用户资源类型user resource type

表示 Azure AD 用户帐户。继承自 directoryObjectRepresents an Azure AD user account. Inherits from directoryObject.

该资源支持:This resource supports:

方法Methods

方法Method 返回类型Return Type 说明Description
List usersList users user 集合user collection 获取用户对象列表。Get a list of user objects.
Create userCreate user useruser 新建用户对象。Create a new user object.
Get userGet user useruser 读取 user 对象的属性和关系。Read properties and relationships of user object.
Update userUpdate user useruser 更新 user 对象。Update user object.
Delete userDelete user NoneNone 删除 user 对象。Delete user object.
List messagesList messages message 集合message collection 获取已登录用户的邮箱中的所有邮件。Get all the messages in the signed-in user's mailbox.
创建邮件Create message 邮件message 通过发布到邮件集合新建邮件。Create a new Message by posting to the messages collection.
List mailFoldersList mailFolders mailFolder 集合mailFolder collection 在已登录用户的根文件夹下获取邮件文件夹集合。Get the mail folder collection under the root folder of the signed-in user.
Create mailFolderCreate mailFolder mailFoldermailFolder 通过发布到 mailFolders 集合创建新 MailFolder。Create a new MailFolder by posting to the mailFolders collection.
sendMailsendMail NoneNone 发送请求正文中指定的邮件。Send the message specified in the request body.
List eventsList events event 集合event collection 获取用户邮箱中的 event 对象列表。该列表包含单个实例会议和系列主控形状。Get a list of event objects in the user's mailbox. The list contains single instance meetings and series masters.
Create eventCreate event 事件event 通过发布到事件集合创建新事件。Create a new Event by posting to the events collection.
List calendarsList calendars calendar 集合calendar collection 获取 Calendar 对象集合。Get a Calendar object collection.
Create calendarCreate calendar calendarcalendar 通过发布到日历集合创建新日历。Create a new Calendar by posting to the calendars collection.
List calendarGroupsList calendarGroups calendarGroup 集合calendarGroup collection 获取 CalendarGroup 对象集合。Get a CalendarGroup object collection.
Create calendarGroupCreate calendarGroup calendarGroupcalendarGroup 通过发布到 calendarGroups 集合新建 CalendarGroup。Create a new CalendarGroup by posting to the calendarGroups collection.
List calendarViewList calendarView event 集合event collection 获取 Event 对象集合。Get a Event object collection.
List contactsList contacts 联系人集合contact collection 从已登录用户的默认联系人文件夹中获取联系人集合。Get a contact collection from the default Contacts folder of the signed-in user.
创建联系人Create contact 联系人contact 通过发布到联系人集合新建联系人。Create a new Contact by posting to the contacts collection.
List contactFoldersList contactFolders ContactFolder 集合contactFolder collection 获取已登录用户的默认联系人文件夹中的联系人文件夹集合。Get the contact folder collection in the default Contacts folder of the signed-in user.
创建 contactFolderCreate contactFolder contactFoldercontactFolder 通过发布到 contactFolders 集合创建新 ContactFolder。Create a new ContactFolder by posting to the contactFolders collection.
List directReportsList directReports directoryObject collectiondirectoryObject collection 从 directReports 导航属性中获取向此用户报告的用户和联系人。Get the users and contacts that report to the user from the directReports navigation property.
List managerList manager directoryObjectdirectoryObject 从 manager 导航属性中获取是此用户的经理的用户或组织联系人。Get the user or contact that is this user's manager from the manager navigation property.
分配管理器Assign manager directoryObjectdirectoryObject 分配用户或组织联系人,作为该用户的经理。Assign a user or an organizational contact as this user's manager.
List memberOfList memberOf directoryObject collectiondirectoryObject collection 从 memberOf 导航属性中获取此用户是其直接成员的组和目录角色。Get the groups and directory roles that the user is a direct member of from the memberOf navigation property.
List transitive memberOfList transitive memberOf directoryObject collectiondirectoryObject collection 列出用户所属的组和目录角色。List the groups and directory roles that the user is a member of. 此操作是可传递的,并包括用户以嵌套方式所属的组。This operation is transitive and includes the groups that the user is a nested member of.
