User.Read.All
Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.
Merill's Note
For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the
User.Read.Allpermission.If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the
Export-MsIdAppConsentGrantReportcommand. See How To: Run a quick OAuth app audit of your tenant
| Category | Application | Delegated |
|---|---|---|
| Identifier | df021288-bdef-4463-88db-98f22de89214 | a154be20-db9c-4678-8ab7-66f6cc099a59 |
| DisplayText | Read all users' full profiles | Read all users' full profiles |
| Description | Allows the app to read user profiles without a signed in user. | Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user. |
| AdminConsentRequired | Yes | Yes |
Graph Methods
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods | |
|---|---|
User.Export.All and User.Read.All |
|
User.Read.All and Group.Read.All ▪️ User.Read.All and GroupMember.Read.All |
|
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods | |
|---|---|
User.Export.All and User.Read.All |
|
User.Read.All and Group.Read.All ▪️ User.Read.All and GroupMember.Read.All |
|
Group.Read.All and User.Read.All |
|
Group.Read.All and User.Read.All |
|
→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)
| Commands | |
|---|---|
User.Read.All and Group.Read.All ▪️ User.Read.All and GroupMember.Read.All |
|
User.Export.All and User.Read.All |
|
→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)
| Commands | |
|---|---|
User.Read.All and Group.Read.All ▪️ User.Read.All and GroupMember.Read.All |
|
User.Export.All and User.Read.All |
|
Group.Read.All and User.Read.All |
|
Resources
Granting this permission allows the calling application to access (and/or update) the following information in your tenant.
- administrativeUnit
- aiInteraction
- alert
- application
- appRoleAssignment
- approvalItem
- basetask
- basetasklist
- callRecording
- callRecord
- callTranscript
- certificateAuthorityDetail
- certificateBasedAuthPki
- channel
- chat
- chatMessage
- usageRight
- contact
- conversation
- conversationMember
- convertIdResult
- dataPolicyOperation
- device
- directory
- directoryObject
- directoryRole
- driveItem
- educationalActivity
- emailAddress
- entity
- evaluateDynamicMembershipResult
- event
- exchangeSettings
- externalUserProfile
- group
- inferenceData
- insightsSettings
- itemAddress
- itemBody
- itemEmail
- itemFacet
- itemPatent
- itemPhone
- itemPublication
- languageProficiency
- licenseDetails
- List
- localeInfo
- message
- offerShiftRequest
- onlineMeeting
- openShiftChangeRequest
- opentypeextension
- organization
- organizationalBranding
- organizationalBrandingLocalization
- orgContact
- pendingExternalUserProfile
- personAnniversary
- personAnnotation
- personAward
- personCertification
- personInterest
- personName
- personResponsibility
- personWebsite
- post
- presence
- printer
- printTaskDefinition
- profile
- profilePhoto
- projectParticipation
- regionalAndLanguageSettings
- servicePrincipal
- shift
- shiftPreferences
- skillProficiency
- subscription
- swapShiftsChangeRequest
- team
- teamsLicensingDetails
- timeOffRequest
- timeZoneInformation
- todoTask
- todoTaskList
- usageRight
- user
- userAccountInformation
- userSettings
- virtualEventTownhall
- virtualEventWebinar
- webAccount
- workPosition
- yomiPersonName
Graph reference: administrativeUnit
| Property | Type | Description |
|---|---|---|
| description | String | An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search. |
| displayName | String | Display name for the administrative unit. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. |
| id | String | Unique identifier for the administrative unit. Read-only. Supports $filter (eq). |
| isMemberManagementRestricted | Boolean | true if members of this administrative unit should be treated as sensitive, which requires specific permissions to manage. If not set, the default value is null and the default behavior is false. Use this property to define administrative units with roles that don't inherit from tenant-level administrators, and where the management of individual member objects is limited to administrators scoped to a restricted management administrative unit. This property is immutable and can't be changed later. For more information on how to work with restricted management administrative units, see Restricted management administrative units in Microsoft Entra ID. |
| membershipRule | String | The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic administrative units and dynamic groups, see Manage rules for dynamic membership groups in Microsoft Entra ID. |
| membershipRuleProcessingState | String | Controls whether the dynamic membership rule is actively processed. Set to On to activate the dynamic membership rule, or Paused to stop updating membership dynamically. |
| membershipType | String | Indicates the membership type for the administrative unit. The possible values are: dynamic, assigned. If not set, the default value is null and the default behavior is assigned. |
| visibility | String | Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership. If not set, the default value is null and the default behavior is public. When set to HiddenMembership, only members of the administrative unit can list other members of the administrative unit. |
Graph reference: aiInteraction
| Property | Type | Description |
|---|---|---|
| appClass | String | The data source for Copilot data. For example, IPM.SkypeTeams.Message.Copilot.Excel or IPM.SkypeTeams.Message.Copilot.Loop. |
| attachments | aiInteractionAttachment collection | The collection of documents attached to the interaction, such as cards and images. |
| body | itemBody | The body of the message, including the text of the body and its body type. |
| contexts | aiInteractionContext collection | The identifer that maps to all contexts associated with an interaction. |
| conversationType | String | The type of the conversation. For example, appchat or bizchat. |
| createdDateTime | DateTime | The time when the interaction was created. |
| etag | String | The timestamp of when the interaction was last modified. |
| from | identitySet | The user, application, or device that is associated with this interaction. |
| id | String | The identifier for the message. |
| interactionType | aiInteractionType | Indicates whether the interaction is a prompt or a Copilot response. Possible values are userPrompt, aiResponse, unknownFutureValue. |
| links | aiInteractionLink collection | The collection of links that appear in the interaction. |
| locale | String | The locale of the sender. |
| mentions | aiInteractionMention collection | The collection of the entities that were mentioned in the interaction, including users, bots, and so on. |
| requestId | String | The identifier that groups a user prompt with its Copilot response. |
| sessionId | String | The thread ID or conversation identifier that maps to all Copilot sessions for the user. |
Graph reference: alert
| Property | Type | Description |
|---|---|---|
| activityGroupName | String | Name or alias of the activity group (attacker) this alert is attributed to. |
| assignedTo | String | Name of the analyst the alert is assigned to for triage, investigation, or remediation (supports update). |
| azureSubscriptionId | String | Azure subscription ID, present if this alert is related to an Azure resource. |
| azureTenantId | String | Microsoft Entra tenant ID. Required. |
| category | String | Category of the alert (for example, credentialTheft, ransomware). |
| closedDateTime | DateTimeOffset | Time at which the alert was closed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z (supports update). |
| cloudAppStates | cloudAppSecurityState collection | Security-related stateful information generated by the provider about the cloud application/s related to this alert. |
| comments | String collection | Customer-provided comments on alert (for customer alert management) (supports update). |
| confidence | Int32 | Confidence of the detection logic (percentage between 1-100). |
| createdDateTime | DateTimeOffset | Time at which the alert was created by the alert provider. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Required. |
| description | String | Alert description. |
| detectionIds | String collection | Set of alerts related to this alert entity (each alert is pushed to the SIEM as a separate record). |
| eventDateTime | DateTimeOffset | Time at which the event or events that served as the trigger to generate the alert occurred. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Required. |
| feedback | alertFeedback | Analyst feedback on the alert. Possible values are: unknown, truePositive, falsePositive, benignPositive. Supports update. |
| fileStates | fileSecurityState collection | Security-related stateful information generated by the provider about the file(s) related to this alert. |
| hostStates | hostSecurityState collection | Security-related stateful information generated by the provider about the host(s) related to this alert. |
| id | String | Provider-generated GUID/unique identifier. Read-only. Required. |
| incidentIds | String collection | IDs of incidents related to current alert. |
| lastModifiedDateTime | DateTimeOffset | Time at which the alert entity was last modified. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. |
| malwareStates | malwareState collection | Threat Intelligence pertaining to malware related to this alert. |
| networkConnections | networkConnection collection | Security-related stateful information generated by the provider about the network connection(s) related to this alert. |
| processes | process collection | Security-related stateful information generated by the provider about the process or processes related to this alert. |
| recommendedActions | String collection | Vendor/provider recommended action(s) to take as a result of the alert (for example, isolate machine, enforce2FA, reimage host). |
| registryKeyStates | registryKeyState collection | Security-related stateful information generated by the provider about the registry keys related to this alert. |
| securityResources | securityResource collection | Resources related to current alert. For example, for some alerts this can have the Azure Resource value. |
| severity | alertSeverity | Alert severity - set by vendor/provider. Possible values are: unknown, informational, low, medium, high. Required. |
| sourceMaterials | String collection | Hyperlinks (URIs) to the source material related to the alert, for example, provider's user interface for alerts or log search. |
| status | alertStatus | Alert lifecycle status (stage). Possible values are: unknown, newAlert, inProgress, resolved. (supports update). Required. |
| tags | String collection | User-definable labels that can be applied to an alert and can serve as filter conditions (for example "HVA", "SAW") (supports update). |
| title | String | Alert title. Required. |
| triggers | alertTrigger collection | Security-related information about the specific properties that triggered the alert (properties appearing in the alert). Alerts might contain information about multiple users, hosts, files, ip addresses. This field indicates which properties triggered the alert generation. |
| userStates | userSecurityState collection | Security-related stateful information generated by the provider about the user accounts related to this alert. |
| vendorInformation | securityVendorInformation | Complex type containing details about the security product/service vendor, provider, and subprovider (for example, vendor=Microsoft; provider=Windows Defender ATP; subProvider=AppLocker). Required. |
| vulnerabilityStates | vulnerabilityState collection | Threat intelligence pertaining to one or more vulnerabilities related to this alert. |
Graph reference: application
| Property | Type | Description |
|---|---|---|
| addIns | addIn collection | Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams can set the addIns property for its "FileHandler" functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on. |
| api | apiApplication | Specifies settings for an application that implements a web API. |
| appId | String | The unique identifier for the application that is assigned to an application by Microsoft Entra ID. Not nullable. Read-only. Alternate key. Supports $filter (eq). |
| applicationTemplateId | String | Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the app wasn't created from an application template. |
| appRoles | appRole collection | The collection of roles defined for the application. With app role assignments, these roles can be assigned to users, groups, or service principals associated with other applications. Not nullable. |
| certification | certification | Specifies the certification status of the application. |
| createdDateTime | DateTimeOffset | The date and time the application was registered. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, in, and eq on null values) and $orderby. |
| deletedDateTime | DateTimeOffset | The date and time the application was deleted. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| description | String | Free text field to provide a description of the application object to end users. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. |
| disabledByMicrosoftStatus | String | Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). |
| displayName | String | The display name for the application. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. |
| groupMembershipClaims | String | Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. To set this attribute, use one of the following valid string values: None, SecurityGroup (for security groups and Microsoft Entra roles), All (this gets all of the security groups, distribution groups, and Microsoft Entra directory roles that the signed-in user is a member of). |
| id | String | Unique identifier for the application object. This property is referred to as Object ID in the Microsoft Entra admin center. Inherited from directoryObject. Key. Not nullable. Read-only. Supports $filter (eq, ne, not, in). |
| identifierUris | String collection | Also known as App ID URI, this value is set when an application is used as a resource app. The identifierUris acts as the prefix for the scopes you reference in your API's code, and it must be globally unique across Microsoft Entra ID. For more information on valid identifierUris patterns and best practices, see Microsoft Entra application registration security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). |
| info | informationalUrl | Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values). |
| isDeviceOnlyAuthSupported | Boolean | Specifies whether this application supports device authentication without a user. The default is false. |
| isFallbackPublicClient | Boolean | Specifies the fallback application type as public client, such as an installed application running on a mobile device. The default value is false, which means the fallback application type is confidential client such as a web app. There are certain scenarios where Microsoft Entra ID can't determine the client application type. For example, the ROPC flow where it's configured without specifying a redirect URI. In those cases, Microsoft Entra ID interprets the application type based on the value of this property. |
| keyCredentials | keyCredential collection | The collection of key credentials associated with the application. Not nullable. Supports $filter (eq, not, ge, le). |
| logo | Stream | The main logo for the application. Not nullable. |
| nativeAuthenticationApisEnabled | nativeAuthenticationApisEnabled | Specifies whether the Native Authentication APIs are enabled for the application. The possible values are: none and all. Default is none. For more information, see Native Authentication. |
| notes | String | Notes relevant for the management of the application. |
| oauth2RequiredPostResponse | Boolean | Specifies whether, as part of OAuth 2.0 token requests, Microsoft Entra ID allows POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests are allowed. |
| optionalClaims | optionalClaims | Application developers can configure optional claims in their Microsoft Entra applications to specify the claims that are sent to their application by the Microsoft security token service. For more information, see How to: Provide optional claims to your app. |
| parentalControlSettings | parentalControlSettings | Specifies parental control settings for an application. |
| passwordCredentials | passwordCredential collection | The collection of password credentials associated with the application. Not nullable. |
| publicClient | publicClientApplication | Specifies settings for installed clients such as desktop or mobile devices. |
| publisherDomain | String | The verified publisher domain for the application. Read-only. For more information, see How to: Configure an application's publisher domain. Supports $filter (eq, ne, ge, le, startsWith). |
| requestSignatureVerification | requestSignatureVerification | Specifies whether this application requires Microsoft Entra ID to verify the signed authentication requests. |
| requiredResourceAccess | requiredResourceAccess collection | Specifies the resources that the application needs to access. This property also specifies the set of delegated permissions and application roles that it needs for each of those resources. This configuration of access to the required resources drives the consent experience. No more than 50 resource services (APIs) can be configured. Beginning mid-October 2021, the total number of required permissions must not exceed 400. For more information, see Limits on requested permissions per app. Not nullable. Supports $filter (eq, not, ge, le). |
| samlMetadataUrl | String | The URL where the service exposes SAML metadata for federation. This property is valid only for single-tenant applications. Nullable. |
| serviceManagementReference | String | References application or service contact information from a Service or Asset Management database. Nullable. |
| servicePrincipalLockConfiguration | servicePrincipalLockConfiguration | Specifies whether sensitive properties of a multitenant application should be locked for editing after the application is provisioned in a tenant. Nullable. null by default. |
| signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. The possible values are: AzureADMyOrg (default), AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, and PersonalMicrosoftAccount. See more in the table. The value of this object also limits the number of permissions an app can request. For more information, see Limits on requested permissions per app. The value for this property has implications on other app object properties. As a result, if you change this property, you might need to change other properties first. For more information, see Validation differences for signInAudience. Supports $filter (eq, ne, not). |
| spa | spaApplication | Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and access tokens. |
| tags | String collection | Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here will also appear in the tags property of any associated service principals. Supports $filter (eq, not, ge, le, startsWith) and $search. |
| tokenEncryptionKeyId | String | Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID encrypts all the tokens it emits by using the key this property points to. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. |
| uniqueName | String | The unique identifier that can be assigned to an application and used as an alternate key. Immutable. Read-only. |
| verifiedPublisher | verifiedPublisher | Specifies the verified publisher of the application. For more information about how publisher verification helps support application security, trustworthiness, and compliance, see Publisher verification. |
| web | webApplication | Specifies settings for a web application. |
Graph reference: appRoleAssignment
| Property | Type | Description |
|---|---|---|
| appRoleId | Guid | The identifier (id) for the app role that's assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application hasn't declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create. |
| createdDateTime | DateTimeOffset | The time when the app role assignment was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| deletedDateTime | DateTimeOffset | The date and time when the app role assignment was deleted. Always null for an appRoleAssignment object that hasn't been deleted. Inherited from directoryObject. |
| id | String | A unique identifier for the appRoleAssignment key. Not nullable. Read-only. Supports $filter (eq only). |
| principalDisplayName | String | The display name of the user, group, or service principal that was granted the app role assignment. Maximum length is 256 characters. Read-only. Supports $filter (eq and startswith). |
| principalId | Guid | The unique identifier (id) for the user, security group, or service principal being granted the app role. Security groups with dynamic memberships are supported. Required on create. |
| principalType | String | The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only. |
| resourceDisplayName | String | The display name of the resource app's service principal to which the assignment is made. Maximum length is 256 characters. |
| resourceId | Guid | The unique identifier (**i |
Graph reference: approvalItem
| Property | Type | Description |
|---|---|---|
| allowCancel | Boolean | Indicates whether the approval item can be canceled. |
| allowEmailNotification | Boolean | Indicates whether email notification is enabled. |
| approvalType | approvalItemType | The workflow type of the approval item. The possible values are: basic, basicAwaitAll, custom, customAwaitAll. Required. |
| approvers | approvalIdentitySet collection | The identity of the principals to whom the approval item was initially assigned. Required. |
| completedDateTime | DateTimeOffset | Approval request completion date and time. Read-only. |
| createdDateTime | DateTimeOffset | Creation date and time of the approval request. Read-only. |
| description | String | The description of the approval request. |
| displayName | String | The displayName of the approval request. Required. |
| id | String | The unique id for the approval item. Read-only. |
| owner | approvalIdentitySet | The identity set of the principal who owns the approval item. Only provide a value for this property when creating an approval item on behalf of the principal. If the owner field isn't provided, the user information from the user context is used. |
