Show / Hide Table of Contents

CloudPC.ReadWrite.All

Allows the app to read and write the properties of Cloud PCs on behalf of the signed-in user.

Graph Methods

Type: A = Application Permission, D = Delegate Permission

Ver Type Method
V1 A,D DELETE /deviceManagement/virtualEndpoint/deviceImages/{id}
V1 D DELETE /deviceManagement/virtualEndpoint/onPremisesConnections/{id}
V1 A,D DELETE /deviceManagement/virtualEndpoint/provisioningPolicies/{id}
V1 A,D DELETE /deviceManagement/virtualEndpoint/userSettings/{id}
V1 A,D DELETE /roleManagement/cloudPC/roleAssignments/{id}
V1 A,D DELETE /roleManagement/deviceManagement/roleDefinitions/{id}
V1 A,D GET /deviceManagement/managedDevices/{managedDeviceId}/getCloudPcRemoteActionResults
V1 A,D GET /deviceManagement/managedDevices/{managedDeviceId}/getCloudPcReviewStatus
V1 A,D GET /deviceManagement/monitoring/alertRecords
V1 A,D GET /deviceManagement/monitoring/alertRecords/{alertRecordId}
V1 A,D GET /deviceManagement/monitoring/alertRecords/getPortalNotifications
V1 A,D GET /deviceManagement/monitoring/alertRules
V1 A,D GET /deviceManagement/monitoring/alertRules/{alertRuleId}
V1 A,D GET /deviceManagement/virtualEndpoint/auditEvents
V1 A,D GET /deviceManagement/virtualEndpoint/auditEvents/{id}
V1 A,D GET /deviceManagement/virtualEndpoint/auditEvents/getAuditActivityTypes
V1 A,D GET /deviceManagement/virtualEndpoint/cloudPCs
V1 A,D GET /deviceManagement/virtualEndpoint/cloudPCs/{id}/getCloudPcConnectivityHistory
V1 A GET /deviceManagement/virtualEndpoint/cloudPCs/{id}/getSupportedCloudPcRemoteActions
V1 D GET /deviceManagement/virtualEndpoint/crossCloudGovernmentOrganizationMapping
V1 A,D GET /deviceManagement/virtualEndpoint/deviceImages
V1 A,D GET /deviceManagement/virtualEndpoint/deviceImages/{id}
V1 A,D GET /deviceManagement/virtualEndpoint/deviceImages/getSourceImages
V1 A,D GET /deviceManagement/virtualEndpoint/externalPartnerSettings
V1 A,D GET /deviceManagement/virtualEndpoint/externalPartnerSettings/{cloudPcExternalPartnerSettingId}
V1 A,D GET /deviceManagement/virtualEndpoint/galleryImages
V1 A,D GET /deviceManagement/virtualEndpoint/galleryImages/{id}
V1 D GET /deviceManagement/virtualEndpoint/getEffectivePermissions
V1 A,D GET /deviceManagement/virtualEndpoint/onPremisesConnections
V1 A,D GET /deviceManagement/virtualEndpoint/onPremisesConnections/{id}
V1 A,D GET /deviceManagement/virtualEndpoint/organizationSettings
V1 A,D GET /deviceManagement/virtualEndpoint/provisioningPolicies
V1 A,D GET /deviceManagement/virtualEndpoint/provisioningPolicies/{id}
V1 A,D GET /deviceManagement/virtualEndpoint/reports/exportJobs/{cloudPcExportJobId}
V1 A,D GET /deviceManagement/virtualEndpoint/reports/getRealTimeRemoteConnectionLatency(cloudPcId='id')
V1 A,D GET /deviceManagement/virtualEndpoint/reports/getRealTimeRemoteConnectionStatus(cloudPcId='id')
V1 A,D GET /deviceManagement/virtualEndpoint/servicePlans
V1 A,D GET /deviceManagement/virtualEndpoint/snapshots
V1 A,D GET /deviceManagement/virtualEndpoint/snapshots/{cloudPcSnapshotId}
V1 A,D GET /deviceManagement/virtualEndpoint/snapshots/getStorageAccounts(subscriptionId='{subscriptionId}')
V1 A,D GET /deviceManagement/virtualEndpoint/snapshots/getSubscriptions
V1 A,D GET /deviceManagement/virtualEndpoint/supportedRegions
V1 A,D GET /deviceManagement/virtualEndpoint/userSettings
V1 A,D GET /deviceManagement/virtualEndpoint/userSettings/{id}
V1 D GET /me/cloudPCs
V1 D GET /me/cloudPCs/{cloudPCId}/getCloudPcLaunchInfo
V1 A,D GET /me/cloudPCs/{id}
V1 A,D GET /roleManagement/cloudPc/roleAssignments
V1 A,D GET /roleManagement/cloudPC/roleAssignments/{id}
V1 A,D GET /roleManagement/cloudPC/roleDefinitions
V1 A,D GET /roleManagement/cloudPC/roleDefinitions/{id}