List ownedDevicesList ownedDevices directoryObject collectiondirectoryObject collection 从 ownedDevices 导航属性中获取此用户所拥有的设备。Get the devices that are owned by the user from the ownedDevices navigation property.
List ownedObjectsList ownedObjects directoryObject collectiondirectoryObject collection 从 ownedObjects 导航属性中获取此用户所拥有的目录对象。Get the directory objects that are owned by the user from the ownedObjects navigation property.
List registeredDevicesList registeredDevices directoryObject collectiondirectoryObject collection 从 registeredDevices 导航属性中获取为此用户注册的设备。Get the devices that are retistered for the user from the registeredDevices navigation property.
List createdObjectsList createdObjects directoryObject collectiondirectoryObject collection 从 createdObjects 导航属性中获取此用户创建的目录对象。Get the directory objects created by the user from the createdObjects navigation property.
assignLicenseassignLicense useruser 为用户添加或删除订阅。还可以启用和禁用与订阅相关的特定计划。Add or remove subscriptions for the user. You can also enable and disable specific plans associated with a subscription.
List licenseDetailsList licenseDetails licenseDetails 集合licenseDetails collection 获取 licenseDetails 对象集合。Get a licenseDetails object collection.
checkMemberGroupscheckMemberGroups String collectionString collection 检查组列表中的成员身份。检查是可传递的。Check for membership in a list of groups. The check is transitive.
deltadelta 用户集合user collection 获取用户的增量更改。Get incremental changes for users.
getMemberGroupsgetMemberGroups String collectionString collection 返回用户是其成员的所有组。检查是可传递的。Return all the groups that the user is a member of. The check is transitive.
getMemberObjectsgetMemberObjects String collectionString collection 返回用户所属的所有组和目录角色。检查是可传递的。Return all of the groups and directory roles that the user is a member of. The check is transitive.
reminderViewreminderView Reminder collectionReminder collection 返回指定开始时间和结束时间范围内的日历提醒列表。Return a list of calendar reminders within the start and end times specified.
revokeSignInSessionsrevokeSignInSessions None 通过将 signInSessionsValidFromDateTime 用户属性重置为当前的日期时间来吊销向应用程序发出的用户的所有刷新和会话令牌。Revokes all the user's refresh and session tokens issued to applications, by resetting the signInSessionsValidFromDateTime user property to the current date-time. 这将强制用户再次登录到这些应用程序。This forces the user to sign in to those applications again.
translateExchangeIdstranslateExchangeIds convertIdResult 集合convertIdResult collection 对与 Outlook 相关的资源的标识符进行格式转换。Translate identifiers of Outlook-related resources between formats.
开放扩展Open extensions
创建开放扩展Create open extension openTypeExtensionopenTypeExtension 创建开放扩展,并将自定义属性添加到新资源或现有资源。Create an open extension and add custom properties to a new or existing resource.
获取开放扩展Get open extension openTypeExtension 集合openTypeExtension collection 获取扩展名称标识的开放扩展。Get an open extension identified by the extension name.
架构扩展Schema extensions
添加架构扩展值Add schema extension values 创建架构扩展定义,然后使用它向资源添加自定义键入数据。Create a schema extension definition and then use it to add custom typed data to a resource.

属性Properties

属性Property 类型Type 说明Description
aboutMeaboutMe StringString 任意形式的文本输入字段,用于介绍用户自身。A freeform text entry field for the user to describe themselves.
accountEnabledaccountEnabled BooleanBoolean 启用帐户时为 true,否则为 false。创建用户时此属性是必需的。支持 $filter。true if the account is enabled; otherwise, false. This property is required when a user is created. Supports $filter.
ageGroupageGroup StringString 设置用户的年龄组。Sets the age group of the user. 允许的值:nullminornotAdultadultAllowed values: null, minor, notAdult and adult. 请参阅法定年龄组属性定义以了解详细信息。Refer to the legal age group property definitions for further information.