| responsePrompts | String collection | Approval response prompts. Only provide a value for this property when creating a custom approval item. For custom approval items, supply two response prompt strings. The default response prompts are "Approve" and "Reject". |
| result | String | The result field is only populated once the approval item is in its final state. The result of the approval item is based on the approvalType. For basic approval items, the result is either "Approved" or "Rejected". For custom approval items, the result could either be a single response or multiple responses separated by a semi-colon. Read-only. |
| state | approvalItemState | The approval item state. The possible values are: canceled, created, pending, completed. Read-only. |
| viewPoint | approvalItemViewPoint | Represents user viewpoints data on the ApprovalItem. The data includes the users roles regarding the approval item. Read-only. |
Graph reference: basetask
| Property | Type | Description |
|---|---|---|
| textBody | String | The task body in text format that typically contains information about the task. |
| bodyLastModifiedDateTime | DateTimeOffset | The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
| completedDateTime | DateTimeOffset | The date when the task was finished. |
| createdDateTime | DateTimeOffset | The date and time when the task was created. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
| displayName | String | The name of the task. |
| dueDateTime | dateTimeTimeZone | The date in the specified time zone that the task is to be finished. |
| id | String | Unique identifier for the task. By default, this value will not change if a task is moved from one list to another. |
| importance | importance | The importance of the task. Possible values are: low, normal, high. The possible values are: low, normal, high. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
| viewpoint | taskViewpoint | Properties that are personal to a user such as reminderDateTime and categories. |
| recurrence | patternedRecurrence | The recurrence pattern for the task. |
| startDateTime | dateTimeTimeZone | The date in the specified time zone when the task is to begin. |
| status | taskStatus_v2 | Indicates the state or progress of the task. Possible values are: notStarted, inProgress, completed,unknownFutureValue. |
Graph reference: basetasklist
| Property | Type | Description |
|---|---|---|
| displayName | String | The name of the task list. |
| id | String | The identifier of the task list, unique in the user's mailbox. Read-only. |
Graph reference: callRecording
| Property | Type | Description |
|---|---|---|
| callId | String | The unique identifier for the call that is related to this recording. Read-only. |
| content | Stream | The content of the recording. Read-only. |
| contentCorrelationId | String | The unique identifier that links the transcript with its corresponding recording. Read-only. |
| createdDateTime | DateTimeOffset | Date and time at which the recording was created. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| endDateTime | DateTimeOffset | Date and time at which the recording ends. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| id | String | The unique identifier for the recording. Read-only. Inherited from entity. |
| meetingId | String | The unique identifier of the onlineMeeting related to this recording. Read-only. |
| meetingOrganizer | identitySet | The identity information of the organizer of the onlineMeeting related to this recording. Read-only. |
| recordingContentUrl | String | The URL that can be used to access the content of the recording. Read-only. |
Graph reference: callRecord
| Property | Type | Description |
|---|---|---|
| endDateTime | DateTimeOffset | UTC time when the last user left the call. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| id | String | Unique identifier for the call record. Read-only. |
| joinWebUrl | String | Meeting URL associated to the call. May not be available for a peerToPeer call record type. |
| lastModifiedDateTime | DateTimeOffset | UTC time when the call record was created. The DatetimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| modalities | modality collection | List of all the modalities used in the call. Possible values are: unknown, audio, video, videoBasedScreenSharing, data, screenSharing, unknownFutureValue. |
| startDateTime | DateTimeOffset | UTC time when the first user joined the call. The DatetimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. |
| type | callType | Indicates the type of the call. Possible values are: unknown, groupCall, peerToPeer, unknownFutureValue. |
| version | Int64 | Monotonically increasing version of the call record. Higher version call records with the same id includes additional data compared to the lower version. |
| organizer (deprecated) | identitySet | The organizing party's identity. The organizer property is deprecated and will stop returning data on June 30, 2026. Going forward, use the organizer_v2 relationship. |
| participants (deprecated) | identitySet collection | List of distinct identities involved in the call. Limited to 130 entries. The **p |
Graph reference: callTranscript
| Property | Type | Description |
|---|---|---|
| callId | String | The unique identifier for the call that is related to this transcript. Read-only. |
| content | Stream | The content of the transcript. Read-only. |
| contentCorrelationId | String | The unique identifier that links the transcript with its corresponding recording. Read-only. |
| createdDateTime | DateTimeOffset | Date and time at which the transcript was created. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| endDateTime | DateTimeOffset | Date and time at which the transcription ends. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| id | String | The unique identifier for the transcript. Read-only. |
| meetingId | String | The unique identifier of the online meeting related to this transcript. Read-only. |
| meetingOrganizer | identitySet | The identity information of the organizer of the onlineMeeting related to this transcript. Read-only. |
| metadataContent | Stream | The time-aligned metadata of the utterances in the transcript. Read-only. |
| transcriptContentUrl | String | The URL that can be used to access the content of the transcript. Read-only. |
Graph reference: certificateAuthorityDetail
| Property | Type | Description |
|---|---|---|
| certificate | Binary | The public key of the certificate authority. |
| certificateAuthorityType | certificateAuthorityType | The type of certificate authority. The possible values are: root, intermediate, unknownFutureValue. Supports $filter (eq). |
| certificateRevocationListUrl | String | The URL to check if the certificate is revoked. |
| createdDateTime | DateTimeOffset | The date and time when the certificate authority was created. |
| deletedDateTime | DateTimeOffset | The date and time when the certificate authority was soft deleted. Inherited from base class and null for objects that are not deleted. Inherited from directoryObject. |
| deltacertificateRevocationListUrl | String | The URL to check to find out whether the certificate is revoked. |
| displayName | String | The display name of the certificate authority. |
| expirationDateTime | DateTimeOffset | The date and time when the certificate authority expires. Supports $filter (eq) and $orderby. |
| id | String | The ID of the certificate authority. Inherited from entity. |
| isIssuerHintEnabled | Boolean | Indicates whether the certificate picker presents the certificate authority to the user to use for authentication. Default value is false. Optional. |
| issuer | String | The issuer of the certificate authority. |
| issuerSubjectKeyIdentifier | String | The subject key identifier of certificate authority. |
| thumbprint | String | The thumbprint of certificate authority certificate. Supports $filter (eq, startswith). |
Graph reference: certificateBasedAuthPki
| Property | Type | Description |
|---|---|---|
| deletedDateTime | DateTimeOffset | The date and time when the object was soft deleted. Inherited from base class and null for objects that are not deleted. Inherited from directoryObject. |
| displayName | String | The name of the object. Maximum length is 256 characters. |
| id | String | The ID of the object. Inherited from entity. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the object was created or last modified. |
| status | String | The status of any asynchronous jobs runs on the object which can be upload or delete. |
| statusDetails | String | The status details of the upload/deleted operation of PKI (Public Key Infrastructure). |
Graph reference: channel
| Property | Type | Description |
|---|---|---|
| createdDateTime | dateTimeOffset | Read only. Timestamp at which the channel was created. |
| description | String | Optional textual description for the channel. |
| displayName | String | Channel name as it will appear to the user in Microsoft Teams. The maximum length is 50 characters. |
| String | The email address for sending messages to the channel. Read-only. | |
| id | String | The channel's unique identifier. Read-only. |
| isArchived | Boolean | Indicates whether the channel is archived. Read-only. |
| isFavoriteByDefault | Boolean | Indicates whether the channel should be marked as recommended for all members of the team to show in their channel list. Note: All recommended channels automatically show in the channels list for education and frontline worker users. The property can only be set programmatically via the Create team method. The default value is false. |
| membershipType | channelMembershipType | The type of the channel. Can be set during creation and can't be changed. The possible values are: standard, private, unknownFutureValue, shared. The default value is standard. Use the Prefer: include-unknown-enum-members request header to get the following value in this evolvable enum: shared. |
| tenantId | string | The ID of the Microsoft Entra tenant. |
| webUrl | String | A hyperlink that will go to the channel in Microsoft Teams. This is the URL that you get when you right-click a channel in Microsoft Teams and select Get link to channel. This URL should be treated as an opaque blob, and not parsed. Read-only. |
| summary | channelSummary | Contains summary information about the channel, including number of owners, members, guests, and an indicator for members from other tenants. The **s |
Graph reference: chat
| Property | Type | Description |
|---|---|---|
| chatType | chatType | Specifies the type of chat. Possible values are: group, oneOnOne, meeting, unknownFutureValue. |
| createdDateTime | dateTimeOffset | Date and time at which the chat was created. Read-only. |
| id | String | The chat's unique identifier. Read-only. |
| isHiddenForAllMembers | Boolean | Indicates whether the chat is hidden for all its members. Read-only. |
| lastUpdatedDateTime | dateTimeOffset | Date and time at which the chat was renamed or the list of members was last changed. Read-only. |
| onlineMeetingInfo | teamworkOnlineMeetingInfo | Represents details about an online meeting. If the chat isn't associated with an online meeting, the property is empty. Read-only. |
| tenantId | String | The identifier of the tenant in which the chat was created. Read-only. |
| topic | String | (Optional) Subject or topic for the chat. Only available for group chats. |
| viewpoint | chatViewpoint | Represents caller-specific information about the chat, such as the last message read date and time. This property is populated only when the request is made in a delegated context. |
| webUrl | String | The URL for the chat in Microsoft Teams. The URL should be treated as an opaque blob, and not parsed. Read-only. |
Graph reference: chatMessage
| Property | Type | Description |
|---|---|---|
| attachments | chatMessageAttachment collection | References to attached objects like files, tabs, meetings etc. |
| body | itemBody | Plaintext/HTML representation of the content of the chat message. Representation is specified by the contentType inside the body. The content is always in HTML if the chat message contains a chatMessageMention. |
| chatId | string | If the message was sent in a chat, represents the identity of the chat. |
| channelIdentity | channelIdentity | If the message was sent in a channel, represents identity of the channel. |
| createdDateTime | dateTimeOffset | Timestamp of when the chat message was created. |
| deletedDateTime | dateTimeOffset | Read only. Timestamp at which the chat message was deleted, or null if not deleted. |
| etag | string | Read-only. Version number of the chat message. |
| eventDetail | eventMessageDetail | Read-only. If present, represents details of an event that happened in a chat, a channel, or a team, for example, adding new members. For event messages, the messageType property will be set to systemEventMessage. |
| from | chatMessageFromIdentitySet | Details of the sender of the chat message. Can only be set during migration. |
| id | String | Read-only. Unique ID of the message. IDs are unique within a chat/channel/reply-to-message, but might be duplicated in other chats/channels/reply-to-messages. |
| importance | string | The importance of the chat message. The possible values are: normal, high, urgent. |
| lastModifiedDateTime | dateTimeOffset | Read only. Timestamp when the chat message is created (initial setting) or modified, including when a reaction is added or removed. |
| lastEditedDateTime | dateTimeOffset | Read only. Timestamp when edits to the chat message were made. Triggers an "Edited" flag in the Teams UI. If no edits are made the value is null. |
| locale | string | Locale of the chat message set by the client. Always set to en-us. |
| mentions | chatMessageMention collection | List of entities mentioned in the chat message. Supported entities are: user, bot, team, channel, chat, and tag. |
| messageHistory | chatMessageHistoryItem collection | List of activity history of a message item, including modification time and actions, such as reactionAdded, reactionRemoved, or reaction changes, on the message. |
| messageType | chatMessageType | The type of chat message. The possible values are: message, chatEvent, typing, unknownFutureValue, systemEventMessage. Use the Prefer: include-unknown-enum-members request header to get the following value in this evolvable enum: systemEventMessage. |
| policyViolation | chatMessagePolicyViolation | Defines the properties of a policy violation set by a data loss prevention (DLP) application. |
| reactions | chatMessageReaction collection | Reactions for this chat message (for example, Like). |
| replyToId | string | Read-only. ID of the parent chat message or root chat message of the thread. (Only applies to chat messages in channels, not chats.) |
| subject | string | The subject of the chat message, in plaintext. |
| summary | string | Summary text of the chat message that could be used for push notifications and summary views or fall back views. Only applies to channel chat messages, not chat messages in a chat. |
| webUrl | string | Read-only. Link to the message in Microsoft Teams. |
Graph reference: usageRight
| Property | Type | Description |
|---|---|---|
| id | String | The unique identifier for the usageRight that should be treated as an opaque identifier. Inherited from entity. Not nullable. Read-only. |
| services | microsoft.graph.cloudLicensing.service collection | Information about the services associated with the usageRight. Not nullable. Read-only. Supports $filter on the planId property. |
| skuId | Guid | Unique identifier (GUID) for the service SKU that is equal to the skuId property on the related subscribedSku object. Read-only. Supports $filter. |
| skuPartNumber | String | Unique SKU display name that is equal to the **s |
Graph reference: contact
| Property | Type | Description |
|---|---|---|
| assistantName | String | The name of the contact's assistant. |
| birthday | DateTimeOffset | The contact's birthday. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| businessAddress | PhysicalAddress | The contact's business address. |
| businessHomePage | String | The business home page of the contact. |
| businessPhones | String collection | The contact's business phone numbers. |
| categories | String collection | The categories associated with the contact. |
| changeKey | String | Identifies the version of the contact. Every time the contact is changed, ChangeKey changes as well. This allows Exchange to apply changes to the correct version of the object. |
| children | String collection | The names of the contact's children. |
| companyName | String | The name of the contact's company. |
| createdDateTime | DateTimeOffset | The time the contact was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| department | String | The contact's department. |
| displayName | String | The contact's display name. You can specify the display name in a create or update operation. Note that later updates to other properties may cause an automatically generated value to overwrite the displayName value you have specified. To preserve a pre-existing value, always include it as displayName in an update operation. |
| emailAddresses | EmailAddress collection | The contact's email addresses. |
| fileAs | String | The name the contact is filed under. |
| generation | String | The contact's suffix. |
| givenName | String | The contact's given name. |
| homeAddress | PhysicalAddress | The contact's home address. |
| homePhones | String collection | The contact's home phone numbers. |
| id | String | The contact's unique identifier. !INCLUDE [outlook-beta-id] Read-only. |
| imAddresses | String collection | The contact's instant messaging (IM) addresses. |
| initials | String | The contact's initials. |
| jobTitle | String | The contact’s job title. |
| lastModifiedDateTime | DateTimeOffset | The time the contact was modified. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| manager | String | The name of the contact's manager. |
| middleName | String | The contact's middle name. |
| mobilePhone | String | The contact's mobile phone number. |
| nickName | String | The contact's nickname. |
| officeLocation | String | The location of the contact's office. |
| otherAddress | PhysicalAddress | Other addresses for the contact. |
| parentFolderId | String | The ID of the contact's parent folder. |
| personalNotes | String | The user's notes about the contact. |
| profession | String | The contact's profession. |
| spouseName | String | The name of the contact's spouse/partner. |
| surname | String | The contact's surname. |
| title | String | The contact's title. |
| yomiCompanyName | String | The phonetic Japanese company name of the contact. |
| yomiGivenName | String | The phonetic Japanese given name (first name) of the contact. |
| yomiSurname | String | The phonetic Japanese surname (last name) of the contact. |
Graph reference: conversation
| Property | Type | Description |
|---|---|---|
| hasAttachments | Boolean | Indicates whether any of the posts within this Conversation has at least one attachment. Supports $filter (eq, ne) and $search. |
| id | String | The conversations's unique identifier. Read-only. |
| lastDeliveredDateTime | DateTimeOffset | The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| preview | String | A short summary from the body of the latest post in this conversation. Supports $filter (eq, ne, le, ge). |
| topic | String | The topic of the conversation. This property can be set when the conversation is created, but it cannot be updated. |
| uniqueSenders | String collection | All the users that sent a message to this Conversation. |
Graph reference: conversationMember
| Property | Type | Description |
|---|---|---|
| displayName | string | The display name of the user. |
| id | String | Read-only. Unique ID of the user. |
| roles | string collection | The roles for that user. This property contains more qualifiers only when relevant - for example, if the member has owner privileges, the roles property contains owner as one of the values. Similarly, if the member is an in-tenant guest, the roles property contains guest as one of the values. A basic member shouldn't have any values specified in the roles property. An Out-of-tenant external member is assigned the owner role. |
| visibleHistoryStartDateTime | DateTimeOffset | The timestamp denoting how far back a conversation's history is shared with the conversation member. This property is settable only for members of a chat. |
Graph reference: convertIdResult
| Property | Type | Description |
|---|---|---|
| errorDetails | genericError | An error object indicating the reason for the conversion failure. This value isn't present if the conversion succeeded. |
| sourceId | String | The identifier that was converted. This value is the original, un-converted identifier. |
| targetId | String | The converted identifier. This value isn't present if the conversion failed. |
Graph reference: dataPolicyOperation
| Property | Type | Description |
|---|---|---|
| completedDateTime | DateTimeOffset | Represents when the request for this data policy operation was completed, in UTC time, using the ISO 8601 format. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Null until the operation completes. |
| id | String | Unique key for this operation. |
| status | dataPolicyOperationStatus | Possible values are: notStarted, running, complete, failed, unknownFutureValue. |
| storageLocation | String | The URL location to where data is being exported for export requests. |
| userId | String | The id for the user on whom the operation is performed. |
| submittedDateTime | DateTimeOffset | Represents when the request for this data operation was submitted, in UTC time, using the ISO 8601 format. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| progress | String | Specifies the progress of an operation. |
Graph reference: device
| Property | Type | Description |
|---|---|---|
| accountEnabled | Boolean | true if the account is enabled; otherwise, false. Required. Default is true. Supports $filter (eq, ne, not, in). Only callers with at least the Cloud Device Administrator role can set this property. |
| alternativeSecurityIds | alternativeSecurityId collection | For internal use only. Not nullable. Supports $filter (eq, not, ge, le). |
| approximateLastSignInDateTime | DateTimeOffset | The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null values) and $orderby. |