V1 D GET /tenantRelationships/managedTenants/cloudPcConnections
V1 D GET /tenantRelationships/managedTenants/cloudPcConnections/{cloudPcConnectionId}
V1 D GET /tenantRelationships/managedTenants/cloudPcDevices
V1 D GET /tenantRelationships/managedTenants/cloudPcDevices/{cloudPcDeviceId}
V1 D GET /tenantRelationships/managedTenants/cloudPcsOverview
V1 D GET /tenantRelationships/managedTenants/cloudPcsOverview/{cloudPcOverviewId}
V1 A,D GET /users/{userId}/cloudPCs/{id}
V1 A,D PATCH /deviceManagement/monitoring/alertRules/{alertRuleId}
V1 A,D PATCH /deviceManagement/virtualEndpoint/externalPartnerSettings/{cloudPcExternalPartnerSettingId}
V1 D PATCH /deviceManagement/virtualEndpoint/onPremisesConnections/{id}
V1 A,D PATCH /deviceManagement/virtualEndpoint/organizationSettings
V1 A,D PATCH /deviceManagement/virtualEndpoint/provisioningPolicies/{id}
V1 A,D PATCH /roleManagement/cloudPC/roleAssignments
V1 A,D PATCH /roleManagement/deviceManagement/roleDefinitions/{id}
V1 D POST /deviceManagement/managedDevices/{managedDeviceId}/reprovisionCloudPc
V1 A,D POST /deviceManagement/managedDevices/{managedDeviceId}/resizeCloudPc
V1 A,D POST /deviceManagement/managedDevices/{managedDeviceId}/restoreCloudPc
V1 A,D POST /deviceManagement/managedDevices/{managedDeviceId}/setCloudPcReviewStatus
V1 A,D POST /deviceManagement/managedDevices/bulkReprovisionCloudPc
V1 A,D POST /deviceManagement/managedDevices/bulkRestoreCloudPc
V1 A,D POST /deviceManagement/managedDevices/bulkSetCloudPcReviewStatus
V1 A,D POST /deviceManagement/monitoring/alertRecords/{alertRecordId}/setPortalNotificationAsSent
V1 A,D POST /deviceManagement/monitoring/alertRules
V1 A,D POST /deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/changeUserAccountType
V1 A,D POST /deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/endGracePeriod
V1 A,D POST /deviceManagement/virtualEndpoint/cloudPCs/{id}/restore
V1 A,D POST /deviceManagement/virtualEndpoint/cloudPCs/{id}/retryPartnerAgentInstallation
V1 D POST /deviceManagement/virtualEndpoint/crossCloudGovernmentOrganizationMapping
V1 A,D POST /deviceManagement/virtualEndpoint/deviceImages
V1 A,D POST /deviceManagement/virtualEndpoint/deviceImages/{cloudPcDeviceImageId}/reupload
V1 A,D POST /deviceManagement/virtualEndpoint/externalPartnerSettings
V1 D POST /deviceManagement/virtualEndpoint/onPremisesConnections
V1 D POST /deviceManagement/virtualEndpoint/onPremisesConnections/{id}/runHealthChecks
V1 A,D POST /deviceManagement/virtualEndpoint/onPremisesConnections/{Id}/UpdateAdDomainPassword
V1 A,D POST /deviceManagement/virtualEndpoint/provisioningPolicies
V1 A,D POST /deviceManagement/virtualEndpoint/provisioningPolicies/{id}/assign
V1 A,D POST /deviceManagement/virtualEndpoint/reports/exportJobs
V1 A,D POST /deviceManagement/virtualEndpoint/reports/getDailyAggregatedRemoteConnectionReports
V1 A,D POST /deviceManagement/virtualEndpoint/reports/getRemoteConnectionHistoricalReports
V1 A,D POST /deviceManagement/virtualEndpoint/reports/getSharedUseLicenseUsageReport
V1 A,D POST /deviceManagement/virtualEndpoint/reports/getTotalAggregatedRemoteConnectionReports
V1 A,D POST /deviceManagement/virtualEndpoint/userSettings
V1 A,D POST /deviceManagement/virtualEndpoint/userSettings/{id}/assign
V1 A,D POST /me/cloudPCs/{cloudPCId}/reboot
V1 A,D POST /me/cloudPCs/{cloudPCId}/rename
V1 A,D POST /me/cloudPCs/{cloudPCId}/troubleshoot
V1 A,D POST /me/cloudPCs/{id}/reprovision
V1 A,D POST /roleManagement/cloudPC/roleAssignments
V1 A,D POST /roleManagement/deviceManagement/roleDefinitions
V1 A,D POST /users/{userId}/cloudPCs/{cloudPCId}/reboot
V1 A,D POST /users/{userId}/cloudPCs/{cloudPCId}/rename
V1 A,D POST /users/{userId}/cloudPCs/{cloudPCId}/troubleshoot
V1 A,D POST /users/{userId}/cloudPCs/{id}/reprovision

