conditionalAccessPolicy resource type

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported.

Represents an Azure Active Directory conditional access policy. Conditional access policies are custom rules that define an access scenario. For more information, see the Conditional access documentation.

Methods

Method Return Type Description
List conditionalAccessPolicies conditionalAccessPolicy collection Get all of the conditionalAccessPolicies objects in the organization.
Create conditionalAccessPolicy conditionalAccessPolicy Create a new conditionalAccessPolicy object.
Get conditionalAccessPolicy conditionalAccessPolicy Read properties and relationships of a conditionalAccessPolicy object.
Update conditionalAccessPolicy conditionalAccessPolicy Update a conditionalAccessPolicy object.
Delete conditionalAccessPolicy None Delete a conditionalAccessPolicy object.

Properties

Property Type Description
conditions conditionalAccessConditionSet Specifies the rules that must be met for the policy to apply. Required.
createdDateTime DateTimeOffset The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Readonly.
description String Not used.
displayName String Specifies a display name for the conditionalAccessPolicy object.
grantControls conditionalAccessGrantControls Specifies the grant controls that must be fulfilled to pass the policy.
id String Specifies the identifier of a conditionalAccessPolicy object. Read-only.
modifiedDateTime DateTimeOffset The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Readonly.
sessionControls conditionalAccessSessionControls Specifies the session controls that are enforced after sign-in.
state string Specifies the state of the conditionalAccessPolicy object. Possible values are: enabled, disabled. Required.

Relationships

None.

JSON representation

The following is a JSON representation of the resource.

{
  "conditions": {"@odata.type": "microsoft.graph.conditionalAccessConditionSet"},
  "createdDateTime": "String (timestamp)",
  "description": "String",
  "displayName": "String",
  "grantControls": {"@odata.type": "microsoft.graph.conditionalAccessGrantControls"},
  "id": "String (identifier)",
  "modifiedDateTime": "String (timestamp)",
  "sessionControls": {"@odata.type": "microsoft.graph.conditionalAccessSessionControls"},
  "state": "string"
}