| complianceExpirationDateTime | DateTimeOffset | The timestamp when the device is no longer deemed compliant. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| deviceCategory | String | User-defined property set by Intune to automatically add devices to groups and simplify managing devices. |
| deviceId | String | Unique identifier set by Azure Device Registration Service at the time of registration. This alternate key can be used to reference the device object. Supports $filter (eq, ne, not, startsWith). |
| deviceMetadata | String | For internal use only. Set to null. |
| deviceOwnership | String | Ownership of the device. Intune sets this property. Possible values are: unknown, company, personal. |
| deviceVersion | Int32 | For internal use only. |
| displayName | String | The display name for the device. Maximum length is 256 characters. Required. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. |
| enrollmentProfileName | String | Enrollment profile applied to the device. For example, Apple Device Enrollment Profile, Device enrollment - Corporate device identifiers, or Windows Autopilot profile name. This property is set by Intune. |
| enrollmentType | String | Enrollment type of the device. Intune sets this property. Possible values are: unknown, userEnrollment, deviceEnrollmentManager, appleBulkWithUser, appleBulkWithoutUser, windowsAzureADJoin, windowsBulkUserless, windowsAutoEnrollment, windowsBulkAzureDomainJoin, windowsCoManagement, windowsAzureADJoinUsingDeviceAuth,appleUserEnrollment, appleUserEnrollmentWithServiceAccount. NOTE: This property might return other values apart from those listed. |
| extensionAttributes | onPremisesExtensionAttributes | Contains extension attributes 1-15 for the device. The individual extension attributes aren't selectable. These properties are mastered in the cloud and can be set during creation or update of a device object in Microsoft Entra ID. Supports $filter (eq, not, startsWith, and eq on null values). |
| id | String | The unique identifier for the device. Inherited from directoryObject. Key, Not nullable. Read-only. Supports $filter (eq, ne, not, in). |
| isCompliant | Boolean | true if the device complies with Mobile Device Management (MDM) policies; otherwise, false. Read-only. This can only be updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). |
| isManaged | Boolean | true if the device is managed by a Mobile Device Management (MDM) app; otherwise, false. This can only be updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). |
| isManagementRestricted | Boolean | Indicates whether the device is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a device that's a member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. |
| isRooted | Boolean | true if the device is rooted or jail-broken. This property can only be updated by Intune. |
| managementType | String | The management channel of the device. This property is set by Intune. Possible values are: eas, mdm, easMdm, intuneClient, easIntuneClient, configurationManagerClient, configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, jamf, googleCloudDevicePolicyController. |
| manufacturer | String | Manufacturer of the device. Read-only. |
| mdmAppId | String | Application identifier used to register device into MDM. Read-only. Supports $filter (eq, ne, not, startsWith). |
| model | String | Model of the device. Read-only. |
| onPremisesLastSyncDateTime | DateTimeOffset | The last time at which the object was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z Read-only. Supports $filter (eq, ne, not, ge, le, in). |
| onPremisesSecurityIdentifier | String | The on-premises security identifier (SID) for the user who was synchronized from on-premises to the cloud. Read-only. Returned only on $select. Supports $filter (eq). |
| onPremisesSyncEnabled | Boolean | true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory (default). Read-only. Supports $filter (eq, ne, not, in, and eq on null values). |
| operatingSystem | String | The type of operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null values). |
| operatingSystemVersion | String | The version of the operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null values). |
| physicalIds | String collection | For internal use only. Not nullable. Supports $filter (eq, not, ge, le, startsWith,/$count eq 0, /$count ne 0). |
| profileType | deviceProfileType | The profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. |
| registrationDateTime | DateTimeOffset | Date and time of when the device was registered. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| systemLabels | String collection | List of labels applied to the device by the system. Supports $filter (/$count eq 0, /$count ne 0). |
| trustType | String | Type of trust for the joined device. Read-only. Possible values: Workplace (indicates *b |
Graph reference: directory
| Property | Type | Description |
|---|---|---|
| id | String | A unique identifier for the object; for example, 12345678-9abc-def0-1234-56789abcde. Key. Not nullable. Read-only. Inherited from entity. |
Graph reference: directoryObject
| Property | Type | Description |
|---|---|---|
| deletedDateTime | DateTimeOffset | Date and time when this object was deleted. Always null when the object hasn't been deleted. |
| id | String | The unique identifier for the object. For example, 12345678-9abc-def0-1234-56789abcde. The value of the **i |
Graph reference: directoryRole
| Property | Type | Description |
|---|---|---|
| description | String | The description for the directory role. Read-only. Supports $filter (eq), $search, $select. |
| displayName | String | The display name for the directory role. Read-only. Supports $filter (eq), $search, $select. |
| id | String | The unique identifier for the directory role. Inherited from directoryObject. Key, Not nullable, Read-only. Supports $filter (eq), $select. |
| roleTemplateId | String | The **i |
Graph reference: driveItem
| Property | Type | Description |
|---|---|---|
| audio | [audio][] | Audio metadata, if the item is an audio file. Read-only. Read-only. Only on OneDrive Personal. |
| bundle | [bundle][] | Bundle metadata, if the item is a bundle. Read-only. |
| content | Stream | The content stream, if the item represents a file. |
| createdBy | [identitySet][] | Identity of the user, device, and application that created the item. Read-only. |
| createdDateTime | DateTimeOffset | Date and time of item creation. Read-only. |
| cTag | String | An eTag for the content of the item. This eTag isn't changed if only the metadata is changed. Note This property isn't returned if the item is a folder. Read-only. |
| deleted | [deleted][] | Information about the deleted state of the item. Read-only. |
| description | String | Provides a user-visible description of the item. Read-write. Only on OneDrive Personal. |
| eTag | String | eTag for the entire item (metadata + content). Read-only. |
| file | [file][] | File metadata, if the item is a file. Read-only. |
| fileSystemInfo | [fileSystemInfo][] | File system information on client. Read-write. |
| folder | [folder][] | Folder metadata, if the item is a folder. Read-only. |
| id | String | The unique identifier of the item within the Drive. Read-only. |
| image | [image][] | Image metadata, if the item is an image. Read-only. |
| lastModifiedBy | [identitySet][] | Identity of the user, device, and application that last modified the item. Read-only. |
| lastModifiedDateTime | DateTimeOffset | Date and time the item was last modified. Read-only. |
| location | [geoCoordinates][] | Location metadata, if the item has location data. Read-only. |
| malware | [malware][] | Malware metadata, if the item was detected to contain malware. Read-only. |
| name | String | The name of the item (filename and extension). Read-write. |
| package | [package][] | If present, indicates that this item is a package instead of a folder or file. Packages are treated like files in some contexts and folders in others. Read-only. |
| parentReference | [itemReference][] | Parent information, if the item has a parent. Read-write. |
| pendingOperations | [pendingOperations][] | If present, indicates that one or more operations that might affect the state of the driveItem are pending completion. Read-only. |
| photo | [photo][] | Photo metadata, if the item is a photo. Read-only. |
| publication | [publicationFacet][] | Provides information about the published or checked-out state of an item, in locations that support such actions. This property isn't returned by default. Read-only. |
| remoteItem | [remoteItem][] | Remote item data, if the item is shared from a drive other than the one being accessed. Read-only. |
| root | [root][] | If this property is non-null, it indicates that the driveItem is the top-most driveItem in the drive. |
| searchResult | [searchResult][] | Search metadata, if the item is from a search result. Read-only. |
| shared | [shared][] | Indicates that the item was shared with others and provides information about the shared state of the item. Read-only. |
| sharepointIds | [sharepointIds][] | Returns identifiers useful for SharePoint REST compatibility. Read-only. |
| size | Int64 | Size of the item in bytes. Read-only. |
| specialFolder | [specialFolder][] | If the current item is also available as a special folder, this facet is returned. Read-only. |
| video | [video][] | Video metadata, if the item is a video. Read-only. |
| webDavUrl | String | WebDAV compatible URL for the item. |
| webUrl | String | URL that displays the resource in the browser. Read-only. |
Graph reference: educationalActivity
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| completionMonthYear | Date | The month and year the user graduated or completed the activity. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| endMonthYear | Date | The month and year the user completed the educational activity referenced. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| institution | institutionData | Contains details of the institution studied at. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| program | educationalActivityDetail | Contains extended information about the program or course. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| startMonthYear | Date | The month and year the user commenced the activity referenced. |
Graph reference: emailAddress
| Property | Type | Description |
|---|---|---|
| address | String | The email address of the person or entity. |
| name | String | The display name of the person or entity. |
Graph reference: entity
| Property | Type | Description |
|---|---|---|
| id | String | The unique identifier for an entity. Read-only. |
Graph reference: evaluateDynamicMembershipResult
| Property | Type | Description |
|---|---|---|
| membershipRule | String | If a group ID is provided, the value is the membership rule for the group. If a group ID isn't provided, the value is the membership rule that was provided as a parameter. For more information, see Dynamic membership rules for groups in Microsoft Entra ID. |
| membershipRuleEvaluationDetails | expressionEvaluationDetails | Provides a detailed analysis of the membership evaluation result. |
| membershipRuleEvaluationResult | Boolean | The value is true if the user or device is a member of the group. The value can also be true if a membership rule was provided and the user or device passes the rule evaluation; otherwise false. |
Graph reference: event
| Property | Type | Description |
|---|---|---|
| allowNewTimeProposals | Boolean | true if the meeting organizer allows invitees to propose a new time when responding; otherwise, false. Optional. The default is true. |
| attendees | Attendee collection | The collection of attendees for the event. |
| body | ItemBody | The body of the message associated with the event. It can be in HTML or text format. |
| bodyPreview | String | The preview of the message associated with the event. It's in text format. |
| cancelledOccurrences | String collection | Contains occurrenceId property values of canceled instances in a recurring series, if the event is the series master. Instances in a recurring series that are canceled are called canceled occurences. Returned only on $select in a Get operation which specifies the ID (seriesMasterId property value) of a series master event. |
| categories | String collection | The categories associated with the event. Each category corresponds to the displayName property of an outlookCategory defined for the user. |
| changeKey | String | Identifies the version of the event object. Every time the event is changed, ChangeKey changes as well. It allows Exchange to apply changes to the correct version of the object. |
| createdDateTime | DateTimeOffset | The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| end | DateTimeTimeZone | The date, time, and time zone that the event ends. By default, the end time is in UTC. |
| hasAttachments | Boolean | Set to true if the event has attachments. |
| hideAttendees | Boolean | When set to true, each attendee only sees themselves in the meeting request and meeting Tracking list. The default is false. |
| iCalUId | String | A unique identifier for an event across calendars. This ID is different for each occurrence in a recurring series. Read-only. |
| id | String | Unique identifier for the event. !INCLUDE [outlook-beta-id] Case-sensitive and read-only. |
| importance | String | The importance of the event. The possible values are: low, normal, high. |
| isAllDay | Boolean | Set to true if the event lasts all day. If true, regardless of whether it's a single-day or multi-day event, start, and endtime must be set to midnight and be in the same time zone. |
| isCancelled | Boolean | Set to true if the event has been canceled. |
| isDraft | Boolean | Set to true if the user has updated the meeting in Outlook but hasn't sent the updates to attendees. Set to false if all changes are sent, or if the event is an appointment without any attendees. |
| isOnlineMeeting | Boolean | True if this event has online meeting information (that is, onlineMeeting points to an onlineMeetingInfo resource), false otherwise. Default is false (onlineMeeting is null). Optional. After you set isOnlineMeeting to true, Microsoft Graph initializes onlineMeeting. Subsequently, Outlook ignores any further changes to isOnlineMeeting, and the meeting remains available online. |
| isOrganizer | Boolean | Set to true if the calendar owner (specified by the owner property of the calendar) is the organizer of the event (specified by the organizer property of the event). It also applies if a delegate organized the event on behalf of the owner. |
| isReminderOn | Boolean | Set to true if an alert is set to remind the user of the event. |
| lastModifiedDateTime | DateTimeOffset | The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| location | Location | The location of the event. |
| locations | Location collection | The locations where the event is held or attended from. The location and locations properties always correspond with each other. If you update the location property, any prior locations in the locations collection are removed and replaced by the new location value. |
| onlineMeeting | OnlineMeetingInfo | Details for an attendee to join the meeting online. The default is null. Read-only. After you set the isOnlineMeeting and onlineMeetingProvider properties to enable a meeting online, Microsoft Graph initializes onlineMeeting. When set, the meeting remains available online, and you can't change the isOnlineMeeting, onlineMeetingProvider, and onlneMeeting properties again. |
| onlineMeetingProvider | onlineMeetingProviderType | Represents the online meeting service provider. By default, onlineMeetingProvider is unknown. The possible values are unknown, teamsForBusiness, skypeForBusiness, and skypeForConsumer. Optional. After you set onlineMeetingProvider, Microsoft Graph initializes onlineMeeting. Subsequently, you can't change onlineMeetingProvider again, and the meeting remains available online. |
| onlineMeetingUrl | String | A URL for an online meeting. The property is set only when an organizer specifies in Outlook that an event is an online meeting such as Skype. Read-only. To access the URL to join an online meeting, use joinUrl which is exposed via the onlineMeeting property of the event. The onlineMeetingUrl property will be deprecated in the future. |
| organizer | Recipient | The organizer of the event. |
| originalEndTimeZone | String | The end time zone that was set when the event was created. A value of tzone://Microsoft/Custom indicates that a legacy custom time zone was set in desktop Outlook. |
| originalStart | DateTimeOffset | Represents the start time of an event when it's initially created as an occurrence or exception in a recurring series. This property is not returned for events that are single instances. Its date and time information is expressed in ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| originalStartTimeZone | String | The start time zone that was set when the event was created. A value of tzone://Microsoft/Custom indicates that a legacy custom time zone was set in desktop Outlook. |
| recurrence | PatternedRecurrence | The recurrence pattern for the event. |
| reminderMinutesBeforeStart | Int32 | The number of minutes before the event start time that the reminder alert occurs. |
| responseRequested | Boolean | Default is true, which represents the organizer would like an invitee to send a response to the event. |
| responseStatus | ResponseStatus | Indicates the type of response sent in response to an event message. |
| sensitivity | String | Possible values are: normal, personal, private, and confidential. |
| seriesMasterId | String | The ID for the recurring series master item, if this event is part of a recurring series. |
| showAs | String | The status to show. Possible values are: free, tentative, busy, oof, workingElsewhere, unknown. |
| start | DateTimeTimeZone | The start date, time, and time zone of the event. By default, the start time is in UTC. |
| subject | String | The text of the event's subject line. |
| transactionId | String | A custom identifier specified by a client app for the server to avoid redundant POST operations in case of client retries to create the same event. It's useful when low network connectivity causes the client to time out before receiving a response from the server for the client's prior create-event request. After you set transactionId when creating an event, you can't change transactionId in a subsequent update. This property is only returned in a response payload if an app has set it. Optional. |
| type | String | The event type. Possible values are: singleInstance, occurrence, exception, seriesMaster. Read-only |
| webLink | String | The URL to open the event in Outlook on the web. Outlook on the web opens the event in the browser if you are signed in to your mailbox. Otherwise, Outlook on the web prompts you to sign in. This URL can't be accessed from within an iFrame. |
Graph reference: exchangeSettings
| Property | Type | Description |
|---|---|---|
| primaryMailboxId | String | The unique identifier for the user's primary mailbox. |
Graph reference: externalUserProfile
| Property | Type | Description |
|---|---|---|
| address | physicalOfficeAddress | The office address of the external user profile. Inherited from externalProfile. |
| createdBy | String | The object ID of the user who created the external user profile. Inherited from externalProfile. Read-only. Not nullable. |
| createdDateTime | DateTimeOffset | Date and time when this external user was created. Inherited from externalProfile. Not nullable. Read-only. |
| companyName | String | The company name of the external user profile. Inherited from externalProfile. Supports $filter (eq, startswith). |
| deletedDateTime | DateTimeOffset | Date and time when this external user profile was deleted. Always null when the object isn't deleted. Inherited from externalProfile. |
| department | String | The department of the external user profile. Inherited from externalProfile. |
| displayName | String | The display name of the external user profile. Inherited from externalProfile. |
| id | String | The unique identifier for the external user profile. For example, 12345678-9abc-def0-1234-56789abcde. The value of the id property is often but not exclusively in the form of a GUID; treat it as an opaque identifier and don't rely on it being a GUID. Key. Not nullable. Read-only. |
| isDiscoverable | Boolean | Represents whether the external user profile is discoverable in the directory. When true, this external profile shows up in Teams search. When false, this external profile doesn't show up in Teams search. Inherited from externalProfile. |
| isEnabled | Boolean | Represents whether the external user profile is enabled in the directory. This property is peer to the accountEnabled property on the User object. |
| jobTitle | String | The job title of the external user profile. Inherited from externalProfile. |
| phoneNumber | String | The phone number of the external user profile. Must be in E164 format. Inherited from externalProfile. |
| supervisorId | String | The object ID of the supervisor of the external user profile. Inherited from externalProfile. Supports $filter (eq, startswith). |
Graph reference: group
| Property | Type | Description |
|---|---|---|
| allowExternalSenders | Boolean | Indicates if people external to the organization can send messages to the group. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| assignedLabels | assignedLabel collection | The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. Returned only on $select. This property can be updated only in delegated scenarios where the caller requires both the Microsoft Graph permission and a supported administrator role. |
| assignedLicenses | assignedLicense collection | The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq). Read-only. |
| autoSubscribeNewMembers | Boolean | Indicates if new members added to the group are autosubscribed to receive email notifications. You can set this property in a PATCH request for the group; don't set it in the initial POST request that creates the group. Default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| classification | String | Describes a classification for the group (such as low, medium, or high business impact). Valid values for this property are defined by creating a ClassificationList setting value, based on the template definition. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). |
