Update iosManagedAppProtection
Namespace: microsoft.graph
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Update the properties of a iosManagedAppProtection object.
Prerequisites
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permission type | Permissions (from most to least privileged) |
---|---|
Delegated (work or school account) | DeviceManagementApps.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. |
Application | DeviceManagementApps.ReadWrite.All |
HTTP Request
PATCH /deviceAppManagement/iosManagedAppProtections/{iosManagedAppProtectionId}
Request headers
Header | Value |
---|---|
Authorization | Bearer <token> Required. |
Accept | application/json |
Request body
In the request body, supply a JSON representation for the iosManagedAppProtection object.
The following table shows the properties that are required when you create the iosManagedAppProtection.
Property | Type | Description |
---|---|---|
displayName | String | Policy display name. Inherited from managedAppPolicy |
description | String | The policy's description. Inherited from managedAppPolicy |
createdDateTime | DateTimeOffset | The date and time the policy was created. Inherited from managedAppPolicy |
lastModifiedDateTime | DateTimeOffset | Last time the policy was modified. Inherited from managedAppPolicy |
id | String | Key of the entity. Inherited from managedAppPolicy |
version | String | Version of the entity. Inherited from managedAppPolicy |
periodOfflineBeforeAccessCheck | Duration | The period after which access is checked when the device is not connected to the internet. Inherited from managedAppProtection |
periodOnlineBeforeAccessCheck | Duration | The period after which access is checked when the device is connected to the internet. Inherited from managedAppProtection |
allowedInboundDataTransferSources | managedAppDataTransferLevel | Sources from which data is allowed to be transferred. Inherited from managedAppProtection. Possible values are: allApps , managedApps , none . |
allowedOutboundDataTransferDestinations | managedAppDataTransferLevel | Destinations to which data is allowed to be transferred. Inherited from managedAppProtection. Possible values are: allApps , managedApps , none . |
organizationalCredentialsRequired | Boolean | Indicates whether organizational credentials are required for app use. Inherited from managedAppProtection |
allowedOutboundClipboardSharingLevel | managedAppClipboardSharingLevel | The level to which the clipboard may be shared between apps on the managed device. Inherited from managedAppProtection. Possible values are: allApps , managedAppsWithPasteIn , managedApps , blocked . |
dataBackupBlocked | Boolean | Indicates whether the backup of a managed app's data is blocked. Inherited from managedAppProtection |
deviceComplianceRequired | Boolean | Indicates whether device compliance is required. Inherited from managedAppProtection |
managedBrowserToOpenLinksRequired | Boolean | Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android) Inherited from managedAppProtection |
saveAsBlocked | Boolean | Indicates whether users may use the "Save As" menu item to save a copy of protected files. Inherited from managedAppProtection |
periodOfflineBeforeWipeIsEnforced | Duration | The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped. Inherited from managedAppProtection |
pinRequired | Boolean | Indicates whether an app-level pin is required. Inherited from managedAppProtection |
maximumPinRetries | Int32 | Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped. Inherited from managedAppProtection |
simplePinBlocked | Boolean | Indicates whether simplePin is blocked. Inherited from managedAppProtection |
minimumPinLength | Int32 | Minimum pin length required for an app-level pin if PinRequired is set to True Inherited from managedAppProtection |
pinCharacterSet | managedAppPinCharacterSet | Character set which may be used for an app-level pin if PinRequired is set to True. Inherited from managedAppProtection. Possible values are: numeric , alphanumericAndSymbol . |
periodBeforePinReset | Duration | TimePeriod before the all-level pin must be reset if PinRequired is set to True. Inherited from managedAppProtection |
allowedDataStorageLocations | managedAppDataStorageLocation collection | Data storage locations where a user may store managed data. Inherited from managedAppProtection. Possible values are: oneDriveForBusiness , sharePoint , localStorage . |
contactSyncBlocked | Boolean | Indicates whether contacts can be synced to the user's device. Inherited from managedAppProtection |
printBlocked | Boolean | Indicates whether printing is allowed from managed apps. Inherited from managedAppProtection |
fingerprintBlocked | Boolean | Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True. Inherited from managedAppProtection |
disableAppPinIfDevicePinIsSet | Boolean | Indicates whether use of the app pin is required if the device pin is set. Inherited from managedAppProtection |
minimumRequiredOsVersion | String | Versions less than the specified version will block the managed app from accessing company data. Inherited from managedAppProtection |
minimumWarningOsVersion | String | Versions less than the specified version will result in warning message on the managed app from accessing company data. Inherited from managedAppProtection |
minimumRequiredAppVersion | String | Versions less than the specified version will block the managed app from accessing company data. Inherited from managedAppProtection |
minimumWarningAppVersion | String | Versions less than the specified version will result in warning message on the managed app. Inherited from managedAppProtection |
managedBrowser | managedBrowserType | Indicates in which managed browser(s) that internet links should be opened. When this property is configured, ManagedBrowserToOpenLinksRequired should be true. Inherited from managedAppProtection. Possible values are: notConfigured , microsoftEdge . |
isAssigned | Boolean | Indicates if the policy is deployed to any inclusion groups or not. Inherited from targetedManagedAppProtection |
appDataEncryptionType | managedAppDataEncryptionType | Type of encryption which should be used for data in a managed app. Possible values are: useDeviceSettings , afterDeviceRestart , whenDeviceLockedExceptOpenFiles , whenDeviceLocked . |
minimumRequiredSdkVersion | String | Versions less than the specified version will block the managed app from accessing company data. |
deployedAppCount | Int32 | Count of apps to which the current policy is deployed. |
faceIdBlocked | Boolean | Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. |
customBrowserProtocol | String | A custom browser protocol to open weblink on iOS. When this property is configured, ManagedBrowserToOpenLinksRequired should be true. |
Response
If successful, this method returns a 200 OK
response code and an updated iosManagedAppProtection object in the response body.