assignedLicensesassignedLicenses assignedLicense collectionassignedLicense collection 分配给该用户的许可证。不可为 null。The licenses that are assigned to the user. Not nullable.
assignedPlansassignedPlans assignedPlan collectionassignedPlan collection 分配给该用户的计划。只读。不可为 null。The plans that are assigned to the user. Read-only. Not nullable.
birthdaybirthday DateTimeOffsetDateTimeOffset 用户的生日。时间戳类型表示使用 ISO 8601 格式的日期和时间信息,并且始终处于 UTC 时间。例如,2014 年 1 月 1 日午夜 UTC 如下所示:'2014-01-01T00:00:00Z'The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'
businessPhonesbusinessPhones String collectionString collection 用户的电话号码。注意:虽然这是字符串集合,但是只能为该属性设置一个号码。The telephone numbers for the user. NOTE: Although this is a string collection, only one number can be set for this property.
城市city StringString 用户所在的城市。支持 $filter。The city in which the user is located. Supports $filter.
companyNamecompanyName StringString 与用户关联的公司名称。The company name which the user is associated. 此属性可用于描述外部用户所属的公司。This property can be useful for describing the company that an external user comes from.
consentProvidedForMinorconsentProvidedForMinor StringString 设置是否已获得未成年人的同意。Sets whether consent has been obtained for minors. 允许的值:nullgranteddeniednotRequiredAllowed values: null, granted, denied and notRequired. 请参阅法定年龄组属性定义以了解详细信息。Refer to the legal age group property definitions for further information.
countrycountry StringString 用户所在的国家/地区;例如,“美国”或“英国”。支持 $filter。The country/region in which the user is located; for example, “US” or “UK”. Supports $filter.
createdDateTimecreatedDateTime DateTimeOffsetDateTimeOffset 用户对象的创建日期。The created date of the user object.
departmentdepartment StringString 用户工作部门的名称。支持 $filter。The name for the department in which the user works. Supports $filter.
displayNamedisplayName StringString 用户通讯簿中显示的名称。这通常是用户名字、中间名首字母和姓氏的组合。此属性在创建用户时是必需的,并且在更新过程中不能清除。支持 $filter 和 $orderby。The name displayed in the address book for the user. This is usually the combination of the user's first name, middle initial and last name. This property is required when a user is created and it cannot be cleared during updates. Supports $filter and $orderby.
employeeIdemployeeId StringString 由组织分配给该用户的员工标识符。The employee identifier assigned to the user by the organization. 支持 $filter。Supports $filter.
faxNumberfaxNumber StringString 用户的传真号。The fax number of the user.
givenNamegivenName StringString 用户的名。支持 $filter。The given name (first name) of the user. Supports $filter.
hireDatehireDate DateTimeOffsetDateTimeOffset 用户的雇佣日期。时间戳类型表示使用 ISO 8601 格式的日期和时间信息,并且始终处于 UTC 时间。例如,2014 年 1 月 1 日午夜 UTC 如下所示:'2014-01-01T00:00:00Z'The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'
idid StringString 用户的唯一标识符。继承自 directoryObject。键。不可为 null。只读。The unique identifier for the user. Inherited from directoryObject. Key. Not nullable. Read-only.
imAddressesimAddresses String collectionString collection 用户的即时消息 IP 语音 (VOIP) 会话初始协议 (SIP) 地址。只读。The instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only.
interestsinterests String collectionString collection 用户介绍自身兴趣的列表。A list for the user to describe their interests.
isResourceAccountisResourceAccount BooleanBoolean 如果用户是资源帐户,则为 true,否则为 falsetrue if the user is a resource account; otherwise, false. Null 值应视为 falseNull value should be considered false.
jobTitlejobTitle StringString 用户的职务。支持 $filter。The user’s job title. Supports $filter.
lastPasswordChangeDateTimelastPasswordChangeDateTime DateTimeOffsetDateTimeOffset 此 Azure AD 用户上次更改其密码的时间。The time when this Azure AD user last changed their password. 日期和时间信息采用 ISO 8601 格式,并且始终处于 UTC 时间。The timestamp represents date and time information using ISO 8601 format and is always in UTC time. 例如,2014 年 1 月 1 日午夜 (UTC) 如下所示:“2014-01-01T00:00:00Z”For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'.
