Update secureScoreControlProfile

Namespace: microsoft.graph

Update an editable secureScoreControlProfile object within any integrated solution to change various properties, such as assignedTo or tenantNote.

This API is available in the following national cloud deployments.

Global service	US Government L4	US Government L5 (DOD)	China operated by 21Vianet
✅	✅	✅	❌

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

Permission type	Least privileged permissions	Higher privileged permissions
Delegated (work or school account)	SecurityEvents.ReadWrite.All	Not available.
Delegated (personal Microsoft account)	Not supported.	Not supported.
Application	SecurityEvents.ReadWrite.All	Not available.

HTTP request

PATCH /security/secureScoreControlProfiles/{id}

Request headers

Name	Description
Authorization	Bearer {code}. Required.
Prefer	return=representation.

Request body

In the request body, supply a JSON representation of the values for relevant fields that should be updated. The body must contain the vendorInformation property with valid provider and vendor fields. The following table lists the fields that can be updated for a secureScoreControlProfile. The values for existing properties that are not included in the request body will not change. For best performance, don't include existing values that haven't changed.

Property	Type	Description
assignedTo	String	Name of the analyst the control is assigned to for triage, implementation, or remediation.
comment	String	Analyst comments on the control (for customer control management).
state	String	Analyst driven setting on the control. Possible values are: Default, Ignored, ThirdParty, Reviewed.
vendorInformation	securityVendorInformation	Complex type containing details about the security product/service vendor, provider, and subprovider (for example, vendor=Microsoft; provider=SecureScore;). Provider and vendor fields are required.

Response

If successful, this method returns a 204 No Content response code.

If the optional request header is used, the method returns a 200 OK response code and the updated secureScoreControlProfiles object in the response body.

Example

Example 1: Request without Prefer header

Request

The following example shows a request.

HTTP

PATCH https://graph.microsoft.com/v1.0/security/secureScoreControlProfiles/NonOwnerAccess
Content-type: application/json

{
  "assignedTo": "",
  "comment": "control is reviewed",
  "state": "Reviewed",
  "vendorInformation": {

    "provider": "SecureScore",
    "providerVersion": null,
    "subProvider": null,
    "vendor": "Microsoft"
  }
}

C#

// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Models;

var requestBody = new SecureScoreControlProfile
{
	VendorInformation = new SecurityVendorInformation
	{
		Provider = "SecureScore",
		ProviderVersion = null,
		SubProvider = null,
		Vendor = "Microsoft",
	},
	AdditionalData = new Dictionary<string, object>
	{
		{
			"assignedTo" , ""
		},
		{
			"comment" , "control is reviewed"
		},
		{
			"state" , "Reviewed"
		},
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Security.SecureScoreControlProfiles["{secureScoreControlProfile-id}"].PatchAsync(requestBody);

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

CLI

// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc security secure-score-control-profiles patch --secure-score-control-profile-id {secureScoreControlProfile-id} --body '{\
  "assignedTo": "",\
  "comment": "control is reviewed",\
  "state": "Reviewed",\
  "vendorInformation": {\
\
    "provider": "SecureScore",\
    "providerVersion": null,\
    "subProvider": null,\
    "vendor": "Microsoft"\
  }\
}\
'

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Go

import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewSecureScoreControlProfile()
vendorInformation := graphmodels.NewSecurityVendorInformation()
provider := "SecureScore"
vendorInformation.SetProvider(&provider) 
providerVersion := null
vendorInformation.SetProviderVersion(&providerVersion) 
subProvider := null
vendorInformation.SetSubProvider(&subProvider) 
vendor := "Microsoft"
vendorInformation.SetVendor(&vendor) 
requestBody.SetVendorInformation(vendorInformation)
additionalData := map[string]interface{}{
	"assignedTo" : "", 
	"comment" : "control is reviewed", 
	"state" : "Reviewed", 
}
requestBody.SetAdditionalData(additionalData)

secureScoreControlProfiles, err := graphClient.Security().SecureScoreControlProfiles().BySecureScoreControlProfileId("secureScoreControlProfile-id").Patch(context.Background(), requestBody, nil)

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Java

// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

SecureScoreControlProfile secureScoreControlProfile = new SecureScoreControlProfile();
SecurityVendorInformation vendorInformation = new SecurityVendorInformation();
vendorInformation.setProvider("SecureScore");
vendorInformation.setProviderVersion(null);
vendorInformation.setSubProvider(null);
vendorInformation.setVendor("Microsoft");
secureScoreControlProfile.setVendorInformation(vendorInformation);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("assignedTo", "");
additionalData.put("comment", "control is reviewed");
additionalData.put("state", "Reviewed");
secureScoreControlProfile.setAdditionalData(additionalData);
SecureScoreControlProfile result = graphClient.security().secureScoreControlProfiles().bySecureScoreControlProfileId("{secureScoreControlProfile-id}").patch(secureScoreControlProfile);