Example
Request
Here is an example of the request.
PATCH https://graph.microsoft.com/v1.0/deviceAppManagement/iosManagedAppProtections/{iosManagedAppProtectionId}
Content-type: application/json
Content-length: 1667
{
"@odata.type": "#microsoft.graph.iosManagedAppProtection",
"displayName": "Display Name value",
"description": "Description value",
"version": "Version value",
"periodOfflineBeforeAccessCheck": "-PT17.1357909S",
"periodOnlineBeforeAccessCheck": "PT35.0018757S",
"allowedInboundDataTransferSources": "managedApps",
"allowedOutboundDataTransferDestinations": "managedApps",
"organizationalCredentialsRequired": true,
"allowedOutboundClipboardSharingLevel": "managedAppsWithPasteIn",
"dataBackupBlocked": true,
"deviceComplianceRequired": true,
"managedBrowserToOpenLinksRequired": true,
"saveAsBlocked": true,
"periodOfflineBeforeWipeIsEnforced": "-PT3M22.1587532S",
"pinRequired": true,
"maximumPinRetries": 1,
"simplePinBlocked": true,
"minimumPinLength": 0,
"pinCharacterSet": "alphanumericAndSymbol",
"periodBeforePinReset": "PT3M29.6631862S",
"allowedDataStorageLocations": [
"sharePoint"
],
"contactSyncBlocked": true,
"printBlocked": true,
"fingerprintBlocked": true,
"disableAppPinIfDevicePinIsSet": true,
"minimumRequiredOsVersion": "Minimum Required Os Version value",
"minimumWarningOsVersion": "Minimum Warning Os Version value",
"minimumRequiredAppVersion": "Minimum Required App Version value",
"minimumWarningAppVersion": "Minimum Warning App Version value",
"managedBrowser": "microsoftEdge",
"isAssigned": true,
"appDataEncryptionType": "afterDeviceRestart",
"minimumRequiredSdkVersion": "Minimum Required Sdk Version value",
"deployedAppCount": 0,
"faceIdBlocked": true,
"customBrowserProtocol": "Custom Browser Protocol value"
}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1839
{
"@odata.type": "#microsoft.graph.iosManagedAppProtection",
"displayName": "Display Name value",
"description": "Description value",
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"id": "5bc789cb-89cb-5bc7-cb89-c75bcb89c75b",
"version": "Version value",
"periodOfflineBeforeAccessCheck": "-PT17.1357909S",
"periodOnlineBeforeAccessCheck": "PT35.0018757S",
"allowedInboundDataTransferSources": "managedApps",
"allowedOutboundDataTransferDestinations": "managedApps",
"organizationalCredentialsRequired": true,
"allowedOutboundClipboardSharingLevel": "managedAppsWithPasteIn",
"dataBackupBlocked": true,
"deviceComplianceRequired": true,
"managedBrowserToOpenLinksRequired": true,
"saveAsBlocked": true,
"periodOfflineBeforeWipeIsEnforced": "-PT3M22.1587532S",
"pinRequired": true,
"maximumPinRetries": 1,
"simplePinBlocked": true,
"minimumPinLength": 0,
"pinCharacterSet": "alphanumericAndSymbol",
"periodBeforePinReset": "PT3M29.6631862S",
"allowedDataStorageLocations": [
"sharePoint"
],
"contactSyncBlocked": true,
"printBlocked": true,
"fingerprintBlocked": true,
"disableAppPinIfDevicePinIsSet": true,
"minimumRequiredOsVersion": "Minimum Required Os Version value",
"minimumWarningOsVersion": "Minimum Warning Os Version value",
"minimumRequiredAppVersion": "Minimum Required App Version value",
"minimumWarningAppVersion": "Minimum Warning App Version value",
"managedBrowser": "microsoftEdge",
"isAssigned": true,
"appDataEncryptionType": "afterDeviceRestart",
"minimumRequiredSdkVersion": "Minimum Required Sdk Version value",
"deployedAppCount": 0,
"faceIdBlocked": true,
"customBrowserProtocol": "Custom Browser Protocol value"
}