| createdDateTime | DateTimeOffset | Timestamp of when the group was created. The value can't be modified and is automatically populated when the group is created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. |
| deletedDateTime | DateTimeOffset | For some Microsoft Entra objects (user, group, application), if the object is deleted, it's first logically deleted, and this property is updated with the date and time when the object was deleted. Otherwise this property is null. If the object is restored, this property is updated to null. Inherited from directoryObject. |
| description | String | An optional description for the group. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. |
| displayName | String | The display name for the group. This property is required when a group is created and can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. |
| expirationDateTime | DateTimeOffset | Timestamp of when the group is set to expire. It's null for security groups, but for Microsoft 365 groups, it represents when the group is set to expire as defined in the groupLifecyclePolicy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. |
| groupTypes | String collection | Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; otherwise, it's either a security group or a distribution group. For details, see groups overview.If the collection includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. Supports $filter (eq, not). |
| hasMembersWithLicenseErrors | Boolean | Indicates whether there are members in this group that have license errors from its group-based license assignment. This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have members with license errors (that is, filter for this property being true). See an example. Supports $filter (eq). |
| hideFromAddressLists | Boolean | True if the group isn't displayed in certain parts of the Outlook UI: the Address Book, address lists for selecting message recipients, and the Browse Groups dialog for searching groups; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| hideFromOutlookClients | Boolean | True if the group isn't displayed in Outlook clients, such as Outlook for Windows and Outlook on the web; otherwise, false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| id | String | The unique identifier for the group. Returned by default. Inherited from directoryObject. Key. Not nullable. Read-only. Supports $filter (eq, ne, not, in). |
| isArchived | Boolean | When a group is associated with a team, this property determines whether the team is in read-only mode. To read this property, use the /group/{groupId}/team endpoint or the Get team API. To update this property, use the archiveTeam and unarchiveTeam APIs. |
| isAssignableToRole | Boolean | Indicates whether this group can be assigned to a Microsoft Entra role. Optional. This property can only be set while creating the group and is immutable. If set to true, the securityEnabled property must also be set to true, visibility must be Hidden, and the group can't be a dynamic group (that is, groupTypes can't contain DynamicMembership). Only callers with at least the Privileged Role Administrator role can set this property. The caller must also be assigned the RoleManagement.ReadWrite.Directory permission to set this property or update the membership of such groups. For more, see Using a group to manage Microsoft Entra role assignments Using this feature requires a Microsoft Entra ID P1 license. Returned by default. Supports $filter (eq, ne, not). |
| isManagementRestricted | Boolean | Indicates whether the group is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a group member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. |
| isSubscribedByMail | Boolean | Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| licenseProcessingState | String | Indicates the status of the group license assignment to all group members. The default value is false. Read-only. Possible values: QueuedForProcessing, ProcessingInProgress, and ProcessingComplete.Returned only on $select. Read-only. |
| String | The SMTP address for the group, for example, "[email protected]". Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
|
| mailEnabled | Boolean | Specifies whether the group is mail-enabled. Required. Returned by default. Supports $filter (eq, ne, not). |
| mailNickname | String | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the ASCII character set 0 - 127 except the following characters: @ () \ [] " ; : <> , SPACE. Required. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| membershipRule | String | The rule that determines members for this group if the group is a dynamic group (groupTypes contains DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith). |
| membershipRuleProcessingState | String | Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by default. Supports $filter (eq, ne, not, in). |
| onPremisesDomainName | String | Contains the on-premises domain FQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Returned by default. Read-only. |
| onPremisesLastSyncDateTime | DateTimeOffset | Indicates the last time at which the group was synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in). |
| onPremisesNetBiosName | String | Contains the on-premises netBios name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Returned by default. Read-only. |
| onPremisesProvisioningErrors | onPremisesProvisioningError collection | Errors when using Microsoft synchronization product during provisioning. Returned by default. Supports $filter (eq, not). |
| onPremisesSamAccountName | String | Contains the on-premises SAM account name synchronized from the on-premises directory. The property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith). Read-only. |
| onPremisesSecurityIdentifier | String | Contains the on-premises security identifier (SID) for the group synchronized from on-premises to the cloud. Read-only. Returned by default. Supports $filter (eq including on null values). |
| onPremisesSyncEnabled | Boolean | true if this group is synced from an on-premises directory; false if this group was originally synced from an on-premises directory but is no longer synced; null if this object has never synced from an on-premises directory (default). Returned by default. Read-only. Supports $filter (eq, ne, not, in, and eq on null values). |
| preferredDataLocation | String | The preferred data location for the Microsoft 365 group. By default, the group inherits the group creator's preferred data location. To set this property, the calling app must be granted the Directory.ReadWrite.All permission and the user be assigned at least one of the following Microsoft Entra roles:
For more information about this property, see OneDrive Online Multi-Geo. Nullable. Returned by default. |
| preferredLanguage | String | The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example, en-US. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| proxyAddresses | String collection | Email addresses for the group that direct to the same group mailbox. For example: ["SMTP: [email protected]", "smtp: [email protected]"]. The any operator is required to filter expressions on multi-valued properties. Returned by default. Read-only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). |
| renewedDateTime | DateTimeOffset | Timestamp of when the group was last renewed. This value can't be modified directly and is only updated via the renew service action. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on January 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. |
| securityEnabled | Boolean | Specifies whether the group is a security group. Required. Returned by default. Supports $filter (eq, ne, not, in). |
| securityIdentifier | String | Security identifier of the group, used in Windows scenarios. Read-only. Returned by default. |
| serviceProvisioningErrors | serviceProvisioningError collection | Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a group object. Supports $filter (eq, not, for isResolved and serviceInstance). |
| theme | string | Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange, or Red. Returned by default. |
| uniqueName | String | The unique identifier that can be assigned to a group and used as an alternate key. Immutable. Read-only. |
| unseenCount | Int32 | Count of conversations that received new posts since the signed-in user last visited the group. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). |
| visibility | String | Specifies the group join policy and group content visibility for groups. Possible values are: Private, Public, or HiddenMembership. HiddenMembership can be set only for Microsoft 365 groups when the groups are created. It can't be updated later. Other values of visibility can be updated after group creation.If visibility value isn't specified during group creation on Microsoft Graph, a security group is created as Private by default, and the Microsoft 365 group is Public. Groups assignable to roles are always Private. To learn more, see group visibility options. Returned by default. Nullable. |
Graph reference: inferenceData
| Property | Type | Description |
|---|---|---|
| confidenceScore | Double | Confidence score reflecting the accuracy of the data inferred about the user. |
| userHasVerifiedAccuracy | Boolean | Records if the user has confirmed this inference as being True or False. |
Graph reference: insightsSettings
| Property | Type | Description |
|---|---|---|
| disabledForGroup | String | The ID of a Microsoft Entra group, of which the specified type of insights are disabled for its members. The default value is null. Optional. |
| isEnabledInOrganization | Boolean | true if insights of the specified type are enabled for the organization; false if insights of the specified type are disabled for all users without exceptions. The default value is true. Optional. |
Graph reference: itemAddress
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| detail | physicalAddress | Details about the address itself. |
| displayName | String | Friendly name the user has assigned to this address. |
| geoCoordinates | geoCoordinates | The geocoordinates of the address. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
Graph reference: itemBody
| Property | Type | Description |
|---|---|---|
| content | String | The content of the item. |
| contentType | bodyType | The type of the content. Possible values are text and html. |
Graph reference: itemEmail
| Property | Type | Description |
|---|---|---|
| address | String | The email address itself. |
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| displayName | String | The name or label a user has associated with a particular email address. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| type | emailType | The type of email address. Possible values are: unknown, work, personal, main, other. |
Graph reference: itemFacet
| Property | Type | Description |
|---|---|---|
| allowedAudiences | allowedAudiences | The audiences that are able to see the values contained within the associated entity. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. |
| id | String | Identifier used for individually addressing an entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. |
| source | personDataSource | Where the values within an entity originated if synced from another service. |
| sources | profileSourceAnnotation collection | Where the values within an entity originated if synced from another source. |
Graph reference: itemPatent
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| description | String | Descpription of the patent or filing. |
| displayName | String | Title of the patent or filing. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| isPending | Boolean | Indicates the patent is pending. |
| issuedDate | Date | The date that the patent was granted. |
| issuingAuthority | String | Authority which granted the patent. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| number | String | The patent number. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| webUrl | String | URL referencing the patent or filing. |
Graph reference: itemPhone
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| displayName | String | Friendly name the user has assigned this phone number. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| number | String | Phone number provided by the user. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| type | phoneType | The type of phone number within the object. Possible values are: home, business, mobile, other, assistant, homeFax, businessFax, otherFax, pager, radio. |
Graph reference: itemPublication
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| description | String | Description of the publication. |
| displayName | String | Title of the publication. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| publishedDate | Date | The date that the publication was published. |
| publisher | String | Publication or publisher for the publication. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| thumbnailUrl | String | URL referencing a thumbnail of the publication. |
| webUrl | String | URL referencing the publication. |
Graph reference: languageProficiency
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| displayName | String | Contains the long-form name for the language. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| reading | languageProficiencyLevel | Represents the users reading comprehension for the language represented by the object. Possible values are: elementary, conversational, limitedWorking, professionalWorking, fullProfessional, nativeOrBilingual, unknownFutureValue. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| spoken | languageProficiencyLevel | Represents the users spoken proficiency for the language represented by the object. Possible values are: elementary, conversational, limitedWorking, professionalWorking, fullProfessional, nativeOrBilingual, unknownFutureValue. |
| tag | String | Contains the four-character BCP47 name for the language (en-US, no-NB, en-AU). |
| written | languageProficiencyLevel | Represents the users written proficiency for the language represented by the object. Possible values are: elementary, conversational, limitedWorking, professionalWorking, fullProfessional, nativeOrBilingual, unknownFutureValue. |
Graph reference: licenseDetails
| Property | Type | Description |
|---|---|---|
| id | String | The unique identifier for the license detail object. Read-only. Key. Not nullable. |
| servicePlans | servicePlanInfo collection | Information about the service plans assigned with the license. Read-only. Not nullable. |
| skuId | Guid | Unique identifier (GUID) for the service SKU. Equal to the skuId property on the related subscribedSku object. Read-only. |
| skuPartNumber | String | Unique SKU display name. Equal to the **s |
Graph reference: List
| Property | Type | Description |
|---|---|---|
| createdBy | identitySet | Identity of the creator of this item. Read-only. Inherited from baseItem. |
| createdDateTime | DateTimeOffset | The date and time when the item was created. Read-only. Inherited from baseItem. |
| description | String | The descriptive text for the item. Inherited from baseItem. |
| displayName | String | The displayable title of the list. |
| eTag | String | ETag for the item. Inherited from baseItem. |
| id | String | The unique identifier of the item. Read-only. Inherited from baseItem. |
| lastModifiedBy | identitySet | Identity of the last modifier of this item. Read-only. Inherited from baseItem. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the item was last modified. Read-only. Inherited from baseItem. |
| list | listInfo | Contains more details about the list. |
| name | String | The name of the item. Read-only. Inherited from baseItem. |
| parentReference | itemReference | Parent information if the item has a parent. Read-write. Inherited from baseItem. |
| sharepointIds | sharepointIds | Returns identifiers useful for SharePoint REST compatibility. Read-only. |
| system | systemFacet | If present, indicates that the list is system-managed. Read-only. |
| webUrl | String | URL that displays the item in the browser. Read-only. Inherited from baseItem. |
Graph reference: localeInfo
| Property | Type | Description |
|---|---|---|
| displayName | string | A name representing the user's locale in natural language, for example, "English (United States)". |
| locale | string | A locale representation for the user, which includes the user's preferred language and country/region. For example, "en-us". The language component follows 2-letter codes as defined in ISO 639-1, and the country component follows 2-letter codes as defined in ISO 3166-1 alpha-2. |
Graph reference: message
| Property | Type | Description |
|---|---|---|
| bccRecipients | recipient collection | The Bcc: recipients for the message. |
| body | itemBody | The body of the message. It can be in HTML or text format. Find out about safe HTML in a message body. |
| bodyPreview | String | The first 255 characters of the message body. It is in text format. |
| ccRecipients | recipient collection | The Cc: recipients for the message. |
| changeKey | String | The version of the message. |
| conversationId | String | The ID of the conversation the email belongs to. |
| conversationIndex | Edm.Binary | Indicates the position of the message within the conversation. |
| createdDateTime | DateTimeOffset | The date and time the message was created. The date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. |
| flag | followupFlag | Indicates the status, start date, due date, or completion date for the message. |
| from | recipient | The owner of the mailbox from which the message is sent. In most cases, this value is the same as the sender property, except for sharing or delegation scenarios. The value must correspond to the actual mailbox used. Find out more about setting the from and sender properties of a message. |
| hasAttachments | Boolean | Indicates whether the message has attachments. This property doesn't include inline attachments, so if a message contains only inline attachments, this property is false. To verify the existence of inline attachments, parse the body property to look for a src attribute, such as <IMG src="cid:[email protected]">. |
| id | String | Unique identifier for the message. !INCLUDE [outlook-beta-id] Read-only. |
| importance | importance | The importance of the message. The possible values are: low, normal, and high. |
| inferenceClassification | inferenceClassificationType | The classification of the message for the user, based on inferred relevance or importance, or on an explicit override. The possible values are: focused or other. |
| internetMessageHeaders | internetMessageHeader collection | A collection of message headers defined by RFC5322. The set includes message headers indicating the network path taken by a message from the sender to the recipient. It can also contain custom message headers that hold app data for the message. Returned only on applying a $select query option. Read-only. |
| internetMessageId | String | The message ID in the format specified by RFC2822. |
| isDeliveryReceiptRequested | Boolean | Indicates whether a read receipt is requested for the message. |
| isDraft | Boolean | Indicates whether the message is a draft. A message is a draft if it hasn't been sent yet. |
| isRead | Boolean | Indicates whether the message has been read. |
| isReadReceiptRequested | Boolean | Indicates whether a read receipt is requested for the message. |
| lastModifiedDateTime | DateTimeOffset | The date and time the message was last changed. The date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. |
| parentFolderId | String | The unique identifier for the message's parent mailFolder. |
| receivedDateTime | DateTimeOffset | The date and time the message was received. The date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. |
| replyTo | recipient collection | The email addresses to use when replying. |
| sender | recipient | The account that is used to generate the message. In most cases, this value is the same as the from property. You can set this property to a different value when sending a message from a shared mailbox, for a shared calendar, or as a delegate. In any case, the value must correspond to the actual mailbox used. Find out more about setting the from and sender properties of a message. |
| sentDateTime | DateTimeOffset | The date and time the message was sent. The date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. |
| subject | String | The subject of the message. |
| toRecipients | recipient collection | The To: recipients for the message. |
| uniqueBody | itemBody | The part of the body of the message that is unique to the current message. uniqueBody is not returned by default but can be retrieved for a given message by use of the ?$select=uniqueBody query. It can be in HTML or text format. |
| webLink | String | The URL to open the message in Outlook on the web. You can append an ispopout argument to the end of the URL to change how the message is displayed. If ispopout is not present or if it is set to 1, then the message is shown in a popout window. If ispopout is set to 0, the browser shows the message in the Outlook on the web review pane. The message opens in the browser if you are signed in to your mailbox via Outlook on the web. You are prompted to sign in if you are not already signed in with the browser. This URL cannot be accessed from within an iFrame. |
Graph reference: offerShiftRequest
| Property | Type | Description |
|---|---|---|
| assignedTo | scheduleChangeRequestActor | Indicates who the request is assigned to. Inherited from scheduleChangeRequest.The possible values are: sender, recipient, manager, system, unknownFutureValue. |
| createdBy | identitySet | The user who created the entity. Inherited from changeTrackedEntity. |
| createdDateTime | DateTimeOffset | The date and time when the entity was created. Inherited from changeTrackedEntity. |
| id | String | The unique identifier for the entity. Inherited from entity. Inherits from entity |
| lastModifiedBy | identitySet | The user who last modified the entity. Inherited from changeTrackedEntity. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the entity was last modified. Inherited from changeTrackedEntity. |
| managerActionDateTime | DateTimeOffset | The date and time when the manager approved or declined the request. Inherited from scheduleChangeRequest. |