Delegate Permission

Id 9d77138f-f0e2-47ba-ab33-cd246c8b79d1
Consent Type Admin
Display String Read and write Cloud PCs
Description Allows the app to read and write the properties of Cloud PCs on behalf of the signed-in user.

Application Permission

Id 3b4349e1-8cf5-45a3-95b7-69d1751d3e6a
Display String Read and write Cloud PCs
Description Allows the app to read and write the properties of Cloud PCs, without a signed-in user.

Resources

cloudPC

Property Type Description
aadDeviceId String The Azure Active Directory (Azure AD) device ID of the Cloud PC.
connectivityResult cloudPcConnectivityResult The connectivity health check result of a Cloud PC, including the updated timestamp and whether the Cloud PC is able to be connected or not.
displayName String The display name of the Cloud PC.
gracePeriodEndDateTime DateTimeOffset The date and time when the grace period ends and reprovisioning/deprovisioning happens. Required only if the status is inGracePeriod. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
id String The unique identifier for the Cloud PC. Read-only.
imageDisplayName String Name of the OS image that's on the Cloud PC.
lastLoginResult cloudPcLoginResult The last login result of the Cloud PC. For example, { "time": "2014-01-01T00:00:00Z"}.
lastModifiedDateTime DateTimeOffset The last modified date and time of the Cloud PC. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
lastRemoteActionResult cloudPcRemoteActionResult The last remote action result of the enterprise Cloud PCs. The supported remote actions are: Reboot, Rename, Reprovision, Restore, and Troubleshoot.
managedDeviceId String The Intune device ID of the Cloud PC.
managedDeviceName String The Intune device name of the Cloud PC.
onPremisesConnectionName String The Azure network connection that is applied during the provisioning of Cloud PCs.
osVersion cloudPcOperatingSystem The version of the operating system (OS) to provision on Cloud PCs. Possible values are: windows10, windows11, and unknownFutureValue.
provisioningPolicyId String The provisioning policy ID of the Cloud PC.
provisioningPolicyName String The provisioning policy that is applied during the provisioning of Cloud PCs.
partnerAgentInstallResults cloudPcPartnerAgentInstallResult collection The results of every partner agent's installation status on Cloud PC.
servicePlanId String The service plan ID of the Cloud PC.
servicePlanName String The service plan name of the Cloud PC.
servicePlanType cloudPcServicePlanType The service plan type of the Cloud PC.
status cloudPcStatus The status of the Cloud PC. Possible values are: notProvisioned, provisioning, provisioned, upgrading, inGracePeriod, deprovisioning, failed, restoring.
statusDetails cloudPcStatusDetails The details of the Cloud PC status.
userAccountType cloudPcUserAccountType The account type of the user on provisioned Cloud PCs. Possible values are: standardUser, administrator, and unknownFutureValue.
userPrincipalName String The user principal name (UPN) of the user assigned to the Cloud PC.

cloudPcAuditEvent

Property Type Description
activity String Friendly name of the activity. Optional.
activityDateTime DateTimeOffset The date time in UTC when the activity was performed. Read-only.
activityOperationType cloudPcAuditActivityOperationType The HTTP operation type of the activity. Possible values include create, delete, patch and other. Read-only.
activityResult cloudPcAuditActivityResult The result of the activity. Read-only.
activityType String The type of activity that was performed. Read-only.
actor cloudPcAuditActor Azure AD user and application associated with the audit event. Read-only.
category cloudPcAuditCategory Audit category. Read-only.
componentName String Component name. Read-only.
correlationId String The client request identifier, used to correlate activity within the system. Read-only.
displayName String Event display name. Read-only.
id String Key of the audit entity. Read-only.
resources cloudPcAuditResource collection List of cloudPcAuditResource objects. Read-only.

cloudPcBulkRemoteActionResult

Property Type Description
failedDeviceIds String collection A list of all the Intune managed device IDs that completed the bulk action with a failure.
notFoundDeviceIds String collection A list of all the Intune managed device IDs that were not found when the bulk action was attempted.
notSupportedDeviceIds String collection A list of all the Intune managed device IDs that were identified as unsupported for the bulk action.
successfulDeviceIds String collection A list of all the Intune managed device IDs that completed the bulk action successfully.

cloudPcConnectivityEvent

Property Type Description
eventDateTime DateTimeOffset Indicates the date and time when this event was created. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 appears as 2014-01-01T00:00:00Z.
eventName string Name of the event.
eventResult cloudPcConnectivityEventResult Result of this event. Possible values are: unknown, success, failure, and unknownFutureValue.
eventType cloudPcConnectivityEventType Type of this event. Possible values are: unknown, userConnection, userTroubleshooting, deviceHealthCheck, and unknownFutureValue.
message string Additional message for this event.

cloudPcCrossCloudGovernmentOrganizationMapping

Property Type Description
id String The tenant ID of the GCC tenant in public cloud.
organizationIdsInUSGovCloud String collection The tenant ID in the Azure Government cloud corresponding to the GCC tenant in the public cloud. Currently, 1:1 mappings are supported, so this collection can only contain one tenant ID.

cloudPcDeviceImage

Property Type Description
displayName String The image's display name.
expirationDate Date The date the image became unavailable.
id String Unique identifier for the image resource on the Cloud PC. Read-only.
lastModifiedDateTime DateTimeOffset The data and time that the image was last modified. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. For example, midnight UTC on Jan 1, 2014 appears as '2014-01-01T00:00:00Z'.
operatingSystem String The image's operating system. For example: Windows 10 Enterprise.
osBuildNumber String The image's OS build version. For example: 1909.
osStatus cloudPcDeviceImageOsStatus The OS status of this image. Possible values are: supported, supportedWithWarning, unknownFutureValue.
sourceImageResourceId String The ID of the source image resource on Azure. Required format: "/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}".
status cloudPcDeviceImageStatus The status of the image on Cloud PC. Possible values are: pending, ready, failed.
statusDetails cloudPcDeviceImageStatusDetails The details of the image's status, which indicates why the upload failed, if applicable. Possible values are: internalServerError, sourceImageNotFound, osVersionNotSupported, sourceImageInvalid, and sourceImageNotGeneralized.
version String The image version. For example: 0.0.1, 1.5.13.

