Create macOSDeviceFeaturesConfiguration
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Create a new macOSDeviceFeaturesConfiguration object.
This API is available in the following national cloud deployments.
| Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | DeviceManagementConfiguration.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
| Application | DeviceManagementConfiguration.ReadWrite.All |
HTTP Request
POST /deviceManagement/deviceConfigurations
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
Request headers
| Header | Value |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
| Accept | application/json |
Request body
In the request body, supply a JSON representation for the macOSDeviceFeaturesConfiguration object.
The following table shows the properties that are required when you create the macOSDeviceFeaturesConfiguration.
| Property | Type | Description |
|---|---|---|
| id | String | Key of the entity. Inherited from deviceConfiguration |
| lastModifiedDateTime | DateTimeOffset | DateTime the object was last modified. Inherited from deviceConfiguration |
| roleScopeTagIds | String collection | List of Scope Tags for this Entity instance. Inherited from deviceConfiguration |
| supportsScopeTags | Boolean | Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsEdition | deviceManagementApplicabilityRuleOsEdition | The OS edition applicability for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsVersion | deviceManagementApplicabilityRuleOsVersion | The OS version applicability rule for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleDeviceMode | deviceManagementApplicabilityRuleDeviceMode | The device mode applicability rule for this Policy. Inherited from deviceConfiguration |
| createdDateTime | DateTimeOffset | DateTime the object was created. Inherited from deviceConfiguration |
| description | String | Admin provided description of the Device Configuration. Inherited from deviceConfiguration |
| displayName | String | Admin provided name of the device configuration. Inherited from deviceConfiguration |
| version | Int32 | Version of the device configuration. Inherited from deviceConfiguration |
| airPrintDestinations | airPrintDestination collection | An array of AirPrint printers that should always be shown. This collection can contain a maximum of 500 elements. Inherited from appleDeviceFeaturesConfigurationBase |
| autoLaunchItems | macOSLaunchItem collection | List of applications, files, folders, and other items to launch when the user logs in. This collection can contain a maximum of 500 elements. |
| adminShowHostInfo | Boolean | Whether to show admin host information on the login window. |
| loginWindowText | String | Custom text to be displayed on the login window. |
| authorizedUsersListHidden | Boolean | Whether to show the name and password dialog or a list of users on the login window. |
| authorizedUsersListHideLocalUsers | Boolean | Whether to show only network and system users in the authorized users list on the login window. |
| authorizedUsersListHideMobileAccounts | Boolean | Whether to hide mobile users in the authorized users list on the login window. |
| authorizedUsersListIncludeNetworkUsers | Boolean | Whether to show network users in the authorized users list on the login window. |
| authorizedUsersListHideAdminUsers | Boolean | Whether to hide admin users in the authorized users list on the login window. |
| authorizedUsersListShowOtherManagedUsers | Boolean | Whether to show other users in the authorized users list on the login window. |
| shutDownDisabled | Boolean | Whether to hide the Shut Down button item on the login window. |
| restartDisabled | Boolean | Whether to hide the Restart button item on the login window. |
| sleepDisabled | Boolean | Whether to hide the Sleep menu item on the login window. |
| consoleAccessDisabled | Boolean | Whether the Other user will disregard use of the console special user name. |
| shutDownDisabledWhileLoggedIn | Boolean | Whether the Shut Down menu item on the login window will be disabled while the user is logged in. |
| restartDisabledWhileLoggedIn | Boolean | Whether the Restart menu item on the login window will be disabled while the user is logged in. |
| powerOffDisabledWhileLoggedIn | Boolean | Whether the Power Off menu item on the login window will be disabled while the user is logged in. |