| managerActionMessage | String | The message sent by the manager regarding the request. Inherited from scheduleChangeRequest. |
| managerUserId | String | The user ID of the manager who approved or declined the request. Inherited from scheduleChangeRequest. |
| recipientActionDateTime | DateTimeOffset | The date and time when the recipient approved or declined the request. |
| recipientActionMessage | String | The message sent by the recipient regarding the request. |
| recipientUserId | String | The recipient's user ID. |
| senderDateTime | DateTimeOffset | The date and time when the sender sent the request. Inherited from scheduleChangeRequest. |
| senderMessage | String | The message sent by the sender of the request. Inherited from scheduleChangeRequest. |
| senderShiftId | String | The sender's shift ID. |
| senderUserId | String | The user ID of the sender of the request. Inherited from scheduleChangeRequest. |
| state | scheduleChangeState | The state of the entity. Inherited from scheduleChangeRequest.The possible values are: pending, approved, declined, unknownFutureValue. |
Graph reference: onlineMeeting
| Property | Type | Description |
|---|---|---|
| allowAttendeeToEnableCamera | Boolean | Indicates whether attendees can turn on their camera. Inherited from onlineMeetingBase. |
| allowAttendeeToEnableMic | Boolean | Indicates whether attendees can turn on their microphone. Inherited from onlineMeetingBase. |
| allowBreakoutRooms | Boolean | Indicates whether breakout rooms are enabled for the meeting. Inherited from onlineMeetingBase. |
| allowedLobbyAdmitters | allowedLobbyAdmitterRoles | Specifies the users who can admit from the lobby. Possible values are: organizerAndCoOrganizersAndPresenters, organizerAndCoOrganizers, unknownFutureValue. Inherited from onlineMeetingBase. |
| allowedPresenters | onlineMeetingPresenters | Specifies who can be a presenter in a meeting. Possible values are listed in the following table. Inherited from onlineMeetingBase. |
| allowLiveShare | meetingLiveShareOptions | Indicates whether live share is enabled for the meeting. Possible values are: enabled, disabled, unknownFutureValue. Inherited from onlineMeetingBase. |
| allowMeetingChat | meetingChatMode | Specifies the mode of meeting chat. Inherited from onlineMeetingBase. |
| allowParticipantsToChangeName | Boolean | Specifies if participants are allowed to rename themselves in an instance of the meeting. Inherited from onlineMeetingBase. |
| allowPowerPointSharing | Boolean | Indicates whether PowerPoint live is enabled for the meeting. Inherited from onlineMeetingBase. |
| allowTeamworkReactions | Boolean | Indicates whether Teams reactions are enabled for the meeting. Inherited from onlineMeetingBase. |
| allowRecording | Boolean | Indicates whether recording is enabled for the meeting. Inherited from onlineMeetingBase. |
| allowTeamworkReactions | Boolean | Indicates whether Teams reactions are enabled for the meeting. Inherited from onlineMeetingBase. |
| allowTranscription | Boolean | Indicates whether transcription is enabled for the meeting. Inherited from onlineMeetingBase. |
| allowWhiteboard | Boolean | Indicates whether whiteboard is enabled for the meeting. Inherited from onlineMeetingBase. |
| audioConferencing | audioConferencing | The phone access (dial-in) information for an online meeting. Read-only. Inherited from onlineMeetingBase. |
| chatInfo | chatInfo | The chat information associated with this online meeting. Inherited from onlineMeetingBase. |
| chatRestrictions | chatRestrictions | Specifies the configuration settings for meeting chat restrictions. Inherited from onlineMeetingBase. |
| creationDateTime | DateTime | The meeting creation time in UTC. Read-only. |
| endDateTime | DateTime | The meeting end time in UTC. Required when you create an online meeting. |
| joinWebUrl | String | The join URL of the online meeting. The format of the URL may change; therefore, users shouldn't rely on any information extracted from parsing the URL. Read-only. Inherited from onlineMeetingBase. |
| participants | meetingParticipants | The participants associated with the online meeting, including the organizer and the attendees. |
| subject | String | The subject of the online meeting. Required when you create an online meeting. |
| id | String | The default ID associated with the online meeting. Read-only. Inherited from onlineMeetingBase. |
| isEntryExitAnnounced | Boolean | Indicates whether to announce when callers join or leave. Inherited from onlineMeetingBase. |
| joinInformation | itemBody | The join information in the language and locale variant specified in the Accept-Language request HTTP header. Read-only. Inherited from onlineMeetingBase. |
| joinMeetingIdSettings | joinMeetingIdSettings | Specifies the joinMeetingId, the meeting passcode, and the requirement for the passcode. Once an onlineMeeting is created, the joinMeetingIdSettings can't be modified. To make any changes to this property, the meeting needs to be canceled and a new one needs to be created. Inherited from onlineMeetingBase. |
| lobbyBypassSettings | lobbyBypassSettings | Specifies which participants can bypass the meeting lobby. Inherited from onlineMeetingBase. |
| meetingTemplateId | String | The ID of the meeting template. |
| recordAutomatically | Boolean | Indicates whether to record the meeting automatically. Inherited from onlineMeetingBase. |
| shareMeetingChatHistoryDefault | meetingChatHistoryDefaultMode | Specifies whether meeting chat history is shared with participants. Possible values are: all, none, unknownFutureValue. Inherited from onlineMeetingBase. |
| startDateTime | DateTime | The meeting start time in UTC. |
| videoTeleconferenceId | String | The video teleconferencing ID. Read-only. Inherited from onlineMeetingBase. |
| watermarkProtection | watermarkProtectionValues | Specifies whether the client application should apply a watermark a content type. Inherited from onlineMeetingBase. |
| attendeeReport (deprecated) | Stream | The content stream of the attendee report of a Microsoft Teams live event. Read-only. |
| broadcastSettings (deprecated) | broadcastMeetingSettings | Settings related to a live event. |
| isBroadcast (deprecated) | Boolean | Indicates whether this meeting is a Teams live event. |
Graph reference: openShiftChangeRequest
| Property | Type | Description |
|---|---|---|
| assignedTo | scheduleChangeRequestActor | Indicates who the request is assigned to. Inherited from scheduleChangeRequest.The possible values are: sender, recipient, manager, system, unknownFutureValue. |
| createdBy | identitySet | The user who created the entity. Inherited from changeTrackedEntity. |
| createdDateTime | DateTimeOffset | The date and time when the entity was created. Inherited from changeTrackedEntity. |
| id | String | The unique identifier for the entity. Inherited from entity. Inherits from entity |
| lastModifiedBy | identitySet | The user who last modified the entity. Inherited from changeTrackedEntity. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the entity was last modified. Inherited from changeTrackedEntity. |
| managerActionDateTime | DateTimeOffset | The date and time when the manager approved or declined the request. Inherited from scheduleChangeRequest. |
| managerActionMessage | String | The message sent by the manager regarding the request. Inherited from scheduleChangeRequest. |
| managerUserId | String | The user ID of the manager who approved or declined the request. Inherited from scheduleChangeRequest. |
| openShiftId | String | ID for the open shift. |
| senderDateTime | DateTimeOffset | The date and time when the sender sent the request. Inherited from scheduleChangeRequest. |
| senderMessage | String | The message sent by the sender of the request. Inherited from scheduleChangeRequest. |
| senderUserId | String | The user ID of the sender of the request. Inherited from scheduleChangeRequest. |
| state | scheduleChangeState | The state of the **s |
Graph reference: opentypeextension
| Property | Type | Description |
|---|---|---|
| extensionName | String | A unique text identifier for an open type data extension. Optional. |
| id | String | A fully qualified identifier that concatenates the extension type with the **e |
Graph reference: organization
| Property | Type | Description |
|---|---|---|
| assignedPlans | assignedPlan collection | The collection of service plans associated with the tenant. Not nullable. |
| businessPhones | String collection | Telephone number for the organization. Although this property is a string collection, only one number can be set. |
| city | String | City name of the address for the organization. |
| country | String | Country or region name of the address for the organization. |
| countryLetterCode | String | Country or region abbreviation for the organization in ISO 3166-2 format. |
| createdDateTime | DateTimeOffset | Timestamp of when the organization was created. The value can't be modified and is automatically populated when the organization is created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| defaultUsageLocation | String | Two-letter ISO 3166 country code indicating the default service usage location of an organization. |
| deletedDateTime | DateTimeOffset | Represents date and time of when the Microsoft Entra tenant was deleted using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| displayName | String | The display name for the tenant. |
| id | String | The tenant ID, a unique identifier representing the organization (or tenant). Inherited from directoryObject. Key. Not nullable. Read-only. |
| isMultipleDataLocationsForServicesEnabled | Boolean | true if organization is Multi-Geo enabled; false if the organization isn't Multi-Geo enabled; null (default). Read-only. For more information, see OneDrive Online Multi-Geo. |
| marketingNotificationEmails | String collection | Not nullable. |
| onPremisesLastSyncDateTime | DateTimeOffset | The time and date at which the tenant was last synced with the on-premises directory. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. |
| onPremisesSyncEnabled | Boolean | true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced. Nullable. null if this object isn't synced from on-premises active directory (default). |
| partnerTenantType | partnerTenantType | The type of partnership this tenant has with Microsoft. The possible values are: microsoftSupport, syndicatePartner, breadthPartner, breadthPartnerDelegatedAdmin, resellerPartnerDelegatedAdmin, valueAddedResellerPartnerDelegatedAdmin, unknownFutureValue. Nullable. For more information about the possible types, see partnerTenantType values. |
| postalCode | String | Postal code of the address for the organization. |
| preferredLanguage | String | The preferred language for the organization. Should follow ISO 639-1 Code; for example, en. |
| privacyProfile | privacyProfile | The privacy profile of an organization. |
| provisionedPlans | ProvisionedPlan collection | Not nullable. |
| securityComplianceNotificationMails | String collection | Not nullable. |
| securityComplianceNotificationPhones | String collection | Not nullable. |
| state | String | State name of the address for the organization. |
| street | String | Street name of the address for organization. |
| technicalNotificationMails | String collection | Not nullable. |
| tenantType | String | Not nullable. Can be one of the following types: AAD - An enterprise identity access management (IAM) service that serves business-to-employee and business-to-business (B2B) scenarios. AAD B2C An identity access management (IAM) service that serves business-to-consumer (B2C) scenarios. CIAM - A customer identity & access management (CIAM) solution that provides an integrated platform to serve consumers, partners, and citizen scenarios. |
| verifiedDomains | VerifiedDomain collection | The collection of domains associated with this tenant. Not nullable. |
Graph reference: organizationalBranding
| Property | Type | Description |
|---|---|---|
| backgroundColor | String | Color that will appear in place of the background image in low-bandwidth connections. We recommend that you use the primary color of your banner logo or your organization color. Specify this in hexadecimal format, for example, white is #FFFFFF. Inherited from organizationalBrandingProperties. |
| backgroundImage | Stream | Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. Inherited from organizationalBrandingProperties. Returned only on $select. |
| backgroundImageRelativeUrl | String | A relative URL for the backgroundImage property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| bannerLogo | Stream | A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG no larger than 245 x 36 pixels. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. Returned only on $select. |
| bannerLogoRelativeUrl | String | A relative url for the bannerLogo property that is combined with a CDN base URL from the cdnList to provide the read-only version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| cdnList | String collection | A list of base URLs for all available CDN providers that are serving the assets of the current resource. Several CDN providers are used at the same time for high availability of read requests. Read-only. Inherited from organizationalBrandingProperties. |
| contentCustomization | contentCustomization | Represents the content options to be customized throughout the authentication flow for a tenant. NOTE: Supported by Microsoft Entra External ID in external tenants only. |
| customAccountResetCredentialsUrl | String | A custom URL for resetting account credentials. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. Inherited from organizationalBrandingProperties. |
| customCannotAccessYourAccountText | String | A string to replace the default "Can't access your account?" self-service password reset (SSPR) hyperlink text on the sign-in page. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customCannotAccessYourAccountUrl | String | A custom URL to replace the default URL of the self-service password reset (SSPR) "Can't access your account?" hyperlink on the sign-in page. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. DO NOT USE. Use customAccountResetCredentialsUrl instead. Inherited from organizationalBrandingProperties. |
| customCSS | Stream | CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25KB. Inherited from organizationalBrandingProperties. |
| customCSSRelativeUrl | String | A relative URL for the customCSS property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| customForgotMyPasswordText | String | A string to replace the default "Forgot my password" hyperlink text on the sign-in form. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customPrivacyAndCookiesText | String | A string to replace the default "Privacy and Cookies" hyperlink text in the footer. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customPrivacyAndCookiesUrl | String | A custom URL to replace the default URL of the "Privacy and Cookies" hyperlink in the footer. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. Inherited from organizationalBrandingProperties. |
| customResetItNowText | String | A string to replace the default "reset it now" hyperlink text on the sign-in form. This text must be in Unicode format and not exceed 256 characters. DO NOT USE: Customization of the "reset it now" hyperlink text is currently not supported. Inherited from organizationalBrandingProperties. |
| customTermsOfUseText | String | A string to replace the the default "Terms of Use" hyperlink text in the footer. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customTermsOfUseUrl | String | A custom URL to replace the default URL of the "Terms of Use" hyperlink in the footer. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128characters. Inherited from organizationalBrandingProperties. |
| favicon | Stream | A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant. Inherited from organizationalBrandingProperties. |
| faviconRelativeUrl | String | A relative url for the favicon above that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| headerBackgroundColor | String | The RGB color to apply to customize the color of the header. Inherited from organizationalBrandingProperties. |
| headerLogo | Stream | A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 245 x 36 pixels. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. |
| headerLogoRelativeUrl | String | A relative URL for the headerLogo property that is combined with a CDN base URL from the cdnList to provide the read-only version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| id | String | An identifier that represents the locale specified using culture names. Culture names follow the RFC 1766 standard in the format "languagecode2-country/regioncode2", where "languagecode2" is a lowercase two-letter code derived from ISO 639-1 and "country/regioncode2" is an uppercase two-letter code derived from ISO 3166. For example, U.S. English is en-US. The id for the default /branding is always the String types 0 or default. Read-only. NOTE: Multiple branding for a single locale are currently not supported. Inherited from organizationalBrandingProperties. |
| loginPageLayoutConfiguration | loginPageLayoutConfiguration | Represents the layout configuration to be displayed on the login page for a tenant. Inherited from organizationalBrandingProperties. |
| loginPageTextVisibilitySettings | loginPageTextVisibilitySettings | Represents the various texts that can be hidden on the login page for a tenant. Inherited from organizationalBrandingProperties. |
| signInPageText | String | Text that appears at the bottom of the sign-in box. You can use this to communicate additional information, such as the phone number to your help desk or a legal statement. This text must be Unicode and not exceed 1024 characters. Inherited from organizationalBrandingProperties. |
| squareLogo | Stream | A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG no larger than 240 x 240 pixels and no more than 10 KB in size. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. Returned only on $select. |
| squareLogoRelativeUrl | String | A relative url for the squareLogo property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| squareLogoDark | Stream | A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. |
| squareLogoDarkRelativeUrl | String | A relative URL for the squareLogoDark property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| usernameHintText | String | String that shows as the hint in the username textbox on the sign-in screen. This text must be a Unicode, without links or code, and can't exceed 64 characters. Inherited from organizationalBrandingProperties. |
Graph reference: organizationalBrandingLocalization
| Property | Type | Description |
|---|---|---|
| backgroundColor | String | Color that appears in place of the background image in low-bandwidth connections. We recommend that you use the primary color of your banner logo or your organization color. Specify this in hexadecimal format, for example, white is #FFFFFF. Inherited from organizationalBrandingProperties. |
| backgroundImage | Stream | Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. Inherited from organizationalBrandingProperties. |
| backgroundImageRelativeUrl | String | A relative URL for the backgroundImage property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| bannerLogo | Stream | A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. |
| bannerLogoRelativeUrl | String | A relative URL for the bannerLogo property that is combined with a CDN base URL from the cdnList to provide the read-only version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| cdnList | String collection | A list of base URLs for all available CDN providers that are serving the assets of the current resource. Several CDN providers are used at the same time for high availability of read requests. Read-only. Inherited from organizationalBrandingProperties. |
| contentCustomization | contentCustomization | Represents the content options to be customized throughout the authentication flow for a tenant. NOTE: Supported by Microsoft Entra External ID in external tenants only. |
| customAccountResetCredentialsUrl | String | A custom URL for resetting account credentials. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. Inherited from organizationalBrandingProperties. |
| customCannotAccessYourAccountText | String | A string to replace the default "Can't access your account?" self-service password reset (SSPR) hyperlink text on the sign-in page. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customCannotAccessYourAccountUrl | String | A custom URL to replace the default URL of the self-service password reset (SSPR) "Can't access your account?" hyperlink on the sign-in page. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. DO NOT USE. Use customAccountResetCredentialsUrl instead. Inherited from organizationalBrandingProperties. |
| customCSS | Stream | CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25KB. Inherited from organizationalBrandingProperties. |
| customCSSRelativeUrl | String | A relative URL for the customCSS property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| customForgotMyPasswordText | String | A string to replace the default "Forgot my password" hyperlink text on the sign-in form. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customPrivacyAndCookiesText | String | A string to replace the default "Privacy and Cookies" hyperlink text in the footer. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customPrivacyAndCookiesUrl | String | A custom URL to replace the default URL of the "Privacy and Cookies" hyperlink in the footer. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. Inherited from organizationalBrandingProperties. |
| customResetItNowText | String | A string to replace the default "reset it now" hyperlink text on the sign-in form. This text must be in Unicode format and not exceed 256 characters. DO NOT USE: Customization of the "reset it now" hyperlink text is currently not supported. Inherited from organizationalBrandingProperties. |
| customTermsOfUseText | String | A string to replace the the default "Terms of Use" hyperlink text in the footer. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
| customTermsOfUseUrl | String | A custom URL to replace the default URL of the "Terms of Use" hyperlink in the footer. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128characters. Inherited from organizationalBrandingProperties. |