cloudPcDomainJoinConfiguration

Property Type Description
onPremisesConnectionId String The Azure network connection ID that matches the virtual network IT admins want the provisioning policy to use when they create Cloud PCs. You can use this property in both domain join types: Azure AD joined or Hybrid Azure AD joined. If you enter an onPremisesConnectionId, leave regionName as empty.
regionName String The supported Azure region where the IT admin wants the provisioning policy to create Cloud PCs. The underlying virtual network will be created and managed by the Windows 365 service. This can only be entered if the IT admin chooses Azure AD joined as the domain join type. If you enter a regionName, leave onPremisesConnectionId as empty.
type cloudPcDomainJoinType Specifies how the provisioned Cloud PC will be joined to Azure AD. If you choose the hybridAzureADJoin type, only provide a value for the **o

cloudPcExportJob

Property Type Description
expirationDateTime DateTimeOffset The date and time when the export job expires.
exportJobStatus cloudPcExportJobStatus The status of the export job. The possible values are: notStarted, inProgress, completed, unknownFutureValue. Read-only.
exportUrl String The storage account URL of the exported report. It can be used to download the file.
filter String The filter applied on the report.
format String The format of the exported report.
id String The unique identifier for the report. Read-only.
reportName cloudPcReportName The report name. The possible values are: remoteConnectionHistoricalReports, dailyAggregatedRemoteConnectionReports, totalAggregatedRemoteConnectionReports, sharedUseLicenseUsageReport, sharedUseLicenseUsageRealTimeReport, or unknownFutureValue.
requestDateTime DateTimeOffset The date and time when the export job was requested.
select String collection The selected columns of the report.

cloudPcExternalPartnerSetting

Property Type Description
enableConnection Boolean Enable or disable the connection to an external partner. If true, an external partner API will accept incoming calls from external partners. Required. Supports $filter (eq).
id String The unique identifier for the Cloud PC external partner setting. Read-only.
lastSyncDateTime DateTimeOffset Last data sync time for this external partner. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'.
partnerId String The external partner ID.
status cloudPcExternalPartnerStatus The status of the connection to the external partner. The possible values are: notAvailable, available, healthy, unhealthy, unknownFutureValue.
statusDetails String Status details message.

cloudPcForensicStorageAccount

Property Type Description
storageAccountId String The ID of the storage account.
storageAccountName String The name of the storage account.

cloudPcGalleryImage

Property Type Description
displayName String The official display name of the gallery image. Read-only.
endDate Date The date in which this image is no longer within long-term support. The Cloud PC will continue to provide short-term support. Read-only.
expirationDate Date The date when the image is no longer available. Read-only.
id String Unique identifier for the gallery image resource on the Cloud PC. Read-only.
offer String The offer name of the gallery image. This value will be passed to Azure to get the image resource. Read-only.
offerDisplayName String The official display offer name of the gallery image. For example, Windows 10 Enterprise + OS Optimizations. Read-only.
publisher String The publisher name of the gallery image. This value will be passed to Azure to get the image resource. Read-only.
recommendedSku String Recommended Cloud PC SKU for this gallery image. Read-only.
sizeInGB Int32 The size of this image in gigabytes. Read-only.
sku String The SKU name of the gallery image. This value will be passed to Azure to get the image resource. Read-only.
skuDisplayName String The official display stock keeping unit (SKU) name of this gallery image. For example, 2004. Read-only.
startDate Date The date when the image becomes available. Read-only.
status cloudPcGalleryImageStatus The status of the gallery image on the Cloud PC. Possible values are: supported, supportedWithWarning, notSupported, unknownFutureValue. Read-only.

cloudPcLaunchInfo

Property Type Description
cloudPcId String The unique identifier of the Cloud PC.
cloudPcLaunchUrl String The connect URL of the Cloud PC.

cloudPcOnPremisesConnection

Property Type Description
adDomainName String The fully qualified domain name (FQDN) of the Active Directory domain you want to join. Optional.
adDomainPassword String The password associated with adDomainUsername.
adDomainUsername String The username of an Active Directory account (user or service account) that has permissions to create computer objects in Active Directory. Required format: [email protected]oso.com. Optional.
alternateResourceUrl String The interface URL of the partner service's resource that links to this Azure network connection. Returned only on $select.
displayName String The display name for the Azure network connection.
healthCheckStatus cloudPcOnPremisesConnectionStatus The status of the most recent health check done on the Azure network connection. For example, if status is passed, the Azure network connection has passed all checks run by the service. Possible values are: pending, running, passed, failed, unknownFutureValue. Read-only.
healthCheckStatusDetails cloudPcOnPremisesConnectionStatusDetails The details of the connection's health checks and the corresponding results. Returned only on $select. For an example that shows how to get the inUse property, see Example 2: Get the selected properties of an Azure network connection, including healthCheckStatusDetails. Read-only.
id String Unique identifier for the Azure network connection. Read-only.
inUse Boolean When true, the Azure network connection is in use. When false, the connection is not in use. You cannot delete a connection that’s in use. Returned only on $select. For an example that shows how to get the inUse property, see Example 2: Get the selected properties of an Azure network connection, including healthCheckStatusDetails. Read-only.
managedBy cloudPcManagementService Specifies which services manage the Azure network connection. Possible values are: windows365, devBox, unknownFutureValue, rpaBox. Note that you must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this evolvable enum: rpaBox. Read-only.
organizationalUnit String The organizational unit (OU) in which the computer account is created. If left null, the OU that’s configured as the default (a well-known computer object container) in your Active Directory domain (OU) is used. Optional.
virtualNetworkLocation String Indicates resource location of the virtual target network. Read-only, computed value.
resourceGroupId String The ID of the target resource group. Required format: /subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}.
subnetId String The ID of the target subnet. Required format: /subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkId}/subnets/{subnetName}.
subscriptionId String The ID of the target Azure subscription that’s associated with your tenant.
subscriptionName String The name of the target Azure subscription. Read-only.
type cloudPcOnPremisesConnectionType Specifies how the provisioned Cloud PC will be joined to Azure Active Directory. Default value is hybridAzureADJoin. Possible values are: azureADJoin, hybridAzureADJoin, unknownFutureValue.
virtualNetworkId String The ID of the target virtual network. Required format: /subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}.

cloudPcOnPremisesConnectionStatusDetails

Property Type Description
startDateTime DateTimeOffset The start time of the connection health check. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
endDateTime DateTimeOffset The end time of the connection health check. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
healthChecks cloudPcOnPremisesConnectionHealthCheck collection All checks that are done on the connection.