legalAgeGroupClassificationlegalAgeGroupClassification StringString 由企业应用程序用于确定用户的法定年龄组。Used by enterprise applications to determine the legal age group of the user. 此属性为只读状态,基于 ageGroupconsentProvidedForMinor 属性计算得出。This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. 允许的值:nullminorWithOutParentalConsentminorWithParentalConsentminorNoParentalConsentRequirednotAdultadultAllowed values: null, minorWithOutParentalConsent, minorWithParentalConsent, minorNoParentalConsentRequired, notAdult and adult. 请参阅法定年龄组属性定义以了解详细信息。Refer to the legal age group property definitions for further information.)
licenseAssignmentStateslicenseAssignmentStates licenseAssignmentState 集合licenseAssignmentState collection 此用户的许可证分配状态。State of license assignments for this user. 只读。Read-only.
mailmail StringString 用户的 SMTP 地址,例如,“jeff@contoso.onmicrosoft.com”。只读。支持 $filter。The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com". Read-Only. Supports $filter.
mailboxSettingsmailboxSettings mailboxSettingsmailboxSettings 已登录用户的主邮箱的设置。可以获取更新用于向传入邮件发送自动答复、区域设置和时区的设置。Settings for the primary mailbox of the signed-in user. You can get or update settings for sending automatic replies to incoming messages, locale and time zone.
mailNicknamemailNickname StringString 用户的邮件别名。创建用户时必须指定此属性。支持 $filter。The mail alias for the user. This property must be specified when a user is created. Supports $filter.
mobilePhonemobilePhone StringString 用户的主要移动电话号码。The primary cellular telephone number for the user.
mySitemySite StringString 用户个人网站的 URL。The URL for the user's personal site.
officeLocationofficeLocation StringString 用户公司地点的办公室位置。The office location in the user's place of business.
onPremisesDistinguishedNameonPremisesDistinguishedName StringString 包含本地 Active Directory distinguished nameDNContains the on-premises Active Directory distinguished name or DN. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
onPremisesDomainNameonPremisesDomainName StringString 包含从本地目录同步的本地 domainFQDN(也称为 dnsDomainName)。Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
onPremisesExtensionAttributesonPremisesExtensionAttributes onPremisesExtensionAttributesonPremisesExtensionAttributes 包含用户的 extensionAttributes 1-15。Contains extensionAttributes 1-15 for the user. 请注意,单个扩展属性既不可选择,也不可筛选。Note that the individual extension attributes are neither selectable nor filterable. 对于 onPremisesSyncEnabled 用户,此属性集是在本地主控的,并且为只读。For an onPremisesSyncEnabled user, this set of properties is mastered on-premises and is read-only. 对于只使用云的用户(其中 onPremisesSyncEnabled 为 false),可以在创建或更新期间设置这些属性。For a cloud-only user (where onPremisesSyncEnabled is false), these properties may be set during creation or update.
onPremisesImmutableIdonPremisesImmutableId StringString 此属性用于将本地 Active Directory 用户帐户关联到他们的 Azure AD 用户对象。This property is used to associate an on-premises Active Directory user account to their Azure AD user object. 如果对用户的 userPrincipalName (UPN) 属性使用联盟域,必须在创建新用户帐户时指定此属性。This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user’s userPrincipalName (UPN) property. 重要说明: 指定此属性时不能使用 $_ 字符。Important: The $ and _ characters cannot be used when specifying this property. 支持 $filter。Supports $filter.
onPremisesLastSyncDateTimeonPremisesLastSyncDateTime DateTimeOffsetDateTimeOffset 表示上一次对象与本地目录同步的时间;例如:“2013-02-16T03:04:54Z”。时间戳类型表示使用 ISO 8601 格式的日期和时间信息,并且始终处于 UTC 时间。例如,2014 年 1 月 1 日午夜 UTC 如下所示:'2014-01-01T00:00:00Z'。只读。Indicates the last time at which the object was synced with the on-premises directory; for example: "2013-02-16T03:04:54Z". The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Read-only.