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const secureScoreControlProfile = {
  assignedTo: '',
  comment: 'control is reviewed',
  state: 'Reviewed',
  vendorInformation: {

    provider: 'SecureScore',
    providerVersion: null,
    subProvider: null,
    vendor: 'Microsoft'
  }
};

await client.api('/security/secureScoreControlProfiles/NonOwnerAccess')
	.update(secureScoreControlProfile);

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

PHP

<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\SecureScoreControlProfile;
use Microsoft\Graph\Generated\Models\SecurityVendorInformation;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new SecureScoreControlProfile();
$vendorInformation = new SecurityVendorInformation();
$vendorInformation->setProvider('SecureScore');
$vendorInformation->setProviderVersion(null);
$vendorInformation->setSubProvider(null);
$vendorInformation->setVendor('Microsoft');
$requestBody->setVendorInformation($vendorInformation);
$additionalData = [
	'assignedTo' => '',
	'comment' => 'control is reviewed',
	'state' => 'Reviewed',
];
$requestBody->setAdditionalData($additionalData);

$result = $graphServiceClient->security()->secureScoreControlProfiles()->bySecureScoreControlProfileId('secureScoreControlProfile-id')->patch($requestBody)->wait();

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

PowerShell

Import-Module Microsoft.Graph.Security

$params = @{
	assignedTo = ""
	comment = "control is reviewed"
	state = "Reviewed"
	vendorInformation = @{
		provider = "SecureScore"
		providerVersion = $null
		subProvider = $null
		vendor = "Microsoft"
	}
}

Update-MgSecuritySecureScoreControlProfile -SecureScoreControlProfileId $secureScoreControlProfileId -BodyParameter $params

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Python

from msgraph import GraphServiceClient
from msgraph.generated.models.secure_score_control_profile import SecureScoreControlProfile
from msgraph.generated.models.security_vendor_information import SecurityVendorInformation

graph_client = GraphServiceClient(credentials, scopes)

request_body = SecureScoreControlProfile(
	vendor_information = SecurityVendorInformation(
		provider = "SecureScore",
		provider_version = None,
		sub_provider = None,
		vendor = "Microsoft",
	),
	additional_data = {
			"assigned_to" : "",
			"comment" : "control is reviewed",
			"state" : "Reviewed",
	}
)

result = await graph_client.security.secure_score_control_profiles.by_secure_score_control_profile_id('secureScoreControlProfile-id').patch(request_body)

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Response

The following is an example of a successful response.

HTTP/1.1 204 No Content

Example 2: Request with Prefer header

Request

The following example shows a request that includes the Prefer request header.

HTTP

PATCH https://graph.microsoft.com/v1.0/security/secureScoreControlProfiles/NonOwnerAccess
Content-type: application/json

{
  "assignedTo": "",
  "comment": "control is reviewed",
  "state": "Reviewed",
  "vendorInformation": {
    "provider": "SecureScore",
    "providerVersion": null,
    "subProvider": null,
    "vendor": "Microsoft"
  }
}

C#

// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Models;

var requestBody = new SecureScoreControlProfile
{
	VendorInformation = new SecurityVendorInformation
	{
		Provider = "SecureScore",
		ProviderVersion = null,
		SubProvider = null,
		Vendor = "Microsoft",
	},
	AdditionalData = new Dictionary<string, object>
	{
		{
			"assignedTo" , ""
		},
		{
			"comment" , "control is reviewed"
		},
		{
			"state" , "Reviewed"
		},
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Security.SecureScoreControlProfiles["{secureScoreControlProfile-id}"].PatchAsync(requestBody);

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

CLI

// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc security secure-score-control-profiles patch --secure-score-control-profile-id {secureScoreControlProfile-id} --body '{\
  "assignedTo": "",\
  "comment": "control is reviewed",\
  "state": "Reviewed",\
  "vendorInformation": {\
    "provider": "SecureScore",\
    "providerVersion": null,\
    "subProvider": null,\
    "vendor": "Microsoft"\
  }\
}\
'

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Go

import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewSecureScoreControlProfile()
vendorInformation := graphmodels.NewSecurityVendorInformation()
provider := "SecureScore"
vendorInformation.SetProvider(&provider) 
providerVersion := null
vendorInformation.SetProviderVersion(&providerVersion) 
subProvider := null
vendorInformation.SetSubProvider(&subProvider) 
vendor := "Microsoft"
vendorInformation.SetVendor(&vendor) 
requestBody.SetVendorInformation(vendorInformation)
additionalData := map[string]interface{}{
	"assignedTo" : "", 
	"comment" : "control is reviewed", 
	"state" : "Reviewed", 
}
requestBody.SetAdditionalData(additionalData)

secureScoreControlProfiles, err := graphClient.Security().SecureScoreControlProfiles().BySecureScoreControlProfileId("secureScoreControlProfile-id").Patch(context.Background(), requestBody, nil)