| logOutDisabledWhileLoggedIn | Boolean | Whether the Log Out menu item on the login window will be disabled while the user is logged in. |
| screenLockDisableImmediate | Boolean | Whether to disable the immediate screen lock functions. |
| associatedDomains | keyValuePair collection | DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements. |
| appAssociatedDomains | macOSAssociatedDomainsItem collection | Gets or sets a list that maps apps to their associated domains. Application identifiers must be unique. This collection can contain a maximum of 500 elements. |
| singleSignOnExtension | singleSignOnExtension | Gets or sets a single sign-on extension profile. Deprecated: use MacOSSingleSignOnExtension instead. |
| macOSSingleSignOnExtension | macOSSingleSignOnExtension | Gets or sets a single sign-on extension profile. |
| contentCachingEnabled | Boolean | Enables content caching and prevents it from being disabled by the user. |
| contentCachingType | macOSContentCachingType | Determines what type of content is allowed to be cached by Apple's content caching service. Possible values are: notConfigured, userContentOnly, sharedContentOnly. |
| contentCachingMaxSizeBytes | Int64 | The maximum number of bytes of disk space that will be used for the content cache. A value of 0 (default) indicates unlimited disk space. |
| contentCachingDataPath | String | The path to the directory used to store cached content. The value must be (or end with) /Library/Application Support/Apple/AssetCache/Data |
| contentCachingDisableConnectionSharing | Boolean | Disables internet connection sharing. |
| contentCachingForceConnectionSharing | Boolean | Forces internet connection sharing. contentCachingDisableConnectionSharing overrides this setting. |
| contentCachingClientPolicy | macOSContentCachingClientPolicy | Determines the method in which content caching servers will listen for clients. Possible values are: notConfigured, clientsInLocalNetwork, clientsWithSamePublicIpAddress, clientsInCustomLocalNetworks, clientsInCustomLocalNetworksWithFallback. |
| contentCachingClientListenRanges | ipRange collection | A list of custom IP ranges content caches will use to listen for clients. This collection can contain a maximum of 500 elements. |
| contentCachingPeerPolicy | macOSContentCachingPeerPolicy | Determines the method in which content caches peer with other caches. Possible values are: notConfigured, peersInLocalNetwork, peersWithSamePublicIpAddress, peersInCustomLocalNetworks. |
| contentCachingPeerListenRanges | ipRange collection | A list of custom IP ranges content caches will use to listen for peer caches. This collection can contain a maximum of 500 elements. |
| contentCachingPeerFilterRanges | ipRange collection | A list of custom IP ranges content caches will use to query for content from peers caches. This collection can contain a maximum of 500 elements. |
| contentCachingParentSelectionPolicy | macOSContentCachingParentSelectionPolicy | Determines the method in which content caching servers will select parents if multiple are present. Possible values are: notConfigured, roundRobin, firstAvailable, urlPathHash, random, stickyAvailable. |
| contentCachingParents | String collection | A list of IP addresses representing parent content caches. |
| contentCachingLogClientIdentities | Boolean | Enables logging of IP addresses and ports of clients that request cached content. |
| contentCachingPublicRanges | ipRange collection | A list of custom IP ranges that Apple's content caching service should use to match clients to content caches. This collection can contain a maximum of 500 elements. |
| contentCachingBlockDeletion | Boolean | Prevents content caches from purging content to free up disk space for other apps. |
| contentCachingShowAlerts | Boolean | Display content caching alerts as system notifications. |
| contentCachingKeepAwake | Boolean | Prevent the device from sleeping if content caching is enabled. |
| contentCachingPort | Int32 | Sets the port used for content caching. If the value is 0, a random available port will be selected. Valid values 0 to 65535 |
Response
If successful, this method returns a 201 Created response code and a macOSDeviceFeaturesConfiguration object in the response body.
Example
Request
Here is an example of the request.
POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
Content-type: application/json
Content-length: 6089
{
"@odata.type": "#microsoft.graph.macOSDeviceFeaturesConfiguration",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"windows10EnterpriseN"
],
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "Min OSVersion value",
"maxOSVersion": "Max OSVersion value",
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "sModeConfiguration",
"name": "Name value",
"ruleType": "exclude"
},
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"airPrintDestinations": [
{
"@odata.type": "microsoft.graph.airPrintDestination",
"ipAddress": "Ip Address value",
"resourcePath": "Resource Path value",
"port": 4,
"forceTls": true
}
],
"autoLaunchItems": [
{
"@odata.type": "microsoft.graph.macOSLaunchItem",
"path": "Path value",
"hide": true
}
],
"adminShowHostInfo": true,
"loginWindowText": "Login Window Text value",
"authorizedUsersListHidden": true,
"authorizedUsersListHideLocalUsers": true,
"authorizedUsersListHideMobileAccounts": true,
"authorizedUsersListIncludeNetworkUsers": true,
"authorizedUsersListHideAdminUsers": true,
"authorizedUsersListShowOtherManagedUsers": true,
"shutDownDisabled": true,
"restartDisabled": true,
"sleepDisabled": true,
"consoleAccessDisabled": true,
"shutDownDisabledWhileLoggedIn": true,
"restartDisabledWhileLoggedIn": true,
"powerOffDisabledWhileLoggedIn": true,
"logOutDisabledWhileLoggedIn": true,
"screenLockDisableImmediate": true,
"associatedDomains": [
{
"@odata.type": "microsoft.graph.keyValuePair",
"name": "Name value",
"value": "Value value"
}
],
"appAssociatedDomains": [
{
"@odata.type": "microsoft.graph.macOSAssociatedDomainsItem",
"applicationIdentifier": "Application Identifier value",
"domains": [
"Domains value"
],
"directDownloadsEnabled": true
}
],
"singleSignOnExtension": {
"@odata.type": "microsoft.graph.credentialSingleSignOnExtension",
"extensionIdentifier": "Extension Identifier value",
"teamIdentifier": "Team Identifier value",
"domains": [
"Domains value"
],
"realm": "Realm value",
"configurations": [
{
"@odata.type": "microsoft.graph.keyStringValuePair",
"key": "Key value",
"value": "Value value"
}
]
},
"macOSSingleSignOnExtension": {
"@odata.type": "microsoft.graph.macOSKerberosSingleSignOnExtension",
"realm": "Realm value",
"domains": [
"Domains value"
],
"blockAutomaticLogin": true,
"cacheName": "Cache Name value",
"credentialBundleIdAccessControlList": [
"Credential Bundle Id Access Control List value"
],
"domainRealms": [
"Domain Realms value"
],
"isDefaultRealm": true,
"passwordBlockModification": true,
"passwordExpirationDays": 6,
"passwordExpirationNotificationDays": 2,
"userPrincipalName": "User Principal Name value",
"passwordRequireActiveDirectoryComplexity": true,
"passwordPreviousPasswordBlockCount": 2,
"passwordMinimumLength": 5,
"passwordMinimumAgeDays": 6,
"passwordRequirementsDescription": "Password Requirements Description value",
"requireUserPresence": true,
"activeDirectorySiteCode": "Active Directory Site Code value",
"passwordEnableLocalSync": true,
"blockActiveDirectorySiteAutoDiscovery": true,
"passwordChangeUrl": "https://example.com/passwordChangeUrl/",
"modeCredentialUsed": "Mode Credential Used value",
"usernameLabelCustom": "Username Label Custom value",
"userSetupDelayed": true,
"signInHelpText": "Sign In Help Text value",
"kerberosAppsInBundleIdACLIncluded": true,
"managedAppsInBundleIdACLIncluded": true,
"credentialsCacheMonitored": true,
"preferredKDCs": [
"Preferred KDCs value"
],
"tlsForLDAPRequired": true
},
"contentCachingEnabled": true,
"contentCachingType": "userContentOnly",
"contentCachingMaxSizeBytes": 10,
"contentCachingDataPath": "Content Caching Data Path value",
"contentCachingDisableConnectionSharing": true,
"contentCachingForceConnectionSharing": true,
"contentCachingClientPolicy": "clientsInLocalNetwork",
"contentCachingClientListenRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingPeerPolicy": "peersInLocalNetwork",
"contentCachingPeerListenRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingPeerFilterRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingParentSelectionPolicy": "roundRobin",
"contentCachingParents": [
"Content Caching Parents value"
],
"contentCachingLogClientIdentities": true,
"contentCachingPublicRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingBlockDeletion": true,
"contentCachingShowAlerts": true,
"contentCachingKeepAwake": true,
"contentCachingPort": 2
}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 6261
{