cloudPcOrganizationSettings

Property Type Description
enableMEMAutoEnroll Boolean Specifies whether new Cloud PCs will be automatically enrolled in Microsoft Endpoint Manager(MEM). The default value is false.
id String The ID of the organization settings.
osVersion cloudPcOperatingSystem The version of the operating system (OS) to provision on Cloud PCs. The possible values are: windows10, windows11, unknownFutureValue.
userAccountType cloudPcUserAccountType The account type of the user on provisioned Cloud PCs. The possible values are: standardUser, administrator, unknownFutureValue.
windowsSettings cloudPcWindowsSettings Represents the Cloud PC organization settings for a tenant. A tenant has only one **c

cloudPcProvisioningPolicy

Property Type Description
alternateResourceUrl String The URL of the alternate resource that links to this provisioning policy. Read-only.
cloudPcGroupDisplayName String The display name of the Cloud PC group that the Cloud PCs reside in. Read-only.
description String The provisioning policy description.
displayName String The display name for the provisioning policy.
domainJoinConfiguration cloudPcDomainJoinConfiguration Specifies how Cloud PCs will join Azure Active Directory.
gracePeriodInHours Int32 The number of hours to wait before reprovisioning/deprovisioning happens. Read-only.
id String Unique identifier for the Cloud PC provisioning policy. Read-only.
imageDisplayName String The display name for the OS image you’re provisioning.
imageId String The ID of the OS image you want to provision on Cloud PCs. The format for a gallery type image is: {publisher_offer_sku}. Supported values for each of the parameters are as follows:
  • publisher: Microsoftwindowsdesktop.
  • offer: windows-ent-cpc.
  • sku: 21h1-ent-cpc-m365, 21h1-ent-cpc-os, 20h2-ent-cpc-m365, 20h2-ent-cpc-os, 20h1-ent-cpc-m365, 20h1-ent-cpc-os, 19h2-ent-cpc-m365 and 19h2-ent-cpc-os.
imageType cloudPcProvisioningPolicyImageType The type of OS image (custom or gallery) you want to provision on Cloud PCs. Possible values are: gallery, custom.
localAdminEnabled Boolean Indicates whether the local admin option is enabled. If the local admin option is enabled, the end user can be an admin of the Cloud PC device. Read-only.
managedBy cloudPcManagementService Specifies which services manage the Azure network connection. Possible values are: windows365, devBox, unknownFutureValue, rpaBox. Note that you must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this evolvable enum: rpaBox. Read-only.
microsoftManagedDesktop microsoftManagedDesktop The specific settings for the Microsoft Managed Desktop, which enables customers to get a managed device experience for the Cloud PC. Before you can enable Microsoft Managed Desktop, an admin must configure it.
onPremisesConnectionId String The ID of the cloudPcOnPremisesConnection. To ensure that Cloud PCs have network connectivity and that they domain join, choose a connection with a virtual network that’s validated by the Cloud PC service.
windowsSettings cloudPcWindowsSettings Specific Windows settings to configure while creating Cloud PCs for this provisioning policy.

cloudPcProvisioningPolicyAssignment

Property Type Description
id String Unique Identifier for the provisioning policy assignment. Read-only. If target is a user group, then the ID is shown as {policyId}_{groupId}.
target cloudPcManagementAssignmentTarget The assignment target for the provisioning policy. Currently, the only target supported for this policy is a user group. For details, see cloudPcManagementGroupAssignmentTarget.

cloudPcRemoteActionCapability

Property Type Description
actionCapability actionCapability Indicates the state of the supported action capability to perform a Cloud PC remote action. Possible values are: enabled, disabled. Default value is enabled.
actionName cloudPcRemoteActionName The name of the supported Cloud PC remote action. Possible values are: unknown, restart, rename, restore, resize, reprovision, troubleShoot, changeUserAccountType, placeUnderReview. Default value is unknown.

cloudPcRemoteActionResult

Property Type Description
actionName String The specified action. Supported values in the Microsoft Endpoint Manager portal are: Reprovision, Resize, Restore. Supported values in enterprise Cloud PC devices are: Reboot, Rename, Reprovision, Troubleshoot.
actionState actionState State of the action. Possible values are: None, pending, canceled, active, done, failed, notSupported. Read-only.
cloudPcId String The ID of the Cloud PC device on which the remote action is performed. Read-only.
managedDeviceId String The ID of the Intune managed device on which the remote action is performed. Read-only.
startDateTime DateTimeOffset Time the action was initiated. The Timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 appears as '2014-01-01T00:00:00Z'.
lastUpdatedDateTime DateTimeOffset Last update time for action. The Timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 appears as '2014-01-01T00:00:00Z'.
statusDetails cloudPcStatusDetails The details of the Cloud PC status.

cloudPcRestorePointSetting

Property Type Description
frequencyInHours Int32 The time interval in hours to take snapshots (restore points) of a Cloud PC automatically. Possible values are 4, 6, 12, 16, and 24. The default frequency is 12 hours.
userRestoreEnabled Boolean If true, the user has the ability to use snapshots to restore Cloud PCs. If false, non-admin users cannot use snapshots to restore the Cloud PC.