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Java

// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

SecureScoreControlProfile secureScoreControlProfile = new SecureScoreControlProfile();
SecurityVendorInformation vendorInformation = new SecurityVendorInformation();
vendorInformation.setProvider("SecureScore");
vendorInformation.setProviderVersion(null);
vendorInformation.setSubProvider(null);
vendorInformation.setVendor("Microsoft");
secureScoreControlProfile.setVendorInformation(vendorInformation);
HashMap<String, Object> additionalData = new HashMap<String, Object>();
additionalData.put("assignedTo", "");
additionalData.put("comment", "control is reviewed");
additionalData.put("state", "Reviewed");
secureScoreControlProfile.setAdditionalData(additionalData);
SecureScoreControlProfile result = graphClient.security().secureScoreControlProfiles().bySecureScoreControlProfileId("{secureScoreControlProfile-id}").patch(secureScoreControlProfile);

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const secureScoreControlProfile = {
  assignedTo: '',
  comment: 'control is reviewed',
  state: 'Reviewed',
  vendorInformation: {
    provider: 'SecureScore',
    providerVersion: null,
    subProvider: null,
    vendor: 'Microsoft'
  }
};

await client.api('/security/secureScoreControlProfiles/NonOwnerAccess')
	.update(secureScoreControlProfile);

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

PHP

<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\SecureScoreControlProfile;
use Microsoft\Graph\Generated\Models\SecurityVendorInformation;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new SecureScoreControlProfile();
$vendorInformation = new SecurityVendorInformation();
$vendorInformation->setProvider('SecureScore');
$vendorInformation->setProviderVersion(null);
$vendorInformation->setSubProvider(null);
$vendorInformation->setVendor('Microsoft');
$requestBody->setVendorInformation($vendorInformation);
$additionalData = [
	'assignedTo' => '',
	'comment' => 'control is reviewed',
	'state' => 'Reviewed',
];
$requestBody->setAdditionalData($additionalData);

$result = $graphServiceClient->security()->secureScoreControlProfiles()->bySecureScoreControlProfileId('secureScoreControlProfile-id')->patch($requestBody)->wait();

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

PowerShell

Import-Module Microsoft.Graph.Security

$params = @{
	assignedTo = ""
	comment = "control is reviewed"
	state = "Reviewed"
	vendorInformation = @{
		provider = "SecureScore"
		providerVersion = $null
		subProvider = $null
		vendor = "Microsoft"
	}
}

Update-MgSecuritySecureScoreControlProfile -SecureScoreControlProfileId $secureScoreControlProfileId -BodyParameter $params

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Python

from msgraph import GraphServiceClient
from msgraph.generated.models.secure_score_control_profile import SecureScoreControlProfile
from msgraph.generated.models.security_vendor_information import SecurityVendorInformation

graph_client = GraphServiceClient(credentials, scopes)

request_body = SecureScoreControlProfile(
	vendor_information = SecurityVendorInformation(
		provider = "SecureScore",
		provider_version = None,
		sub_provider = None,
		vendor = "Microsoft",
	),
	additional_data = {
			"assigned_to" : "",
			"comment" : "control is reviewed",
			"state" : "Reviewed",
	}
)

result = await graph_client.security.secure_score_control_profiles.by_secure_score_control_profile_id('secureScoreControlProfile-id').patch(request_body)

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Response

The following is an example of the response when the optional Prefer: return=representation request header is used.

Note: The response object shown here might be shortened for readability.

HTTP/1.1 200 OK
Content-type: application/json

{
  "id": "NonOwnerAccess",
  "azureTenantId": "00000001-0001-0001-0001-000000000001c",
  "actionType": "Review",
  "actionUrl": "https://outlook.office365.com/NonOwnerAccessReport.aspx",
  "controlCategory": "Data",
  "title": "Review mailbox access by non-owners bi-weekly", 
  "deprecated": false,
  "implementationCost": "Low",
  "lastModifiedDateTime": null,
  "maxScore": 5.0,
  "rank": 25,
  "remediation": "Once you have opened the search tool, specify a date range and select access by <b>All non-owners</b> or <b>External users</b>",
  "remediationImpact": "This change will have no effect on your users",
  "service": "EXO",
  "threats": [
    "Account Breach",
    "Data Exfiltration",
    "Malicious Insider"
  ],
  "tier": "Core",
  "userImpact": "Low",
  "complianceInformation": [
    {
      "certificationName": "FedRAMP_Moderate",
      "certificationControls": [
        {
          "name": "AC-6(9)",
          "url": "",
        }
      ]
    }         
  ],
  "controlStateUpdates": [
    {
      "assignedTo": "",
      "comment": "control is reviewed",
      "state": "Reviewed",
      "updatedBy": "user1@contoso.com",
      "updatedDateTime": "2019-03-19T22:37:14.628799Z"
    }
  ],
  "vendorInformation": {
    "provider": "SecureScore",
    "providerVersion": null,
    "subProvider": null,
    "vendor": "Microsoft"
  }
}