"@odata.type": "#microsoft.graph.macOSDeviceFeaturesConfiguration",
"id": "49fa957d-957d-49fa-7d95-fa497d95fa49",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"windows10EnterpriseN"
],
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "Min OSVersion value",
"maxOSVersion": "Max OSVersion value",
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "sModeConfiguration",
"name": "Name value",
"ruleType": "exclude"
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"airPrintDestinations": [
{
"@odata.type": "microsoft.graph.airPrintDestination",
"ipAddress": "Ip Address value",
"resourcePath": "Resource Path value",
"port": 4,
"forceTls": true
}
],
"autoLaunchItems": [
{
"@odata.type": "microsoft.graph.macOSLaunchItem",
"path": "Path value",
"hide": true
}
],
"adminShowHostInfo": true,
"loginWindowText": "Login Window Text value",
"authorizedUsersListHidden": true,
"authorizedUsersListHideLocalUsers": true,
"authorizedUsersListHideMobileAccounts": true,
"authorizedUsersListIncludeNetworkUsers": true,
"authorizedUsersListHideAdminUsers": true,
"authorizedUsersListShowOtherManagedUsers": true,
"shutDownDisabled": true,
"restartDisabled": true,
"sleepDisabled": true,
"consoleAccessDisabled": true,
"shutDownDisabledWhileLoggedIn": true,
"restartDisabledWhileLoggedIn": true,
"powerOffDisabledWhileLoggedIn": true,
"logOutDisabledWhileLoggedIn": true,
"screenLockDisableImmediate": true,
"associatedDomains": [
{
"@odata.type": "microsoft.graph.keyValuePair",
"name": "Name value",
"value": "Value value"
}
],
"appAssociatedDomains": [
{
"@odata.type": "microsoft.graph.macOSAssociatedDomainsItem",
"applicationIdentifier": "Application Identifier value",
"domains": [
"Domains value"
],
"directDownloadsEnabled": true
}
],
"singleSignOnExtension": {
"@odata.type": "microsoft.graph.credentialSingleSignOnExtension",
"extensionIdentifier": "Extension Identifier value",
"teamIdentifier": "Team Identifier value",
"domains": [
"Domains value"
],
"realm": "Realm value",
"configurations": [
{
"@odata.type": "microsoft.graph.keyStringValuePair",
"key": "Key value",
"value": "Value value"
}
]
},
"macOSSingleSignOnExtension": {
"@odata.type": "microsoft.graph.macOSKerberosSingleSignOnExtension",
"realm": "Realm value",
"domains": [
"Domains value"
],
"blockAutomaticLogin": true,
"cacheName": "Cache Name value",
"credentialBundleIdAccessControlList": [
"Credential Bundle Id Access Control List value"
],
"domainRealms": [
"Domain Realms value"
],
"isDefaultRealm": true,
"passwordBlockModification": true,
"passwordExpirationDays": 6,
"passwordExpirationNotificationDays": 2,
"userPrincipalName": "User Principal Name value",
"passwordRequireActiveDirectoryComplexity": true,
"passwordPreviousPasswordBlockCount": 2,
"passwordMinimumLength": 5,
"passwordMinimumAgeDays": 6,
"passwordRequirementsDescription": "Password Requirements Description value",
"requireUserPresence": true,
"activeDirectorySiteCode": "Active Directory Site Code value",
"passwordEnableLocalSync": true,
"blockActiveDirectorySiteAutoDiscovery": true,
"passwordChangeUrl": "https://example.com/passwordChangeUrl/",
"modeCredentialUsed": "Mode Credential Used value",
"usernameLabelCustom": "Username Label Custom value",
"userSetupDelayed": true,
"signInHelpText": "Sign In Help Text value",
"kerberosAppsInBundleIdACLIncluded": true,
"managedAppsInBundleIdACLIncluded": true,
"credentialsCacheMonitored": true,
"preferredKDCs": [
"Preferred KDCs value"
],
"tlsForLDAPRequired": true
},
"contentCachingEnabled": true,
"contentCachingType": "userContentOnly",
"contentCachingMaxSizeBytes": 10,
"contentCachingDataPath": "Content Caching Data Path value",
"contentCachingDisableConnectionSharing": true,
"contentCachingForceConnectionSharing": true,
"contentCachingClientPolicy": "clientsInLocalNetwork",
"contentCachingClientListenRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingPeerPolicy": "peersInLocalNetwork",
"contentCachingPeerListenRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingPeerFilterRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingParentSelectionPolicy": "roundRobin",
"contentCachingParents": [
"Content Caching Parents value"
],
"contentCachingLogClientIdentities": true,
"contentCachingPublicRanges": [
{
"@odata.type": "microsoft.graph.iPv6Range",
"lowerAddress": "Lower Address value",
"upperAddress": "Upper Address value"
}
],
"contentCachingBlockDeletion": true,
"contentCachingShowAlerts": true,
"contentCachingKeepAwake": true,
"contentCachingPort": 2
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for