| favicon | Stream | A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant. Inherited from organizationalBrandingProperties. |
| faviconRelativeUrl | String | A relative url for the favicon above that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| headerBackgroundColor | String | The RGB color to apply to customize the color of the header. Inherited from organizationalBrandingProperties. |
| headerLogo | Stream | A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. |
| headerLogoRelativeUrl | String | A relative URL for the headerLogo property that is combined with a CDN base URL from the cdnList to provide the read-only version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| id | String | An identifier that represents the locale specified using culture names. Culture names follow the RFC 1766 standard in the format "languagecode2-country/regioncode2", where "languagecode2" is a lowercase two-letter code derived from ISO 639-1 and "country/regioncode2" is an uppercase two-letter code derived from ISO 3166. For example, U.S. English is en-US. The id for the default /branding is always the String types 0 or default. Read-only. NOTE: Multiple branding for a single locale are currently not supported. |
| loginPageLayoutConfiguration | loginPageLayoutConfiguration | Represents the layout configuration to be displayed on the login page for a tenant. Inherited from organizationalBrandingProperties. |
| loginPageTextVisibilitySettings | loginPageTextVisibilitySettings | Represents the various texts that can be hidden on the login page for a tenant. Inherited from organizationalBrandingProperties. |
| signInPageText | String | Text that appears at the bottom of the sign-in box. Use this to communicate additional information, such as the phone number to your help desk or a legal statement. This text must be in Unicode format and not exceed 1024 characters. Inherited from organizationalBrandingProperties. |
| squareLogo | Stream | A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. |
| squareLogoRelativeUrl | String | A relative URL for the squareLogo property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| squareLogoDark | Stream | A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. |
| squareLogoDarkRelativeUrl | String | A relative URL for the squareLogoDark property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
| usernameHintText | String | A string that shows as the hint in the username textbox on the sign-in screen. This text must be a Unicode, without links or code, and can't exceed 64 characters. Inherited from organizationalBrandingProperties. |
Graph reference: orgContact
| Property | Type | Description |
|---|---|---|
| addresses | physicalOfficeAddress collection | Postal addresses for this organizational contact. For now a contact can only have one physical address. |
| companyName | String | Name of the company that this organizational contact belongs to. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). |
| department | String | The name for the department in which the contact works. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). |
| displayName | String | Display name for this organizational contact. Maximum length is 256 characters. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values), $search, and $orderby. |
| givenName | String | First name for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). |
| id | String | Unique identifier for this organizational contact. Supports $filter (eq, ne, not, in). |
| jobTitle | String | Job title for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). |
| String | The SMTP address for the contact, for example, "[email protected]". Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). |
|
| mailNickname | String | Email alias (portion of email address pre-pending the @ symbol) for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). |
| serviceProvisioningErrors | serviceProvisioningError collection | Errors published by a federated service describing a non-transient, service-specific error regarding the properties or link from an organizational contact object . Supports $filter (eq, not, for isResolved and serviceInstance). |
| onPremisesLastSyncDateTime | DateTimeOffset | Date and time when this organizational contact was last synchronized from on-premises AD. This date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ne, not, ge, le, in). |
| onPremisesProvisioningErrors | onPremisesProvisioningError collection | List of any synchronization provisioning errors for this organizational contact. Supports $filter (eq, not for category and propertyCausingError), /$count eq 0, /$count ne 0. |
| onPremisesSyncEnabled | Boolean | true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced and now mastered in Exchange; null if this object has never been synced from an on-premises directory (default). Supports $filter (eq, ne, not, in, and eq for null values). |
| phones | phone collection | List of phones for this organizational contact. Phone types can be mobile, business, and businessFax. Only one of each type can ever be present in the collection. |
| proxyAddresses | String collection | For example: "SMTP: [email protected]", "smtp: [email protected]". The any operator is required for filter expressions on multi-valued properties. Supports $filter (eq, not, ge, le, startsWith, /$count eq 0, /$count ne 0). |
| surname | String | Last name for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null values). |
Graph reference: pendingExternalUserProfile
| Property | Type | Description |
|---|---|---|
| address | physicalOfficeAddress | The office address of the pending external user profile. Inherited from externalProfile. |
| createdBy | String | The object ID of the user or principal who created the pending external user profile or invited the external user. Inherited from externalProfile. Read-only. Not nullable. |
| createdDateTime | DateTimeOffset | Date and time when this pending external user profile was created. Inherited from externalProfile. Not nullable. Read-only. |
| companyName | String | The company name of the pending external user profile. Inherited from externalProfile. Supports the $filter (eq, startswith) query parameter. |
| deletedDateTime | DateTimeOffset | Date and time when the pending external user profile was deleted. Always null when the object isn't deleted. Inherited from externalProfile. |
| department | String | The department of the pending external user profile. Inherited from externalProfile. |
| displayName | String | The display name of the pending external user profile. Inherited from externalProfile. |
| id | String | The unique identifier for the pending external user profile. Not nullable. Read-only. |
| isDiscoverable | Boolean | Represents whether the pending external user profile is discoverable in the directory. When true, this external profile shows up in Teams search. Inherited from externalProfile. |
| isEnabled | Boolean | Represents whether the pending external user profile is enabled in the directory. Inherited from externalProfile. |
| jobTitle | String | The job title of the external user profile. Inherited from externalProfile. |
| phoneNumber | String | The phone number of the pending external user profile. Must be in E.164 format. Inherited from externalProfile. |
| supervisorId | String | The object ID of the supervisor of the pending external user profile. Inherited from externalProfile. Supports the $filter (eq, startswith) query parameter. |
Graph reference: personAnniversary
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| date | Date | Contains the date associated with the anniversary type. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| type | anniversaryType | The type of anniversary the date represents. Possible values are: birthday, wedding, unknownFutureValue. |
Graph reference: personAnnotation
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| detail | itemBody | Contains the detail of the note itself. |
| displayName | String | Contains a friendly name for the note. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
Graph reference: personAward
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| description | String | Descpription of the award or honor. |
| displayName | String | Name of the award or honor. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| issuedDate | Date | The date that the award or honor was granted. |
| issuingAuthority | String | Authority which granted the award or honor. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| thumbnailUrl | String | URL referencing a thumbnail of the award or honor. |
| webUrl | String | URL referencing the award or honor. |
Graph reference: personCertification
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| certificationId | String | The referenceable identifier for the certification. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| description | String | Description of the certification. |
| displayName | String | Title of the certification. |
| endDate | Date | The date that the certification expires. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| issuedDate | Date | The date that the certification was issued. |
| issuingAuthority | String | Authority which granted the certification. |
| issuingCompany | String | Company which granted the certification. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| startDate | Date | The date that the certification became valid. |
| thumbnailUrl | String | URL referencing a thumbnail of the certification. |
| webUrl | String | URL referencing the certification. |
Graph reference: personInterest
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| categories | String collection | Contains categories a user has associated with the interest (for example, personal, recipies). |
| collaborationTags | String collection | Contains experience scenario tags a user has associated with the interest. Allowed values in the collection are: askMeAbout, ableToMentor, wantsToLearn, wantsToImprove. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| description | String | Contains a description of the interest. |
| displayName | String | Contains a friendly name for the interest. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| webUrl | String | Contains a link to a web page or resource about the interest. |
Graph reference: personName
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| displayName | String | Provides an ordered rendering of firstName and lastName depending on the locale of the user or their device. |
| first | String | First name of the user. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| initials | String | Initials of the user. |
| languageTag | String | Contains the name for the language (en-US, no-NB, en-AU) following IETF BCP47 format. |
| last | String | Last name of the user. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| maiden | String | Maiden name of the user. |
| middle | String | Middle name of the user. |
| nickname | String | Nickname of the user. |
| pronunciation | yomiPersonName | Guidance on how to pronounce the users name. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| suffix | String | Designators used after the users name (eg: PhD.) |
| title | String | Honorifics used to prefix a users name (eg: Dr, Sir, Madam, Mrs.) |
Graph reference: personResponsibility
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| collaborationTags | String collection | Contains experience scenario tags a user has associated with the interest. Allowed values in the collection are: askMeAbout, ableToMentor, wantsToLearn, wantsToImprove. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| description | String | Description of the responsibility. |
| displayName | String | Contains a friendly name for the responsibility. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| webUrl | String | Contains a link to a web page or resource about the responsibility. |
Graph reference: personWebsite
| Property | Type | Description |
|---|---|---|
| categories | String collection | Contains categories a user has associated with the website (for example, personal, recipes). |
| description | String | Contains a description of the website. |
| displayName | String | Contains a friendly name for the website. |
| webUrl | String | Contains a link to the website itself. |
Graph reference: post
| Property | Type | Description |
|---|---|---|
| body | itemBody | The contents of the post. This is a default property. This property can be null. |
| categories | String collection | The categories associated with the post. |
| changeKey | String | Identifies the version of the post. Every time the post is changed, ChangeKey changes as well. This allows Exchange to apply changes to the correct version of the object. |
| conversationId | String | Unique ID of the conversation. Read-only. |
| conversationThreadId | String | Unique ID of the conversation thread. Read-only. |
| createdDateTime | DateTimeOffset | Specifies when the post was created. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| from | recipient | Used in delegate access scenarios. Indicates who posted the message on behalf of another user. This is a default property. |
| hasAttachments | Boolean | Indicates whether the post has at least one attachment. This is a default property. |
| id | String | Read-only. |
| lastModifiedDateTime | DateTimeOffset | Specifies when the post was last modified. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| newParticipants | recipient collection | Conversation participants that were added to the thread as part of this post. |
| receivedDateTime | DateTimeOffset | Specifies when the post was received. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
| sender | recipient | Contains the address of the sender. The value of Sender is assumed to be the address of the authenticated user in the case when Sender is not specified. This is a default property. |
Graph reference: presence
| Property | Type | Description |
|---|---|---|
| activity | String collection | The supplemental information to a user's availability. Possible values are Available, Away, BeRightBack, Busy, DoNotDisturb, InACall, InAConferenceCall, Inactive, InAMeeting, Offline, OffWork, OutOfOffice, PresenceUnknown, Presenting, UrgentInterruptionsOnly. |
| availability | String collection | The base presence information for a user. Possible values are Available, AvailableIdle, Away, BeRightBack, Busy, BusyIdle, DoNotDisturb, Offline, PresenceUnknown |
| id | String | The unique identifier for the user. |
| statusMessage | presenceStatusMessage | The presence status message of a user. |
Graph reference: printer
| Property | Type | Description |
|---|---|---|
| capabilities | printerCapabilities | The capabilities of the printer associated with this printer share. Inherited from printerBase. |
| defaults | printerDefaults | The printer's default print settings. Inherited from printerBase. |
| displayName | String | The name of the printer. Inherited from printerBase. |
| hasPhysicalDevice | Boolean | True if the printer has a physical device for printing. Read-only. |
| id | String | The document's identifier. Inherited from printerBase. Read-only. |
| isAcceptingJobs | Boolean | True if the printer is currently accepting new print jobs. Inherited from printerBase. |
| isShared | Boolean | True if the printer is shared; false otherwise. Read-only. |
| lastSeenDateTime | DateTimeOffset | The most recent dateTimeOffset when a printer interacted with Universal Print. Read-only. |
| location | printerLocation | The physical and/or organizational location of the printer. Inherited from printerBase. |
| manufacturer | String | The manufacturer reported by the printer. Inherited from printerBase. |
| model | String | The model name reported by the printer. Inherited from printerBase. |
| registeredDateTime | DateTimeOffset | The DateTimeOffset when the printer was registered. Read-only. |
| status | printerStatus | The processing status of the printer, including any errors. Inherited from printerBase. |
Graph reference: printTaskDefinition
| Property | Type | Description |
|---|---|---|
| createdBy | appIdentity | The application that created the printTaskDefinition. Read-only. |
| displayName | String | The name of the printTaskDefinition. |
| id | String | The printTaskDefinition's identifier. Read-only. |
Graph reference: profile
| Property | Type | Description |
|---|---|---|
| id | String | Read-only. |
Graph reference: profilePhoto
| Property | Type | Description |
|---|---|---|
| id | string | Read-only. |
| height | int32 | The height of the photo. Read-only. |
| width | int32 | The width of the photo. Read-only. |
Graph reference: projectParticipation
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| categories | String collection | Contains categories a user has associated with the project (for example, digital transformation, oil rig). |
| client | companyDetail | Contains detailed information about the client the project was for. |
| collaborationTags | String collection | Contains experience scenario tags a user has associated with the interest. Allowed values in the collection are: askMeAbout, ableToMentor, wantsToLearn, wantsToImprove. |
| colleagues | relatedPerson collection | Lists people that also worked on the project. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| detail | positionDetail | Contains detail about the user's role on the project. |
| displayName | String | Contains a friendly name for the project. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| sponsors | relatedPerson collection | The Person or people who sponsored the project. |
Graph reference: regionalAndLanguageSettings
| Property | Type | Description |
|---|---|---|
| defaultDisplayLanguage | localeInfo | The user's preferred user interface language (menus, buttons, ribbons, warning messages) for Microsoft web applications. Returned by default. Not nullable. |
| authoringLanguages | localeInfo collection | Prioritized list of languages the user reads and authors in. Returned by default. Not nullable. |
| defaultTranslationLanguage | localeInfo | The language a user expects to have documents, emails, and messages translated into. Returned by default. |
| defaultSpeechInputLanguage | localeInfo | The language a user expected to use as input for text to speech scenarios. Returned by default. |
| defaultRegionalFormat | localeInfo | The locale that drives the default date, time, and calendar formatting. Returned by default. |
| regionalFormatOverrides | regionalFormatOverrides | Allows a user to override their defaultRegionalFormat with field specific formats. Returned by default. |
| translationPreferences | translationPreferences | The user's preferred settings when consuming translated documents, emails, messages, and websites. Returned by default. Not nullable. |
Graph reference: servicePrincipal
| Property | Type | Description |
|---|---|---|
| accountEnabled | Boolean | true if the service principal account is enabled; otherwise, false. If set to false, then no users are able to sign in to this app, even if they're assigned to it. Supports $filter (eq, ne, not, in). |
| addIns | addIn collection | Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications that can render file streams may set the addIns property for its "FileHandler" functionality. This lets services like Microsoft 365 call the application in the context of a document the user is working on. |
| alternativeNames | String collection | Used to retrieve service principals by subscription, identify resource group and full resource IDs for managed identities. Supports $filter (eq, not, ge, le, startsWith). |
| appDescription | String | The description exposed by the associated application. |
| appDisplayName | String | The display name exposed by the associated application. Maximum length is 256 characters. |
| appId | String | The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, not, in, startsWith). |
| applicationTemplateId | String | Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). Read-only. null if the service principal wasn't created from an application template. |
| appOwnerOrganizationId | Guid | Contains the tenant ID where the application is registered. This is applicable only to service principals backed by applications. Supports $filter (eq, ne, NOT, ge, le). |
| appRoleAssignmentRequired | Boolean | Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter (eq, ne, NOT). |
| appRoles | appRole collection | The roles exposed by the application that's linked to this service principal. For more information, see the appRoles property definition on the application entity. Not nullable. |
| customSecurityAttributes | customSecurityAttributeValue | An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. |
| deletedDateTime | DateTimeOffset | The date and time the service principal was deleted. Read-only. |
| description | String | Free text field to provide an internal end-user facing description of the service principal. End-user portals such MyApps displays the application description in this field. The maximum allowed size is 1,024 characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. |
| disabledByMicrosoftStatus | String | Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons include suspicious, abusive, or malicious activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). |
| displayName | String | The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. |
| homepage | String | Home page or landing page of the application. |
| id | String | The unique identifier for the service principal. Inherited from directoryObject. Key. Not nullable. Read-only. Supports $filter (eq, ne, not, in). |
| info | informationalUrl | Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, ne, not, ge, le, and eq on null values). |
| keyCredentials | keyCredential collection | The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, le). |
| loginUrl | String | Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL. |
| logoutUrl | String | Specifies the URL that the Microsoft's authorization service uses to sign out a user using OpenID Connect front-channel, back-channel, or SAML sign out protocols. |
| notes | String | Free text field to capture information about the service principal, typically used for operational purposes. Maximum allowed size is 1,024 characters. |
| notificationEmailAddresses | String collection | Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery applications. |
