APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
Permission type
Least privileged permissions
Higher privileged permissions
Delegated (work or school account)
SubjectRightsRequest.ReadWrite.All
Not available.
Delegated (personal Microsoft account)
Not supported.
Not supported.
Application
Not supported.
Not supported.
HTTP request
Caution
The subject rights request API under the /privacy node is deprecated and will stop returning data on March 30, 2025. Please use the new path under /security.
POST /security/subjectRightsRequests
POST /privacy/subjectRightsRequests
Collection of users that can collaborate on the request.
contentQuery
String
KQL based content query that should be used for search. This property is defined only for APIs accessed using the \security query path and not the \privacy query path.
Contains the properties for data subject for the request.
dataSubjectType
dataSubjectType
Data subject type. Possible values are: customer, currentEmployee, formerEmployee, prospectiveEmployee, student, teacher, faculty, other, unknownFutureValue.
description
String
Description for the request.
displayName
String
Name of the request.
externalId
String
The external ID for the request that is immutable after creation and is used for tracking the request for the external system. This property is defined only for APIs accessed using the \security query path and not the \privacy query path.
includeAllVersions
Boolean
Include all versions of the documents. By default, the current copies of the documents are returned. If SharePoint sites have versioning enabled, including all versions automatically includes the historical copies of the documents. This property is defined only for APIs accessed using the \security query path and not the \privacy query path.
includeAuthoredContent
Boolean
Include content authored by the data subject. This property is defined only for APIs accessed using the \security query path and not the \privacy query path.
internalDueDateTime
DateTimeOffset
Internal due date that is used for tracking the request completion.
The mailbox locations that should be searched. This property is defined only for APIs accessed using the \security query path and not the \privacy query path.
pauseAfterEstimate
Boolean
Pause the request after estimate has finished. By default, the data estimate runs and then pauses, allowing you to preview results and then select the option to retrieve data in the UI. You can set this property to false if you want it to perform the estimate and then automatically begin with the retrieval of the content. This property is defined only for APIs accessed using the \security query path and not the \privacy query path.
The SharePoint and OneDrive site locations that should be searched. This property is defined only for APIs accessed using the \security query path and not the \privacy query path.
type
subjectRightsRequestType
Type of the request. Possible values are: export, access, delete, tagForAction, unknownFutureValue.
Response
If successful, this method returns a 201 Created response code and a subjectRightsRequest object in the response body.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new SubjectRightsRequest
{
Type = SubjectRightsRequestType.Export,
ContentQuery = "((\"Diego Siciliani\" OR \"Diego.Siciliani@contoso.com\") OR (participants:\"Diego.Siciliani@contoso.com\"))",
DataSubjectType = DataSubjectType.Customer,
ExternalId = "F53BF2DA-607D-412A-B568-FAA0F023AC0B",
DisplayName = "Export report for customer Id: 12345",
Description = "This is a export request",
IncludeAllVersions = false,
IncludeAuthoredContent = true,
InternalDueDateTime = DateTimeOffset.Parse("2022-07-20T22:42:28Z"),
DataSubject = new DataSubject
{
FirstName = "Diego",
LastName = "Siciliani",
Email = "Diego.Siciliani@contoso.com",
Residency = "USA",
},
MailboxLocations = null,
PauseAfterEstimate = true,
Regulations = new List<string>
{
"CCPA",
},
SiteLocations = new SubjectRightsRequestAllSiteLocation
{
OdataType = "microsoft.graph.subjectRightsRequestAllSiteLocation",
},
Approvers = new List<User>
{
new User
{
Id = "1B761ED2-AA7E-4D82-9CF5-C09D737B6167",
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Privacy.SubjectRightsRequests.PostAsync(requestBody);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc-beta privacy subject-rights-requests create --body '{\
"type": "export",\
"contentQuery": "((\"Diego Siciliani\" OR \"Diego.Siciliani@contoso.com\") OR (participants:\"Diego.Siciliani@contoso.com\"))",\
"dataSubjectType": "customer",\
"externalId": "F53BF2DA-607D-412A-B568-FAA0F023AC0B",\
"displayName": "Export report for customer Id: 12345",\
"description": "This is a export request",\
"includeAllVersions": false,\
"includeAuthoredContent": true,\
"internalDueDateTime": "2022-07-20T22:42:28Z",\
"dataSubject": {\
"firstName": "Diego",\
"lastName": "Siciliani",\
"email": "Diego.Siciliani@contoso.com",\
"residency": "USA"\
},\
"mailboxLocations": null,\
"pauseAfterEstimate": true,\
"regulations": [\
"CCPA"\
],\
"siteLocations": {\
"@odata.type": "microsoft.graph.subjectRightsRequestAllSiteLocation"\
},\
"approvers" : [\
{\
"id": "1B761ED2-AA7E-4D82-9CF5-C09D737B6167"\
}\
]\
}\
'
