Update tenantAppManagementPolicy

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Update the properties of a tenantAppManagementPolicy object.

Permissions

One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

Permission type Permissions (from least to most privileged)
Delegated (work or school account) Policy.ReadWrite.ApplicationConfiguration
Delegated (personal Microsoft account) Not supported.
Application Policy.ReadWrite.ApplicationConfiguration

HTTP request

PATCH /policies/defaultAppManagementPolicy

Request headers

Name Description
Authorization Bearer {token}. Required.
Content-Type application/json. Required.

Request body

In the request body, supply the values for relevant fields from the tenantAppManagementPolicy that should be updated. Existing properties that are not included in the request body will maintain their previous values. For best performance, do not include unchanged values in the request payload.

Property Type Description
displayName String The display name of the default policy. Inherited from policyBase.
description String The description of the default policy. Inherited from policyBase.
isEnabled Boolean Denotes if the policy is enabled. Default value is false.
applicationRestrictions appManagementConfiguration Restrictions that apply as default to all application objects in the tenant.
servicePrincipalRestrictions appManagementConfiguration Restrictions that apply as default to all service principal objects in the tenant.

Response

If successful, this method returns a 204 No Content response code. It does not return anything in the response body.

Examples

Request

The following is an example of the request.

PATCH https://graph.microsoft.com/beta/policies/defaultAppManagementPolicy
Content-Type: application/json

{
    "isEnabled": true,
    "applicationRestrictions": {
        "passwordCredentials": [
            {
                "restrictionType": "passwordAddition",
                "maxLifetime": null,
                "restrictForAppsCreatedAfterDateTime": "2021-04-01T10:37:00Z"
            },
            {
                "restrictionType": "passwordLifetime",
                "maxLifetime": "P4DT12H30M5S",
                "restrictForAppsCreatedAfterDateTime": "2019-01-01T10:37:00Z"
            },
            {
                "restrictionType": "symmetricKeyAddition",
                "maxLifetime": null,
                "restrictForAppsCreatedAfterDateTime": "2021-04-01T10:37:00Z"
            },
            {
                "restrictionType": "symmetricKeyLifetime",
                "maxLifetime": "P40D",
                "restrictForAppsCreatedAfterDateTime": "2015-04-01T10:37:00Z"
            }
        ],
        "keyCredentials":[
            {
                "restrictionType": "asymmetricKeyLifetime",
                "maxLifetime": "P30D",
                "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
            },
        ]
    }
}

Response

The following is an example of the response.

HTTP/1.1 204 No Content