Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
Permission type
Least privileged permissions
Higher privileged permissions
Delegated (work or school account)
CustomSecAttributeDefinition.ReadWrite.All
Not available.
Delegated (personal Microsoft account)
Not supported.
Not supported.
Application
CustomSecAttributeDefinition.ReadWrite.All
Not available.
The signed-in user must also be assigned at least the Attribute Definition Administratordirectory role. By default, Global Administrator and other administrator roles don't have permissions to read, define, or assign custom security attributes.
4.01. Required only when updating the predefined values for a custom security attribute.
Request body
In the request body, supply only the values for properties that should be updated. Existing properties that aren't included in the request body maintains their previous values or be recalculated based on changes to other property values.
The following table specifies the properties that can be updated.
Property
Type
Description
description
String
Description of the custom security attribute. Can be up to 128 characters long and include Unicode characters. Optional.
status
String
Specifies whether the custom security attribute is active or deactivated. Acceptable values are Available and Deprecated. Optional.
usePreDefinedValuesOnly
Boolean
Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can be changed from true to false, but cannot be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly cannot be set to true. Optional.
Response
If successful, this method returns a 204 No Content response code.
Examples
Example 1: Update a custom security attribute
The following example updates the description for a custom security attribute definition.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new CustomSecurityAttributeDefinition
{
Description = "Target completion date (YYYY/MM/DD)",
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.CustomSecurityAttributeDefinitions["{customSecurityAttributeDefinition-id}"].PatchAsync(requestBody);
// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc directory custom-security-attribute-definitions patch --custom-security-attribute-definition-id {customSecurityAttributeDefinition-id} --body '{\
"description": "Target completion date (YYYY/MM/DD)",\
}\
'
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CustomSecurityAttributeDefinition customSecurityAttributeDefinition = new CustomSecurityAttributeDefinition();
customSecurityAttributeDefinition.setDescription("Target completion date (YYYY/MM/DD)");
CustomSecurityAttributeDefinition result = graphClient.directory().customSecurityAttributeDefinitions().byCustomSecurityAttributeDefinitionId("{customSecurityAttributeDefinition-id}").patch(customSecurityAttributeDefinition);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\CustomSecurityAttributeDefinition;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CustomSecurityAttributeDefinition();
$requestBody->setDescription('Target completion date (YYYY/MM/DD)');
$result = $graphServiceClient->directory()->customSecurityAttributeDefinitions()->byCustomSecurityAttributeDefinitionId('customSecurityAttributeDefinition-id')->patch($requestBody)->wait();
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new CustomSecurityAttributeDefinition
{
AdditionalData = new Dictionary<string, object>
{
{
"allowedValues@delta" , new List<object>
{
new
{
Id = "Baker",
IsActive = false,
},
new
{
Id = "Skagit",
IsActive = true,
},
}
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.CustomSecurityAttributeDefinitions["{customSecurityAttributeDefinition-id}"].PatchAsync(requestBody, (requestConfiguration) =>
{
requestConfiguration.Headers.Add("OData-Version", "4.01");
});
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CustomSecurityAttributeDefinition customSecurityAttributeDefinition = new CustomSecurityAttributeDefinition();
HashMap<String, Object> additionalData = new HashMap<String, Object>();
LinkedList<Object> allowedValuesDelta = new LinkedList<Object>();
property = new ();
property.setId("Baker");
property.setIsActive(false);
allowedValuesDelta.add(property);
property1 = new ();
property1.setId("Skagit");
property1.setIsActive(true);
allowedValuesDelta.add(property1);
additionalData.put("allowedValues@delta", allowedValuesDelta);
customSecurityAttributeDefinition.setAdditionalData(additionalData);
CustomSecurityAttributeDefinition result = graphClient.directory().customSecurityAttributeDefinitions().byCustomSecurityAttributeDefinitionId("{customSecurityAttributeDefinition-id}").patch(customSecurityAttributeDefinition, requestConfiguration -> {
requestConfiguration.headers.add("OData-Version", "4.01");
});
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new CustomSecurityAttributeDefinition
{
Status = "Deprecated",
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.CustomSecurityAttributeDefinitions["{customSecurityAttributeDefinition-id}"].PatchAsync(requestBody);
// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc directory custom-security-attribute-definitions patch --custom-security-attribute-definition-id {customSecurityAttributeDefinition-id} --body '{\
"status": "Deprecated"\
}\
'
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CustomSecurityAttributeDefinition customSecurityAttributeDefinition = new CustomSecurityAttributeDefinition();
customSecurityAttributeDefinition.setStatus("Deprecated");
CustomSecurityAttributeDefinition result = graphClient.directory().customSecurityAttributeDefinitions().byCustomSecurityAttributeDefinitionId("{customSecurityAttributeDefinition-id}").patch(customSecurityAttributeDefinition);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\CustomSecurityAttributeDefinition;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CustomSecurityAttributeDefinition();
$requestBody->setStatus('Deprecated');
$result = $graphServiceClient->directory()->customSecurityAttributeDefinitions()->byCustomSecurityAttributeDefinitionId('customSecurityAttributeDefinition-id')->patch($requestBody)->wait();
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.