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
SubjectRightsRequest subjectRightsRequest = new SubjectRightsRequest();
subjectRightsRequest.setType(SubjectRightsRequestType.Export);
subjectRightsRequest.setContentQuery("((\"Diego Siciliani\" OR \"Diego.Siciliani@contoso.com\") OR (participants:\"Diego.Siciliani@contoso.com\"))");
subjectRightsRequest.setDataSubjectType(DataSubjectType.Customer);
subjectRightsRequest.setExternalId("F53BF2DA-607D-412A-B568-FAA0F023AC0B");
subjectRightsRequest.setDisplayName("Export report for customer Id: 12345");
subjectRightsRequest.setDescription("This is a export request");
subjectRightsRequest.setIncludeAllVersions(false);
subjectRightsRequest.setIncludeAuthoredContent(true);
OffsetDateTime internalDueDateTime = OffsetDateTime.parse("2022-07-20T22:42:28Z");
subjectRightsRequest.setInternalDueDateTime(internalDueDateTime);
DataSubject dataSubject = new DataSubject();
dataSubject.setFirstName("Diego");
dataSubject.setLastName("Siciliani");
dataSubject.setEmail("Diego.Siciliani@contoso.com");
dataSubject.setResidency("USA");
subjectRightsRequest.setDataSubject(dataSubject);
subjectRightsRequest.setMailboxLocations(null);
subjectRightsRequest.setPauseAfterEstimate(true);
LinkedList<String> regulations = new LinkedList<String>();
regulations.add("CCPA");
subjectRightsRequest.setRegulations(regulations);
SubjectRightsRequestAllSiteLocation siteLocations = new SubjectRightsRequestAllSiteLocation();
siteLocations.setOdataType("microsoft.graph.subjectRightsRequestAllSiteLocation");
subjectRightsRequest.setSiteLocations(siteLocations);
LinkedList<User> approvers = new LinkedList<User>();
User user = new User();
user.setId("1B761ED2-AA7E-4D82-9CF5-C09D737B6167");
approvers.add(user);
subjectRightsRequest.setApprovers(approvers);
SubjectRightsRequest result = graphClient.privacy().subjectRightsRequests().post(subjectRightsRequest);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\SubjectRightsRequest;
use Microsoft\Graph\Generated\Models\DataSubject;
use Microsoft\Graph\Generated\Models\SubjectRightsRequestAllSiteLocation;
use Microsoft\Graph\Generated\Models\User;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new SubjectRightsRequest();
$requestBody->setType(new SubjectRightsRequestType('export'));
$requestBody->setContentQuery('((\"Diego Siciliani\" OR \"Diego.Siciliani@contoso.com\") OR (participants:\"Diego.Siciliani@contoso.com\"))');
$requestBody->setDataSubjectType(new DataSubjectType('customer'));
$requestBody->setExternalId('F53BF2DA-607D-412A-B568-FAA0F023AC0B');
$requestBody->setDisplayName('Export report for customer Id: 12345');
$requestBody->setDescription('This is a export request');
$requestBody->setIncludeAllVersions(false);
$requestBody->setIncludeAuthoredContent(true);
$requestBody->setInternalDueDateTime(new \DateTime('2022-07-20T22:42:28Z'));
$dataSubject = new DataSubject();
$dataSubject->setFirstName('Diego');
$dataSubject->setLastName('Siciliani');
$dataSubject->setEmail('Diego.Siciliani@contoso.com');
$dataSubject->setResidency('USA');
$requestBody->setDataSubject($dataSubject);
$requestBody->setMailboxLocations(null);
$requestBody->setPauseAfterEstimate(true);
$requestBody->setRegulations(['CCPA', ]);
$siteLocations = new SubjectRightsRequestAllSiteLocation();
$siteLocations->setOdataType('microsoft.graph.subjectRightsRequestAllSiteLocation');
$requestBody->setSiteLocations($siteLocations);
$approversUser1 = new User();
$approversUser1->setId('1B761ED2-AA7E-4D82-9CF5-C09D737B6167');
$approversArray []= $approversUser1;
$requestBody->setApprovers($approversArray);
$result = $graphServiceClient->privacy()->subjectRightsRequests()->post($requestBody)->wait();
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
from msgraph import GraphServiceClient
from msgraph.generated.models.subject_rights_request import SubjectRightsRequest
from msgraph.generated.models.data_subject import DataSubject
from msgraph.generated.models.subject_rights_request_all_site_location import SubjectRightsRequestAllSiteLocation
from msgraph.generated.models.user import User
graph_client = GraphServiceClient(credentials, scopes)
request_body = SubjectRightsRequest(
type = SubjectRightsRequestType.Export,
content_query = "((\"Diego Siciliani\" OR \"Diego.Siciliani@contoso.com\") OR (participants:\"Diego.Siciliani@contoso.com\"))",
data_subject_type = DataSubjectType.Customer,
external_id = "F53BF2DA-607D-412A-B568-FAA0F023AC0B",
display_name = "Export report for customer Id: 12345",
description = "This is a export request",
include_all_versions = False,
include_authored_content = True,
internal_due_date_time = "2022-07-20T22:42:28Z",
data_subject = DataSubject(
first_name = "Diego",
last_name = "Siciliani",
email = "Diego.Siciliani@contoso.com",
residency = "USA",
),
mailbox_locations = None,
pause_after_estimate = True,
regulations = [
"CCPA",
],
site_locations = SubjectRightsRequestAllSiteLocation(
odata_type = "microsoft.graph.subjectRightsRequestAllSiteLocation",
),
approvers = [
User(
id = "1B761ED2-AA7E-4D82-9CF5-C09D737B6167",
),
],
)
result = await graph_client.privacy.subject_rights_requests.post(request_body)
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.