cloudPcReviewStatus

Property Type Description
azureStorageAccountId String The resource ID of the Azure Storage account in which the Cloud PC snapshot is being saved.
azureStorageAccountName String The name of the Azure Storage account in which the Cloud PC snapshot is being saved.
azureStorageContainerName String The name of the container in an Azure Storage account in which the Cloud PC snapshot is being saved.
inReview Boolean True if the Cloud PC is set to in review by the administrator.
restorePointDateTime DateTimeOffset The specific date and time of the Cloud PC snapshot that was taken and saved automatically, when the Cloud PC is set to in review. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 appears as 2014-01-01T00:00:00Z.
reviewStartDateTime DateTimeOffset The specific date and time when the Cloud PC was set to in review. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 appears as 2014-01-01T00:00:00Z.
subscriptionId String The ID of the Azure subscription in which the Cloud PC snapshot is being saved, in GUID format.
subscriptionName String The name of the Azure subscription in which the Cloud PC snapshot is being saved.
userAccessLevel cloudPcUserAccessLevel The access level of the end user on the Cloud PC. Possible values are: unrestricted, restricted.

cloudPcServicePlan

Property Type Description
displayName String The name for the service plan. Read-only.
id String Unique identifier for the service plan. Read-only.
ramInGB Int32 The size of the RAM in GB. Read-only.
storageInGB Int32 The size of the OS Disk in GB. Read-only.
type cloudPcServicePlanType The type of the service plan. Possible values are: enterprise, business, unknownFutureValue. Read-only.
userProfileInGB Int32 The size of the user profile disk in GB. Read-only.
vCpuCount Int32 The number of vCPUs. Read-only.

cloudPcSnapshot

Property Type Description
cloudPcId String The unique identifier for the Cloud PC.
createdDateTime DateTimeOffset The date and time at which the snapshot was taken. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
id String The unique identifier for the snapshot of the Cloud PC device at a specific point in time. Inherited from entity.
lastRestoredDateTime DateTimeOffset The date and time at which the snapshot was last used to restore the Cloud PC device. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
status cloudPcSnapshotStatus The status of the Cloud PC snapshot. The possible values are: ready, unknownFutureValue.

cloudPcSourceDeviceImage

Property Type Description
id String The ID of the source image.
displayName String The display name for the source image.
subscriptionId String The ID of subscription that hosts the source image.
subscriptionDisplayName String The display name of subscription that hosts the source image.

cloudPcSubscription

Property Type Description
subscriptionId String The ID of the subscription.
subscriptionName String The name of the subscription.

cloudPcSupportedRegion

Property Type Description
displayName String The name for the supported region. Read-only.
id String The unique identifier for the supported region. Read-only.
regionGroup cloudPcRegionGroup The geographic group this region belongs to. Multiple regions can belong to one region group. For example, the europeUnion region group contains the Northern Europe and Western Europe regions. A customer can select a region group when provisioning a Cloud PC; however, the Cloud PC will be put under one of the regions under the group based on resource capacity. The region with more quota will be chosen. Possible values are: default, australia, canada, usCentral, usEast, usWest, france, germany, europeUnion, unitedKingdom, japan, asia, india, southAmerica, euap, usGovernment, usGovernmentDOD, unknownFutureValue, norway, switzerland,southKorea. Note that you must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this evolvable enum: norway, switzerland,southKorea. Read-only.
regionStatus cloudPcSupportedRegionStatus The status of the supported region. Possible values are: available, restricted, unavailable, unknownFutureValue. Read-only.
supportedSolution cloudPcManagementService The supported service or solution for the region. The possible values are: windows365, devBox, unknownFutureValue, rpaBox. Note that you must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this evolvable enum: rpaBox. Read-only.

cloudPcUserSetting

Property Type Description
createdDateTime DateTimeOffset The date and time the setting was created. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'. 
displayName String The setting name displayed in the user interface.
id String Unique identifier for the Cloud PC user setting. Read-only.
lastModifiedDateTime DateTimeOffset The last date and time the setting was modified. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'. 
localAdminEnabled Boolean Indicates whether the local admin option is enabled. Default value is false. To enable the local admin option, change the setting to true. If the local admin option is enabled, the end user can be an admin of the Cloud PC device.
restorePointSetting cloudPcRestorePointSetting Defines how frequently a restore point is created that is, a snapshot is taken) for users' provisioned Cloud PCs (default is 12 hours), and whether the user is allowed to restore their own Cloud PCs to a backup made at a specific point in time.
selfServiceEnabled Boolean Indicates whether the self-service option is enabled. Default value is false. To enable the self-service option, change the setting to true. If the self-service option is enabled, the end user is allowed to perform some self-service operations, such as upgrading the Cloud PC through the end user portal.

cloudPcUserSettingAssignment

Property Type Description
id String Unique Identifier for the user setting assignment. Read-only. If target is a user group, the ID has this structure: {policyID}_{groupID}.
target cloudPcManagementAssignmentTarget The assignment target for the user setting. Currently, the only target supported for this user setting is a user group. For details, see cloudPcManagementGroupAssignmentTarget.
createdDateTime DateTimeOffset The date and time this assignment was created. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'.  

cloudPcWindowsSettings

Property Type Description
language String The Windows language/region tag to use for language pack configuration and localization of the Cloud PC. The default value is en-US, which corresponds to English (United States).