onPremisesProvisioningErrorsonPremisesProvisioningErrors onPremisesProvisioningError 集合onPremisesProvisioningError collection 在预配期间使用 Microsoft 同步产品时发生的错误。Errors when using Microsoft synchronization product during provisioning.
onPremisesSamAccountNameonPremisesSamAccountName StringString 包含从本地目录同步的本地 samAccountNameContains the on-premises samAccountName synchronized from the on-premises directory. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
onPremisesSecurityIdentifieronPremisesSecurityIdentifier StringString 包含从本地同步到云的用户的本地安全标识符 (SID)。只读。Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. Read-only.
onPremisesSyncEnabledonPremisesSyncEnabled BooleanBoolean 如果此对象从本地目录同步,则为 true;如果此对象最初从本地目录同步,但以后不再同步,则为 false;如果此对象从未从本地目录同步,则为 null(默认值)。只读true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory (default). Read-only
onPremisesUserPrincipalNameonPremisesUserPrincipalName StringString 包含从本地目录同步的本地 userPrincipalNameContains the on-premises userPrincipalName synchronized from the on-premises directory. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
otherMailsotherMails StringString 用户的其他电子邮件地址列表;例如:["bob@contoso.com", "Robert@fabrikam.com"]A list of additional email addresses for the user; for example: ["bob@contoso.com", "Robert@fabrikam.com"]. 支持 $filter。Supports $filter.
passwordPoliciespasswordPolicies StringString 指定用户的密码策略。此值是一个枚举,具有一个可能值“DisableStrongPassword”,允许指定比默认策略弱的密码。还可以指定“DisablePasswordExpiration”。可以同时指定这两个策略;例如:“DisablePasswordExpiration、DisableStrongPassword”。Specifies password policies for the user. This value is an enumeration with one possible value being “DisableStrongPassword”, which allows weaker passwords than the default policy to be specified. “DisablePasswordExpiration” can also be specified. The two may be specified together; for example: "DisablePasswordExpiration, DisableStrongPassword".
passwordProfilepasswordProfile passwordProfilepasswordProfile 指定用户的密码配置文件。配置文件包含用户的密码。创建用户时此属性是必需的。配置文件中的密码必须满足 passwordPolicies 属性指定的最低要求。默认情况下,必须使用强密码。Specifies the password profile for the user. The profile contains the user’s password. This property is required when a user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies property. By default, a strong password is required.
pastProjectspastProjects String collectionString collection 供用户枚举其过去项目的列表。A list for the user to enumerate their past projects.
postalCodepostalCode StringString 用户邮政地址的邮政编码。邮政编码特定于用户所在的国家/地区。在美国,此属性包含邮政编码。The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredDataLocationpreferredDataLocation StringString 用户的首选数据位置。The preferred data location for the user. 有关详细信息,请参阅 OneDrive Online 多地理位置For more information, see OneDrive Online Multi-Geo.
preferredLanguagepreferredLanguage StringString 用户的首选语言。应遵循 ISO 639-1 代码;例如“EN-US”。The preferred language for the user. Should follow ISO 639-1 Code; for example "en-US".
preferredNamepreferredName StringString 用户的首选名称。The preferred name for the user.
provisionedPlansprovisionedPlans provisionedPlan 集合provisionedPlan collection 为用户设置的计划。只读。不可为 null。The plans that are provisioned for the user. Read-only. Not nullable.
proxyAddressesproxyAddresses String collectionString collection 例如:["SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com"] 需要多值属性筛选器表达式的 any 运算符。只读,不可为 Null。支持 $filter。For example: ["SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com"] The any operator is required for filter expressions on multi-valued properties. Read-only, Not nullable. Supports $filter.
responsibilitiesresponsibilities String collectionString collection 供用户枚举其职责的列表。A list for the user to enumerate their responsibilities.
schoolsschools String collectionString collection 供用户枚举其学习过的学校列表。A list for the user to enumerate the schools they have attended.