| oauth2PermissionScopes | permissionScope collection | The delegated permissions exposed by the application. For more information, see the oauth2PermissionScopes property on the application entity's api property. Not nullable. |
| passwordCredentials | passwordCredential collection | The collection of password credentials associated with the application. Not nullable. |
| preferredSingleSignOnMode | string | Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, notSupported, and oidc. Note: This field might be null for older SAML apps and for OIDC applications where it isn't set automatically. |
| preferredTokenSigningKeyThumbprint | String | This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which certificate is used to sign the SAML responses. For applications that aren't SAML, don't write or otherwise rely on this property. |
| replyUrls | String collection | The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable. |
| resourceSpecificApplicationPermissions | resourceSpecificPermission collection | The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for Teams apps accessing to specific chats and teams using Microsoft Graph. Read-only. |
| samlSingleSignOnSettings | samlSingleSignOnSettings | The collection for settings related to saml single sign-on. |
| servicePrincipalNames | String collection | Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,
The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith). |
| servicePrincipalType | String | Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values:
|
| signInAudience | String | Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values are:
|
| tags | String collection | Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union of strings set here and on the associated application entity's tags property. Supports $filter (eq, not, ge, le, startsWith). |
| tokenEncryptionKeyId | String | Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues tokens for this application encrypted using the key specified by this property. The application code that receives the encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. |
| verifiedPublisher | verifiedPublisher | Specifies the verified publisher of the application that's linked to this service principal. |
Graph reference: shift
Graph reference: shiftPreferences
| Property | Type | Description |
|---|---|---|
| availability | shiftAvailability collection | Availability of the user to be scheduled for work and its recurrence pattern. |
| createdDateTime | Edm.DateTimeOffset |
Timestamp corresponding to when the entity was created. |
| id | Edm.String |
The identifier of the entity. |
| lastModifiedBy | identitySet | Identity of the person who last modified the entity. |
| lastModifiedDateTime | Edm.DateTimeOffset |
Timestamp corresponding to when the entity was last modified. |
| @odata.etag | Edm.String |
The change key for the entity. |
Graph reference: skillProficiency
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| categories | String collection | Contains categories a user has associated with the skill (for example, personal, professional, hobby). |
| collaborationTags | String collection | Contains experience scenario tags a user has associated with the interest. Allowed values in the collection are: askMeAbout, ableToMentor, wantsToLearn, wantsToImprove. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| displayName | String | Contains a friendly name for the skill. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| proficiency | skillProficiencyLevel | Detail of the users proficiency with this skill. Possible values are: elementary, limitedWorking, generalProfessional, advancedProfessional, expert, unknownFutureValue. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| webUrl | String | Contains a link to an information source about the skill. |
Graph reference: subscription
| Property | Type | Description |
|---|---|---|
| applicationId | String | Optional. Identifier of the application used to create the subscription. Read-only. |
| changeType | String | Required. Indicates the type of change in the subscribed resource that raises a change notification. The supported values are: created, updated, deleted. Multiple values can be combined using a comma-separated list. Note: updated changeType. updated and deleted changeType. Use updated to receive notifications when user or group is created, updated, or soft deleted. Use deleted to receive notifications when user or group is permanently deleted. |
| clientState | String | Optional. Specifies the value of the clientState property sent by the service in each change notification. The maximum length is 128 characters. The client can check that the change notification came from the service by comparing the value of the clientState property sent with the subscription with the value of the clientState property received with each change notification. |
| creatorId | String | Optional. Identifier of the user or service principal that created the subscription. If the app used delegated permissions to create the subscription, this field contains the ID of the signed-in user the app called on behalf of. If the app used application permissions, this field contains the ID of the service principal corresponding to the app. Read-only. |
| encryptionCertificate | String | Optional. A base64-encoded representation of a certificate with a public key used to encrypt resource data in change notifications. Optional but required when includeResourceData is true. |
| encryptionCertificateId | String | Optional. A custom app-provided identifier to help identify the certificate needed to decrypt resource data. |
| expirationDateTime | DateTimeOffset | Required. Specifies the date and time when the webhook subscription expires. The time is in UTC, and can be an amount of time from subscription creation that varies for the resource subscribed to. Any value under 45 minutes after the time of the request is automatically set to 45 minutes after the request time. For the maximum supported subscription length of time, see Subscription lifetime. |
| id | String | Optional. Unique identifier for the subscription. Read-only. |
| includeResourceData | Boolean | Optional. When set to true, change notifications include resource data (such as content of a chat message). |
| latestSupportedTlsVersion | String | Optional. Specifies the latest version of Transport Layer Security (TLS) that the notification endpoint, specified by notificationUrl, supports. The possible values are: v1_0, v1_1, v1_2, v1_3. For subscribers whose notification endpoint supports a version lower than the currently recommended version (TLS 1.2), specifying this property by a set timeline allows them to temporarily use their deprecated version of TLS before completing their upgrade to TLS 1.2. For these subscribers, not setting this property per the timeline would result in subscription operations failing. For subscribers whose notification endpoint already supports TLS 1.2, setting this property is optional. In such cases, Microsoft Graph defaults the property to v1_2. |
| lifecycleNotificationUrl | String | Required for Teams resources if the expirationDateTime value is more than 1 hour from now; optional otherwise. The URL of the endpoint that receives lifecycle notifications, including subscriptionRemoved, reauthorizationRequired, and missed notifications. This URL must make use of the HTTPS protocol. For more information, see Reduce missing subscriptions and change notifications. |
| notificationQueryOptions | String | Optional. OData query options for specifying value for the targeting resource. Clients receive notifications when resource reaches the state matching the query options provided here. With this new property in the subscription creation payload along with all existing properties, Webhooks deliver notifications whenever a resource reaches the desired state mentioned in the notificationQueryOptions property. For example, when the print job is completed or when a print job resource isFetchable property value becomes true etc. Supported only for Universal Print Service. For more information, see Subscribe to change notifications from cloud printing APIs using Microsoft Graph. |
| notificationUrl | String | Required. The URL of the endpoint that receives the change notifications. This URL must make use of the HTTPS protocol. Any query string parameter included in the notificationUrl property is included in the HTTP POST request when Microsoft Graph sends the change notifications. |
| notificationUrlAppId | String | Optional. The app ID that the subscription service can use to generate the validation token. The value allows the client to validate the authenticity of the notification received. |
| resource | String | Required. Specifies the resource that is monitored for changes. Don't include the base URL (https://graph.microsoft.com/v1.0/). See the possible resource path values for each supported resource. |
Graph reference: swapShiftsChangeRequest
| Property | Type | Description |
|---|---|---|
| assignedTo | scheduleChangeRequestActor | Indicates who the request is assigned to. Inherited from scheduleChangeRequest.The possible values are: sender, recipient, manager, system, unknownFutureValue. |
| createdBy | identitySet | The user who created the entity. Inherited from changeTrackedEntity. |
| createdDateTime | DateTimeOffset | The date and time when the entity was created. Inherited from changeTrackedEntity. |
| id | String | The unique identifier for the entity. Inherited from entity. Inherits from entity |
| lastModifiedBy | identitySet | The user who last modified the entity. Inherited from changeTrackedEntity. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the entity was last modified. Inherited from changeTrackedEntity. |
| managerActionDateTime | DateTimeOffset | The date and time when the manager approved or declined the request. Inherited from scheduleChangeRequest. |
| managerActionMessage | String | The message sent by the manager regarding the request. Inherited from scheduleChangeRequest. |
| managerUserId | String | The user ID of the manager who approved or declined the request. Inherited from scheduleChangeRequest. |
| recipientActionDateTime | DateTimeOffset | The date and time when the recipient approved or declined the request. Inherited from offerShiftRequest. |
| recipientActionMessage | String | The message sent by the recipient regarding the request. Inherited from offerShiftRequest. |
| recipientShiftId | String | The recipient's Shift ID |
| recipientUserId | String | The recipient's user ID. Inherited from offerShiftRequest. |
| senderDateTime | DateTimeOffset | The date and time when the sender sent the request. Inherited from scheduleChangeRequest. |
| senderMessage | String | The message sent by the sender of the request. Inherited from scheduleChangeRequest. |
| senderShiftId | String | The sender's shift ID. Inherited from offerShiftRequest. |
| senderUserId | String | The user ID of the sender of the request. Inherited from scheduleChangeRequest. |
| state | scheduleChangeState | The state of the entity. Inherited from scheduleChangeRequest.The possible values are: pending, approved, declined, unknownFutureValue. |
Graph reference: team
| Property | Type | Description |
|---|---|---|
| id | string | The unique identifier of the team. The group has the same ID as the team. This property is read-only, and is inherited from the base entity type. |
| classification | string | An optional label. Typically describes the data or business sensitivity of the team. Must match one of a preconfigured set in the tenant's directory. |
| classSettings | teamClassSettings | Configure settings of a class. Available only when the team represents a class. |
| createdDateTime | dateTimeOffset | Timestamp at which the team was created. |
| description | string | An optional description for the team. Maximum length: 1,024 characters. |
| displayName | string | The name of the team. |
| firstChannelName | String | The name of the first channel in the team. This is an optional property, only used during team creation and isn't returned in methods to get and list teams. |
| funSettings | teamFunSettings | Settings to configure use of Giphy, memes, and stickers in the team. |
| guestSettings | teamGuestSettings | Settings to configure whether guests can create, update, or delete channels in the team. |
| internalId | string | A unique ID for the team that was used in a few places such as the audit log/Office 365 Management Activity API. |
| isArchived | Boolean | Whether this team is in read-only mode. |
| memberSettings | teamMemberSettings | Settings to configure whether members can perform certain actions, for example, create channels and add bots, in the team. |
| messagingSettings | teamMessagingSettings | Settings to configure messaging and mentions in the team. |
| specialization | teamSpecialization | Optional. Indicates whether the team is intended for a particular use case. Each team specialization has access to unique behaviors and experiences targeted to its use case. |
| summary | teamSummary | Contains summary information about the team, including number of owners, members, and guests. |
| tenantId | string | The ID of the Microsoft Entra tenant. |
| visibility | teamVisibilityType | The visibility of the group and team. Defaults to Public. |
| webUrl | string (readonly) | A hyperlink that goes to the team in the Microsoft Teams client. You get this URL when you right-click a team in the Microsoft Teams client and select **G |
Graph reference: teamsLicensingDetails
| Property | Type | Description |
|---|---|---|
| hasTeamsLicense | Boolean | Indicates whether the user has a valid license to use Microsoft Teams. |
Graph reference: timeOffRequest
| Property | Type | Description |
|---|---|---|
| assignedTo | scheduleChangeRequestActor | Indicates who the request is assigned to. Inherited from scheduleChangeRequest.The possible values are: sender, recipient, manager, system, unknownFutureValue. |
| createdBy | identitySet | The user who created the entity. Inherited from changeTrackedEntity. |
| createdDateTime | DateTimeOffset | The date and time when the entity was created. Inherited from changeTrackedEntity. |
| endDateTime | DateTimeOffset | The date and time the time off ends in ISO 8601 format and in UTC time. |
| id | String | The unique identifier for the entity. Inherited from entity. Inherits from entity |
| lastModifiedBy | identitySet | The user who last modified the entity. Inherited from changeTrackedEntity. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the entity was last modified. Inherited from changeTrackedEntity. |
| managerActionDateTime | DateTimeOffset | The date and time when the manager approved or declined the request. Inherited from scheduleChangeRequest. |
| managerActionMessage | String | The message sent by the manager regarding the request. Inherited from scheduleChangeRequest. |
| managerUserId | String | The user ID of the manager who approved or declined the request. Inherited from scheduleChangeRequest. |
| senderDateTime | DateTimeOffset | The date and time when the sender sent the request. Inherited from scheduleChangeRequest. |
| senderMessage | String | The message sent by the sender of the request. Inherited from scheduleChangeRequest. |
| senderUserId | String | The user ID of the sender of the request. Inherited from scheduleChangeRequest. |
| startDateTime | DateTimeOffset | The date and time the time off starts in ISO 8601 format and in UTC time. |
| state | scheduleChangeState | The state of the entity. Inherited from scheduleChangeRequest.The possible values are: pending, approved, declined, unknownFutureValue. |
| timeOffReasonId | String | The reason for the time off. |
Graph reference: timeZoneInformation
| Property | Type | Description |
|---|---|---|
| alias | string | An identifier for the time zone. |
| displayName | string | A display string that represents the time zone. |
Graph reference: todoTask
| Property | Type | Description |
|---|---|---|
| body | itemBody | The task body that typically contains information about the task. |
| bodyLastModifiedDateTime | DateTimeOffset | The date and time when the task body was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
| categories | String collection | The categories associated with the task. Each category corresponds to the displayName property of an outlookCategory that the user has defined. |
| completedDateTime | dateTimeTimeZone | The date and time in the specified time zone that the task was finished. |
| createdDateTime | DateTimeOffset | The date and time when the task was created. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
| dueDateTime | dateTimeTimeZone | The date and time in the specified time zone that the task is to be finished. |
| hasAttachments | Boolean | Indicates whether the task has attachments. |
| id | String | Unique identifier for the task. By default, this value changes when the item is moved from one list to another. |
| importance | importance | The importance of the task. Possible values are: low, normal, high. |
| isReminderOn | Boolean | Set to true if an alert is set to remind the user of the task. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
| recurrence | patternedRecurrence | The recurrence pattern for the task. |
| reminderDateTime | dateTimeTimeZone | The date and time in the specified time zone for a reminder alert of the task to occur. |
| startDateTime | dateTimeTimeZone | The date and time in the specified time zone at which the task is scheduled to start. |
| status | taskStatus | Indicates the state or progress of the task. Possible values are: notStarted, inProgress, completed, waitingOnOthers, deferred. |
| title | String | A brief description of the task. |
Graph reference: todoTaskList
| Property | Type | Description |
|---|---|---|
| displayName | String | The name of the task list. |
| id | String | The identifier of the task list, unique in the user's mailbox. Read-only. Inherited from entity |
| isOwner | Boolean | True if the user is owner of the given task list. |
| isShared | Boolean | True if the task list is shared with other users |
| wellknownListName | wellknownListName | Property indicating the list name if the given list is a well-known list. Possible values are: none, defaultList, flaggedEmails, unknownFutureValue. |
Graph reference: usageRight
| Property | Type | Description |
|---|---|---|
| catalogId | String | Product id corresponding to the usage right. |
| id | String | The id of the usage right. |
| serviceIdentifier | String | Identifier of the service corresponding to the usage right. |
| state | usageRightState | The state of the usage right. Possible values are: active, inactive, warning, suspended. |
Graph reference: user
| Property | Type | Description |
|---|---|---|
| aboutMe | String | A freeform text entry field for the user to describe themselves. Returned only on $select. |
| accountEnabled | Boolean | true if the account is enabled; otherwise, false. This property is required when a user is created. Returned only on $select. Supports $filter (eq, ne, not, and in). |
| ageGroup | ageGroup | Sets the age group of the user. Allowed values: null, Minor, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). |
| assignedLicenses | assignedLicense collection | The licenses that are assigned to the user, including inherited (group-based) licenses. This property doesn't differentiate between directly assigned and inherited licenses. Use the licenseAssignmentStates property to identify the directly assigned and inherited licenses. Not nullable. Returned only on $select. Supports $filter (eq, not, /$count eq 0, /$count ne 0). |
| assignedPlans | assignedPlan collection | The plans that are assigned to the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq and not). |
| birthday | DateTimeOffset | The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. |
| businessPhones | String collection | The telephone numbers for the user. NOTE: Although it's a string collection, only one number can be set for this property. Read-only for users synced from the on-premises directory. Returned by default. Supports $filter (eq, not, ge, le, startsWith). |
| city | String | The city where the user is located. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| companyName | String | The name of the company that the user is associated with. This property can be useful for describing the company that a guest comes from. The maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| consentProvidedForMinor | consentProvidedForMinor | Sets whether consent was obtained for minors. Allowed values: null, Granted, Denied, and NotRequired. For more information, see legal age group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). |
| country | String | The country or region where the user is located; for example, US or UK. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| createdDateTime | DateTimeOffset | The date and time the user was created, in ISO 8601 format and UTC. The value can't be modified and is automatically populated when the entity is created. Nullable. For on-premises users, the value represents when they were first created in Microsoft Entra ID. Property is null for some users created before June 2018 and on-premises users that were synced to Microsoft Entra ID before June 2018. Read-only. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). |
| creationType | String | Indicates whether the user account was created through one of the following methods:
Read-only. Returned only on $select. Supports $filter (eq, ne, not, in). |
| customSecurityAttributes | customSecurityAttributeValue | An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). The filter value is case-sensitive. |
| deletedDateTime | DateTimeOffset | The date and time the user was deleted. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). |
| department | String | The name of the department in which the user works. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, and eq on null values). |
| displayName | String | The name displayed in the address book for the user. This value is usually the combination of the user's first name, middle initial, and family name. This property is required when a user is created and it can't be cleared during updates. Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values), $orderby, and $search. |
| employeeHireDate | DateTimeOffset | The date and time when the user was hired or will start work in a future hire. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). |