alertRecord

Property Type Description
alertImpact microsoft.graph.deviceManagement.alertImpact The impact of the alert event. Consists of a number followed by the aggregation type. For example, 6 affectedCloudPcCount means that 6 Cloud PCs are affected. 12 affectedCloudPcPercentage means 12% of Cloud PCs are affected.
alertRuleId String The corresponding ID of the alert rule.
alertRuleTemplate microsoft.graph.deviceManagement.alertRuleTemplate The rule template of the alert event. The possible values are: cloudPcProvisionScenario, cloudPcImageUploadScenario, cloudPcOnPremiseNetworkConnectionCheckScenario, unknownFutureValue.
detectedDateTime DateTimeOffset The date and time when the alert event was detected. The Timestamp type represents date and time information using ISO 8601 format. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
displayName String The display name of the alert record.
id String The unique identifier for the alert record. Inherited from entity.
lastUpdatedDateTime DateTimeOffset The date and time when the alert record was last updated. The Timestamp type represents date and time information using ISO 8601 format. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
resolvedDateTime DateTimeOffset The date and time when the alert event was resolved. The Timestamp type represents date and time information using ISO 8601 format. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
severity microsoft.graph.deviceManagement.ruleSeverityType The severity of the alert event. The possible values are: unknown, informational, warning, critical, unknownFutureValue.
status microsoft.graph.deviceManagement.alertStatusType The status of the alert record. The possible values are: active, resolved, unknownFutureValue.

alertRule

Property Type Description
alertRuleTemplate microsoft.graph.deviceManagement.alertRuleTemplate The rule template of the alert event. The possible values are: cloudPcProvisionScenario, cloudPcImageUploadScenario, cloudPcOnPremiseNetworkConnectionCheckScenario, unknownFutureValue.
description String The rule description.
displayName String The display name of the rule.
enabled Boolean The status of the rule that indicates whether the rule is enabled or disabled. If true, the rule is enabled; otherwise, the rule is disabled.
id String The unique identifier for the alert rule. Inherited from entity.
isSystemRule Boolean Indicates whether the rule is a system rule. If true, the rule is a system rule; otherwise, the rule is a custom defined rule and can be edited. System rules are built-in and only a few properties can be edited.
notificationChannels microsoft.graph.deviceManagement.notificationChannel collection The notification channels of the rule selected by the user.
severity microsoft.graph.deviceManagement.ruleSeverityType The severity of the rule. The possible values are: unknown, informational, warning, critical, unknownFutureValue.
threshold microsoft.graph.deviceManagement.ruleThreshold The conditions to send alerts. For example, send alert when provisioning has failed for greater than or equal to 6 Cloud PCs.

notificationChannel

Property Type Description
notificationChannelType microsoft.graph.deviceManagement.notificationChannelType The type of the notification channel. The possible values are: portal, email, phoneCall, sms, unknownFutureValue.
notificationReceivers microsoft.graph.deviceManagement.notificationReceiver collection Information about the notification receivers, such as locale and contact information. For example, en-us for locale and [email protected] for contact information.
receivers String collection The contact information about the notification receivers, such as email addresses. For portal notifications, **r

portalNotification

Property Type Description
alertImpact microsoft.graph.deviceManagement.alertImpact The associated alert impact.
alertRecordId String The associated alert record ID.
alertRuleId String The associated alert rule ID.
alertRuleName String The associated alert rule name.
alertRuleTemplate microsoft.graph.deviceManagement.alertRuleTemplate The associated alert rule template. The possible values are: cloudPcProvisionScenario, cloudPcImageUploadScenario, cloudPcOnPremiseNetworkConnectionCheckScenario, unknownFutureValue.
id String The unique identifier for the portal notification.
isPortalNotificationSent Boolean true if the portal notification has already been sent to the user; false otherwise.
severity microsoft.graph.deviceManagement.ruleSeverityType The associated alert rule severity. The possible values are: unknown, informational, warning, critical, unknownFutureValue.

ruleThreshold

Property Type Description
aggregation microsoft.graph.deviceManagement.aggregationType Indicates the built-in aggregation methods. The possible values are: count, percentage, affectedCloudPcCount, affectedCloudPcPercentage, unknownFutureValue.
operator microsoft.graph.deviceManagement.operatorType Indicates the built-in operator. The possible values are: greaterOrEqual, equal, greater, less, lessOrEqual, notEqual, unknownFutureValue.
target Int32 The target threshold value.

cloudPcConnection

Property Type Description
displayName String The display name of the cloud PC connection. Required. Read-only.
healthCheckStatus String The health status of the cloud PC connection. Possible values are: pending, running, passed, failed, unknownFutureValue. Required. Read-only.
id String The unique identifier for the cloud PC connection. Required. Read-only.
lastRefreshedDateTime DateTimeOffset Date and time the entity was last updated in the multi-tenant management platform. Required. Read-only.
tenantDisplayName String The display name for the managed tenant. Required. Read-only.
tenantId String The Azure Active Directory tenant identifier for the managed tenant. Required. Read-only.

cloudPcDevice

Property Type Description
cloudPcStatus String The status of the cloud PC. Possible values are: notProvisioned, provisioning, provisioned, upgrading, inGracePeriod, deprovisioning, failed. Required. Read-only.
deviceSpecification String The specification of the cloud PC device. Required. Read-only.
displayName String The display name of the cloud PC device. Required. Read-only.
id String The unique identifier of the cloud PC device. Required. Read-only.
lastRefreshedDateTime DateTimeOffset Date and time the entity was last updated in the multi-tenant management platform. Required. Read-only.
managedDeviceId String The managed device identifier of the cloud PC device. Optional. Read-only.
managedDeviceName String The managed device display name of the cloud PC device. Optional. Read-only.
provisioningPolicyId String The provisioning policy identifier for the cloud PC device. Required. Read-only.
servicePlanName String The service plan name of the cloud PC device. Required. Read-only.
servicePlanType String The service plan type of the cloud PC device. Required. Read-only.
tenantDisplayName String The display name for the managed tenant. Required. Read-only.
tenantId String The Azure Active Directory tenant identifier for the managed tenant. Required. Read-only.
userPrincipalName String The user principal name (UPN) of the user assigned to the cloud PC device. Required. Read-only.

