage: tenantId=''{tenantId}''' + required: true + style: simple + schema: + type: string + nullable: true + responses: + 2XX: + description: Success + content: + application/json: + schema: + $ref: '#/components/schemas/microsoft.graph.tenantInformation' + default: + $ref: '#/components/responses/error' + x-ms-docs-operation-type: function '/users/{user-id}/scopedRoleMemberOf': get: tags: @@ -20319,7 +20377,7 @@ components: type: array items: type: string - description: 'A list of other email addresses for the user; for example: [''bob@contoso.com'', ''Robert@fabrikam.com'']. NOTE: This property can''t contain accent characters. Returned only on $select. Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0).' + description: 'A list of other email addresses for the user; for example: [''bob@contoso.com'', ''Robert@fabrikam.com'']. Can store up to 250 values, each with a limit of 250 characters. NOTE: This property can''t contain accent characters. Returned only on $select. Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0).' passwordPolicies: type: string description: 'Specifies password policies for the user. This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two might be specified together; for example: DisablePasswordExpiration, DisableStrongPassword. Returned only on $select. For more information on the default password policies, see Microsoft Entra password policies. Supports $filter (ne, not, and eq on null values).' @@ -22412,6 +22470,27 @@ components: description: A list of all subscription IDs associated with this SKU. additionalProperties: type: object + microsoft.graph.tenantInformation: + title: tenantInformation + type: object + properties: + defaultDomainName: + type: string + description: Primary domain name of a Microsoft Entra tenant. + nullable: true + displayName: + type: string + description: Display name of a Microsoft Entra tenant. + nullable: true + federationBrandName: + type: string + description: Name shown to users that sign in to a Microsoft Entra tenant. + nullable: true + tenantId: + type: string + description: Unique identifier of a Microsoft Entra tenant. + additionalProperties: + type: object microsoft.graph.entity: title: entity type: object @@ -24855,7 +24934,7 @@ components: properties: locale: type: string - description: 'Represents the location that a user selected in Microsoft Teams and doesn''t follow the Office''s locale setting. A user’s locale is represented by their preferred language and country or region. For example, en-us. The language component follows two-letter codes as defined in ISO 639-1, and the country component follows two-letter codes as defined in ISO 3166-1 alpha-2.' + description: 'Represents the location that a user selected in Microsoft Teams and doesn''t follow the Office''s locale setting. A user''s locale is represented by their preferred language and country or region. For example, en-us. The language component follows two-letter codes as defined in ISO 639-1, and the country component follows two-letter codes as defined in ISO 3166-1 alpha-2.' nullable: true region: type: string @@ -25525,7 +25604,7 @@ components: readOnly: true isPublisherAttested: type: boolean - description: Indicates whether the application has been self-attested by the application developer or the publisher. + description: Indicates whether the application developer or publisher completed Publisher Attestation. nullable: true lastCertificationDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' @@ -28662,6 +28741,7 @@ components: items: type: string nullable: true + description: The IDs for the workforce integrations associated with this schedule. offerShiftRequests: type: array items: @@ -28999,7 +29079,7 @@ components: description: 'Apple bulk enrollment without user challenge. (DEP, Apple Configurator, Mobile Config)' name: appleBulkWithoutUser - value: windowsAzureADJoin - description: Windows 10 Azure AD Join. + description: Windows 10 Entra ID (Azure AD) Join. name: windowsAzureADJoin - value: windowsBulkUserless description: Windows 10 Bulk enrollment through ICD with certificate. @@ -29008,19 +29088,19 @@ components: description: Windows 10 automatic enrollment. (Add work account) name: windowsAutoEnrollment - value: windowsBulkAzureDomainJoin - description: Windows 10 bulk Azure AD Join. + description: Windows 10 bulk Entra ID (Azure AD) Join. name: windowsBulkAzureDomainJoin - value: windowsCoManagement description: Windows 10 Co-Management triggered by AutoPilot or Group Policy. name: windowsCoManagement - value: windowsAzureADJoinUsingDeviceAuth - description: Windows 10 Azure AD Join using Device Auth. + description: Windows 10 Entra ID (Azure AD) Join using Device Auth. name: windowsAzureADJoinUsingDeviceAuth - value: appleUserEnrollment - description: Device managed by Apple user enrollment + description: Indicates the device is enrolled via Apple User Enrollment with Company Portal. It results in an enrollment with a new partition for managed apps and data and which supports a limited set of management capabilities name: appleUserEnrollment - value: appleUserEnrollmentWithServiceAccount - description: Device managed by Apple user enrollment with service account + description: Indicates the device is enrolled via Apple User Enrollment with Company Portal using a device enrollment manager user. It results in an enrollment with a new partition for managed apps and data and which supports a limited set of management capabilities name: appleUserEnrollmentWithServiceAccount microsoft.graph.deviceHealthAttestationState: title: deviceHealthAttestationState @@ -29306,6 +29386,7 @@ components: - unknown - company - personal + - unknownFutureValue type: string description: Owner type of device. x-ms-enum: @@ -29313,14 +29394,17 @@ components: modelAsString: false values: - value: unknown - description: Unknown. + description: Unknown device owner type. name: unknown - value: company - description: Owned by company. + description: Corporate device owner type. name: company - value: personal - description: Owned by person. + description: Personal device owner type. name: personal + - value: unknownFutureValue + description: Evolvable enumeration sentinel value. Do not use. + name: unknownFutureValue microsoft.graph.managementAgentType: title: managementAgentType enum: @@ -29509,7 +29593,7 @@ components: format: int32 additionalProperties: type: object - description: Device Configuration State for a given device. + description: Support for this Entity is being deprecated starting May 2026 & will no longer be supported. microsoft.graph.deviceLogCollectionResponse: allOf: - $ref: '#/components/schemas/microsoft.graph.entity' @@ -34069,6 +34153,7 @@ components: properties: allowTextOnly: type: boolean + description: Indicates whether only text is allowed in the meeting chat. Optional. nullable: true additionalProperties: type: object