| employeeLeaveDateTime | DateTimeOffset | The date and time when the user left or will leave the organization. Supports $filter (eq, ne, not , ge, le, in). For more information, see Configure the employeeLeaveDateTime property for a user. |
| employeeId | String | The employee identifier assigned to the user by the organization. The maximum length is 16 characters. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). |
| employeeOrgData | employeeOrgData | Represents organization data (for example, division and costCenter) associated with a user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in). |
| employeeType | String | Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith). |
| externalUserState | String | For a guest invited to the tenant using the invitation API, this property represents the invited user's invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. Returned only on $select. Supports $filter (eq, ne, not , in). |
| externalUserStateChangeDateTime | DateTimeOffset | Shows the timestamp for the latest change to the externalUserState property. Returned only on $select. Supports $filter (eq, ne, not , in). |
| faxNumber | String | The fax number of the user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). |
| givenName | String | The given name (first name) of the user. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). |
| hireDate | DateTimeOffset | The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z. Returned only on $select. Note: This property is specific to SharePoint in Microsoft 365. We recommend using the native employeeHireDate property to set and update hire date values using Microsoft Graph APIs. |
| id | String | The unique identifier for the user. Should be treated as an opaque identifier. Inherited from directoryObject. Key. Not nullable. Read-only. Returned by default. Supports $filter (eq, ne, not, in). |
| identities | objectIdentity collection | Represents the identities that can be used to sign in to this user account. Microsoft (also known as a local account), organizations, or social identity providers such as Facebook, Google, and Microsoft can provide identity and tie it to a user account. It might contain multiple items with the same signInType value. Returned only on $select. Supports $filter (eq) with limitations. |
| imAddresses | String collection | The instant message voice-over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith). |
| interests | String collection | A list for the user to describe their interests. Returned only on $select. |
| isManagementRestricted | Boolean | true if the user is a member of a restricted management administrative unit. If not set, the default value is null and the default behavior is false. Read-only. To manage a user who is a member of a restricted management administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted management administrative unit. Returned only on $select. |
| isResourceAccount | Boolean | Don't use – reserved for future use. |
| jobTitle | String | The user's job title. Maximum length is 128 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). |
| lastPasswordChangeDateTime | DateTimeOffset | The time when this Microsoft Entra user last changed their password or when their password was created, whichever date the latest action was performed. The date and time information uses ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. |
| legalAgeGroupClassification | legalAgeGroupClassification | Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. Allowed values: null, Undefined, MinorWithOutParentalConsent, MinorWithParentalConsent, MinorNoParentalConsentRequired, NotAdult, and Adult. For more information, see legal age group property definitions. Returned only on $select. |
| licenseAssignmentStates | licenseAssignmentState collection | State of license assignments for this user. Also indicates licenses that are directly assigned or the user inherited through group memberships. Read-only. Returned only on $select. |
| String | The SMTP address for the user, for example, [email protected]. Changes to this property update the user's proxyAddresses collection to include the value as an SMTP address. This property can't contain accent characters. NOTE: We don't recommend updating this property for Azure AD B2C user profiles. Use the otherMails property instead. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith, and eq on null values). |
|
| mailboxSettings | mailboxSettings | Settings for the primary mailbox of the signed-in user. You can get or update settings for sending automatic replies to incoming messages, locale, and time zone. Returned only on $select. |
| mailNickname | String | The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| mobilePhone | String | The primary cellular telephone number for the user. Read-only for users synced from the on-premises directory. Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) and $search. |
| mySite | String | The URL for the user's site. Returned only on $select. |
| officeLocation | String | The office location in the user's place of business. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| onPremisesDistinguishedName | String | Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. |
| onPremisesDomainName | String | Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. |
| onPremisesExtensionAttributes | onPremisesExtensionAttributes | Contains extensionAttributes1-15 for the user. These extension attributes are also known as Exchange custom attributes 1-15. Each attribute can store up to 1024 characters. false), these properties can be set during the creation or update of a user object. Returned only on $select. Supports $filter (eq, ne, not, in). |
| onPremisesImmutableId | String | This property is used to associate an on-premises Active Directory user account to their Microsoft Entra user object. This property must be specified when creating a new user account in the Graph if you're using a federated domain for the user's userPrincipalName (UPN) property. NOTE: The $ and _ characters can't be used when specifying this property. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). |
| onPremisesLastSyncDateTime | DateTimeOffset | Indicates the last time at which the object was synced with the on-premises directory; for example: 2013-02-16T03:04:54Z. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in). |
| onPremisesProvisioningErrors | onPremisesProvisioningError collection | Errors when using Microsoft synchronization product during provisioning. Returned only on $select. Supports $filter (eq, not, ge, le). |
| onPremisesSamAccountName | String | Contains the on-premises samAccountName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). |
| onPremisesSecurityIdentifier | String | Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. Read-only. Returned only on $select. Supports $filter (eq including on null values). |
| onPremisesSyncEnabled | Boolean | true if this user object is currently being synced from an on-premises Active Directory (AD); otherwise the user isn't being synced and can be managed in Microsoft Entra ID. Read-only. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). |
| onPremisesUserPrincipalName | String | Contains the on-premises userPrincipalName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). |
| otherMails | String collection | A list of other email addresses for the user; for example: ["[email protected]", "[email protected]"]. Can store up to 250 values, each with a limit of 250 characters. NOTE: This property can't contain accent characters. Returned only on $select. Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, /$count ne 0). |
| passwordPolicies | String | Specifies password policies for the user. This value is an enumeration with one possible value being DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration can also be specified. The two might be specified together; for example: DisablePasswordExpiration, DisableStrongPassword. Returned only on $select. For more information on the default password policies, see Microsoft Entra password policies. Supports $filter (ne, not, and eq on null values). |
| passwordProfile | passwordProfile | Specifies the password profile for the user. The profile contains the user's password. This property is required when a user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies property. By default, a strong password is required. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). To update this property: |
| pastProjects | String collection | A list for the user to enumerate their past projects. Returned only on $select. |
| postalCode | String | The postal code for the user's postal address. The postal code is specific to the user's country or region. In the United States of America, this attribute contains the ZIP code. Maximum length is 40 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| preferredDataLocation | String | The preferred data location for the user. For more information, see OneDrive Online Multi-Geo. |
| preferredLanguage | String | The preferred language for the user. The preferred language format is based on RFC 4646. The name is a combination of an ISO 639 two-letter lowercase culture code associated with the language, and an ISO 3166 two-letter uppercase subculture code associated with the country or region. Example: "en-US", or "es-ES". Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) |
| preferredName | String | The preferred name for the user. Not Supported. This attribute returns an empty string. Returned only on $select. |
| provisionedPlans | provisionedPlan collection | The plans that are provisioned for the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le). |
| proxyAddresses | String collection | For example: "SMTP: [email protected]", "smtp: [email protected]"]. Changes to the mail property update this collection to include the value as an SMTP address. For more information, see [mail and proxyAddresses properties. The proxy address prefixed with SMTP (capitalized) is the primary proxy address, while those addresses prefixed with smtp are the secondary proxy addresses. For Azure AD B2C accounts, this property has a limit of 10 unique addresses. Read-only in Microsoft Graph; you can update this property only through the Microsoft 365 admin center. Not nullable. Returned only on $select. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). |
| refreshTokensValidFromDateTime | DateTimeOffset | Any refresh tokens or session tokens (session cookies) issued before this time are invalid. Applications get an error when using an invalid refresh or session token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application needs to acquire a new refresh token by requesting the authorized endpoint. Returned only on $select. Read-only. |
| responsibilities | String collection | A list for the user to enumerate their responsibilities. Returned only on $select. |
| serviceProvisioningErrors | serviceProvisioningError collection | Errors published by a federated service describing a nontransient, service-specific error regarding the properties or link from a user object. Supports $filter (eq, not, for isResolved and serviceInstance). |
| schools | String collection | A list for the user to enumerate the schools they attended. Returned only on $select. |
| securityIdentifier | String | Security identifier (SID) of the user, used in Windows scenarios. Read-only. Returned by default. Supports $select and $filter (eq, not, ge, le, startsWith). |
| showInAddressList | Boolean | Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead. Represents whether the user should be included in the Outlook global address list. See Known issue. |
| signInActivity | signInActivity | Get the last signed-in date and request ID of the sign-in for a given user. Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le) but not with any other filterable properties. Note: |
| signInSessionsValidFromDateTime | DateTimeOffset | Any refresh tokens or session tokens (session cookies) issued before this time are invalid. Applications get an error when using an invalid refresh or session token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application needs to acquire a new refresh token by requesting the authorized endpoint. Read-only. Use revokeSignInSessions to reset. Returned only on $select. |
| skills | String collection | A list for the user to enumerate their skills. Returned only on $select. |
| state | String | The state or province in the user's address. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| streetAddress | String | The street address of the user's place of business. Maximum length is 1,024 characters. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| surname | String | The user's surname (family name or last name). Maximum length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| usageLocation | String | A two-letter country code (ISO standard 3166). Required for users that are assigned licenses due to legal requirements to check for availability of services in countries/regions. Examples include: US, JP, and GB. Not nullable. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). |
| userPrincipalName | String | The user principal name (UPN) of the user. The UPN is an Internet-style sign-in name for the user based on the Internet standard RFC 822. By convention, this value should map to the user's email name. The general format is alias@domain, where the domain must be present in the tenant's collection of verified domains. This property is required when a user is created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization. NOTE: This property can't contain accent characters. Only the following characters are allowed A - Z, a - z, 0 - 9, ' . - _ ! # ^ ~. For the complete list of allowed characters, see username policies. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith) and $orderby. |
| userType | String | A string value that can be used to classify user types in your directory. The possible values are Member and Guest. Returned only on $select. Supports $filter (eq, ne, not, in, and eq on null values). **N |
Graph reference: userAccountInformation
| Property | Type | Description |
|---|---|---|
| ageGroup | String | Shows the age group of user. Allowed values null, minor, notAdult and adult are generated by the directory and can't be changed. |
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| countryCode | String | Contains the two-character country code associated with the users' account. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| preferredLanguageTag | localeInfo | Contains the language the user has associated as preferred for the account. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| userPrincipalName | String | The user principal name (UPN) of the user associated with the account. |
Graph reference: userSettings
| Property | Type | Description |
|---|---|---|
| contributionToContentDiscoveryAsOrganizationDisabled | Boolean | Reflects the organization level setting controlling delegate access to the trending API. When set to true, the organization doesn't have access to Office Delve. The relevancy of the content displayed in Microsoft 365, for example in Suggested sites in SharePoint Home and the Discover view in OneDrive for work or school is affected for the whole organization. This setting is read-only and can only be changed by administrators in the SharePoint admin center. |
| contributionToContentDiscoveryDisabled | Boolean | When set to true, the delegate access to the user's trending API is disabled. When set to true, documents in the user's Office Delve are disabled. When set to true, the relevancy of the content displayed in Microsoft 365, for example in Suggested sites in SharePoint Home and the Discover view in OneDrive for work or school is affected. Users can control this setting in Office Delve. |
| id | String | Unique identifier of the user setting. Read-only. Inherited from entity. |
| windows | windowsSetting collection | The Windows settings of the user stored in the cloud. |
Graph reference: virtualEventTownhall
| Property | Type | Description |
|---|---|---|
| audience | meetingAudience | The audience to whom the town hall is visible. Possible values are: everyone, organization, and unknownFutureValue. |
| coOrganizers | communicationsUserIdentity collection | Identity information of the coorganizers of the town hall. |
| createdBy | communicationsIdentitySet | Identity information of the creator of the town hall. Inherited from virtualEvent. Read-only. |
| description | itemBody | Description of the town hall. Inherited from virtualEvent. |
| displayName | String | Display name of the town hall. Inherited from virtualEvent. |
| endDateTime | dateTimeTimeZone | Date and time when the town hall ends. The timeZone property can be set to any of the time zones currently supported by Windows. For details on how to get all available time zones using PowerShell, see Get-TimeZone. Inherited from virtualEvent. |
| externalEventInformation | virtualEventExternalInformation collection | The external information of a town hall. Returned only for event organizers or coorganizers; otherwise, null. |
| id | String | Unique identifier of the town hall. Inherited from entity. Read-only. |
| invitedAttendees | identity collection | The attendees invited to the town hall. The supported identities are: communicationsUserIdentity and communicationsGuestIdentity. |
| isInviteOnly | Boolean | Indicates whether the town hall is only open to invited people and groups within your organization. The isInviteOnly property can only be true if the value of the audience property is set to organization. |
| settings | virtualEventSettings | The virtual event settings. |
| startDateTime | dateTimeTimeZone | Date and time when the town hall starts. The timeZone property can be set to any of the time zones currently supported by Windows. For details on how to get all available time zones using PowerShell, see Get-TimeZone. Inherited from virtualEvent. |
| status | virtualEventStatus | Status of the town hall. Possible values are: draft, published, canceled, and unknownFutureValue. Inherited from virtualEvent. |
Graph reference: virtualEventWebinar
| Property | Type | Description |
|---|---|---|
| audience | meetingAudience | To whom the webinar is visible. Possible values are: everyone, organization, and unknownFutureValue. |
| coOrganizers | communicationsUserIdentity collection | Identity information of coorganizers of the webinar. |
| createdBy | communicationsIdentitySet | Identity information for the creator of the webinar. Inherited from virtualEvent. |
| description | itemBody | Description of the webinar. Inherited from virtualEvent. |
| displayName | String | Display name of the webinar. Inherited from virtualEvent. |
| endDateTime | dateTimeTimeZone | End time of the webinar. The timeZone property can be set to any of the time zones currently supported by Windows. For details on how to get all available time zones using PowerShell, see Get-TimeZone. |
| externalEventInformation | virtualEventExternalInformation collection | The external information of a webinar. Returned only for event organizers or coorganizers; otherwise, null. |
| startDateTime | dateTimeTimeZone | Start time of the webinar. The timeZone property can be set to any of the time zones currently supported by Windows. For details on how to get all available time zones using PowerShell, see Get-TimeZone. |
| id | String | Unique identifier of the webinar. Inherited from entity. |
| settings | virtualEventSettings | The webinar settings. Inherited from virtualEvent. |
| status | virtualEventStatus | Status of the webinar. Possible values are: draft, published, canceled, and unknownFutureValue. Inherited from virtualEvent. |
Graph reference: webAccount
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| description | String | Contains the description the user has provided for the account on the service being referenced. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| service | serviceInformation | Contains basic detail about the service that is being associated. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
| statusMessage | String | Contains a status message from the cloud service if provided or synchronized. |
| userId | String | The user name displayed for the webaccount. |
| webUrl | String | Contains a link to the user's profile on the cloud service if one exists. |
Graph reference: workPosition
| Property | Type | Description |
|---|---|---|
| allowedAudiences | String | The audiences that are able to see the values contained within the entity. Inherited from itemFacet. Possible values are: me, family, contacts, groupMembers, organization, federatedOrganizations, everyone, unknownFutureValue. |
| categories | String collection | Categories that the user has associated with this position. |
| colleagues | relatedPerson collection | Colleagues that are associated with this position. |
| createdBy | identitySet | Provides the identifier of the user and/or application that created the entity. Inherited from itemFacet. |
| createdDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| detail | positionDetail | Contains detailed information about the position. |
| id | String | Identifier used for individually addressing the entity. Inherited from entity |
| inference | inferenceData | Contains inference detail if the entity is inferred by the creating or modifying application. Inherited from itemFacet. |
| isCurrent | Boolean | Denotes whether or not the position is current. |
| lastModifiedBy | identitySet | Provides the identifier of the user and/or application that last modified the entity. Inherited from itemFacet. |
| lastModifiedDateTime | DateTimeOffset | Provides the dateTimeOffset for when the entity was created. Inherited from itemFacet. |
| manager | relatedPerson | Contains detail of the user's manager in this position. |
| source | personDataSource | Where the values originated if synced from another service. Inherited from itemFacet. |
Graph reference: yomiPersonName
| Property | Type | Description |
|---|---|---|
| displayName | String | Composite of first and last name pronunciation guides. |
| first | String | Pronunciation guide for the first name of the user. |
| last | String | Pronunciation guide for the last name of the user. |
| maiden | String | Pronunciation guide for the maiden name of the user. |
| middle | String | Pronunciation guide for the middle name of the user. |