cloudPcOverview

Property Type Description
id String The unique identifier for the cloud PC overview. Required. Read-only.
lastRefreshedDateTime DateTimeOffset Date and time the entity was last updated in the multi-tenant management platform. Optional. Read-only.
numberOfCloudPcConnectionStatusFailed Int32 The number of cloud PC connections that have a status of failed. Optional. Read-only.
numberOfCloudPcConnectionStatusPassed Int32 The number of cloud PC connections that have a status of passed. Optional. Read-only.
numberOfCloudPcConnectionStatusPending Int32 The number of cloud PC connections that have a status of pending. Optional. Read-only.
numberOfCloudPcConnectionStatusRunning Int32 The number of cloud PC connections that have a status of running. Optional. Read-only.
numberOfCloudPcConnectionStatusUnkownFutureValue Int32 The number of cloud PC connections that have a status of unknownFutureValue. Optional. Read-only.
numberOfCloudPcStatusDeprovisioning Int32 The number of cloud PCs that have a status of deprovisioning. Optional. Read-only.
numberOfCloudPcStatusFailed Int32 The number of cloud PCs that have a status of failed. Optional. Read-only.
numberOfCloudPcStatusInGracePeriod Int32 The number of cloud PCs that have a status of inGracePeriod. Optional. Read-only.
numberOfCloudPcStatusNotProvisioned Int32 The number of cloud PCs that have a status of notProvisioned. Optional. Read-only.
numberOfCloudPcStatusProvisioned Int32 The number of cloud PCs that have a status of provisioned. Optional. Read-only.
numberOfCloudPcStatusProvisioning Int32 The number of cloud PCs that have a status of provisioning. Optional. Read-only.
numberOfCloudPcStatusUnknown Int32 The number of cloud PCs that have a status of unknown. Optional. Read-only.
numberOfCloudPcStatusUpgrading Int32 The number of cloud PCs that have a status of upgrading. Optional. Read-only.
tenantDisplayName String The display name for the managed tenant. Optional. Read-only.
totalBusinessLicenses Int32 The total number of cloud PC devices that have the Business SKU. Optional. Read-only.
totalCloudPcConnectionStatus Int32 The total number of cloud PC connection statuses for the given managed tenant. Optional. Read-only.
totalCloudPcStatus Int32 The total number of cloud PC statues for the given managed tenant. Optional. Read-only.
totalEnterpriseLicenses Int32 The total number of cloud PC devices that have the Enterprise SKU. Optional. Read-only.

unifiedRoleAssignment

Property Type Description
appScopeId String Identifier of the app-specific scope when the assignment scope is app-specific. Either this property or directoryScopeId is required. App scopes are scopes that are defined and understood by this application only. Use / for tenant-wide app scopes. Use directoryScopeId to limit the scope to particular directory objects, for example, administrative units. Supports $filter (eq, in).
directoryScopeId String Identifier of the directory object representing the scope of the assignment. Either this property or appScopeId is required. The scope of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. Use appScopeId to limit the scope to an application only. Supports $filter (eq, in).
id String The unique identifier for the role assignment. Key, not nullable, Read-only. Inherited from entity.
roleDefinitionId String Identifier of the role definition the assignment is for. Read only. Supports $filter (eq, in).
principalId String Identifier of the principal to which the assignment is granted. Supports $filter (eq, in).

unifiedRoleAssignmentMultiple

Property Type Description
appScopeIds String collection Ids of the app specific scopes when the assignment scopes are app specific. The scopes of an assignment determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. App scopes are scopes that are defined and understood by this application only.
description String Description of the role assignment.
directoryScopeIds String collection Ids of the directory objects representing the scopes of the assignment. The scopes of an assignment determine the set of resources for which the principals have been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. App scopes are scopes that are defined and understood by this application only.
displayName String Name of the role assignment. Required.
id String The unique identifier for the unifiedRoleAssignmentMultiple. Key, not nullable, Read-only.
roleDefinitionId String Identifier of the unifiedRoleDefinition the assignment is for.
principalIds String collection Identifiers of the principals to which the assignment is granted. Supports $filter (any operator only).

unifiedRoleDefinition

Property Type Description
description String The description for the unifiedRoleDefinition. Read-only when isBuiltIn is true.
displayName String The display name for the unifiedRoleDefinition. Read-only when isBuiltIn is true. Required. Supports $filter (eq, in).
id String The unique identifier for the role definition. Key, not nullable, Read-only. Inherited from entity. Supports $filter (eq, in).
isBuiltIn Boolean Flag indicating whether the role definition is part of the default set included in Azure Active Directory (Azure AD) or a custom definition. Read-only. Supports $filter (eq, in).
isEnabled Boolean Flag indicating whether the role is enabled for assignment. If false the role is not available for assignment. Read-only when isBuiltIn is true.
resourceScopes String collection List of the scopes or permissions the role definition applies to. Currently only / is supported. Read-only when isBuiltIn is true. DO NOT USE. This will be deprecated soon. Attach scope to role assignment.
rolePermissions unifiedRolePermission collection List of permissions included in the role. Read-only when isBuiltIn is true. Required.
templateId String Custom template identifier that can be set when isBuiltIn is false but is read-only when isBuiltIn is true. This identifier is typically used if one needs an identifier to be the same across different directories.
version String Indicates version of the role definition. Read-only when **i

unifiedRolePermission

Property Type Description
allowedResourceActions String collection Set of tasks that can be performed on a resource. Required.
condition String Optional constraints that must be met for the permission to be effective. Not supported for custom roles.
excludedResourceActions String collection Set of tasks that may not be performed on a resource. Not yet supported.
In This Article
Back to top Created by merill | Submit feedback