showInAddressListshowInAddressList BooleanBoolean 如果 Outlook 全局地址列表应包含此用户,则值为 true,否则为 falsetrue if the Outlook global address list should contain this user, otherwise false. 如果未设置,则将其视为 trueIf not set, this will be treated as true. 对于通过邀请管理器邀请的用户,此属性将设置为 falseFor users invited through the invitation manager, this property will be set to false.
skillsskills String collectionString collection 供用户枚举其技能的列表。A list for the user to enumerate their skills.
signInSessionsValidFromDateTimesignInSessionsValidFromDateTime DateTimeOffsetDateTimeOffset 在此时间之前发出的任何刷新令牌或会话令牌(会话 Cookie)都是无效的,并且当使用无效的刷新令牌或会话令牌获取委托的访问令牌(用于访问 Microsoft Graph 等 API)时,应用程序将收到错误。Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). 如果发生这种情况,应用程序将需要通过向授权端点发出请求来获取新的刷新令牌。If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. 此为只读属性。Read-only. 使用 revokeSignInSessions 进行重置。Use revokeSignInSessions to reset.
statestate StringString 用户地址中的省/市/自治区或省。支持 $filter。The state or province in the user's address. Supports $filter.
streetAddressstreetAddress StringString 用户公司地点的街道地址。The street address of the user's place of business.
surnamesurname StringString 用户的姓氏。支持 $filter。The user's surname (family name or last name). Supports $filter.
usageLocationusageLocation StringString 两个字母的国家/地区代码(ISO 标准 3166)。为检查服务在国家/地区的可用性,这对根据法律要求将分配许可证的用户而言是必需的。示例包括:“US”、“JP”和“GB”。不可为 null。支持 $filter。A two letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: "US", "JP", and "GB". Not nullable. Supports $filter.
userPrincipalNameuserPrincipalName StringString 用户的用户主体名称 (UPN)。UPN 是用户基于 Internet 标准 RFC 822 的 Internet 式登录名。按照惯例,此名称应映射到用户的电子邮件名称。常规格式是 alias@domain,其中,domain 必须位于租户的已验证域集合中。创建用户时此属性是必需的。可从 组织verifiedDomains 属性访问租户的已验证域。支持 $filter 和 $orderby。The user principal name (UPN) of the user. The UPN is an Internet-style login name for the user based on the Internet standard RFC 822. By convention, this should map to the user's email name. The general format is alias@domain, where domain must be present in the tenant’s collection of verified domains. This property is required when a user is created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization. Supports $filter and $orderby.
userTypeuserType StringString 可用于对目录中的用户类型分类的字符串值,例如“成员”和“访客”。支持 $filter。A string value that can be used to classify user types in your directory, such as “Member” and “Guest”. Supports $filter.

本部分介绍 Azure AD 管理员和企业应用程序开发人员如何使用三个法定年龄组属性(legalAgeGroupClassificationageGroupconsentProvidedForMinor)来满足与年龄相关的法规。This section explains how the three age group properties (legalAgeGroupClassification, ageGroup and consentProvidedForMinor) are used by Azure AD administrators and enterprise application developers to meet age-related regulations.

例如:Cameron 是英国 Holyport 小学的名录管理员。For example: Cameron is administrator of a directory for an elementary school in Holyport in the United Kingdom. 新学年开始,他根据英国与年龄相关的法规,使用入学文件获得未成年人父母的同意。At the beginning of the school year he uses the admissions paperwork to obtain consent from the minor's parents based on the age-related regulations of the United Kingdom. 征得父母同意后,Holyport 学校和 Microsoft 应用可以使用未成年人的帐户。The consent obtained from the parent allows the minor's account to be used by Holyport school and Microsoft apps. Cameron 随后创建所有帐户,将 ageGroup 设置为“minor”,并将 consentProvidedForMinor 设置为“granted”。Cameron then creates all the accounts and sets ageGroup to "minor" and consentProvidedForMinor to "granted". 然后,他的学生使用的应用程序可以禁止不适合未成年人的功能。Applications used by his students are then able to suppress features that are not suitable for minors.

企业应用程序开发人员使用此只读属性来确保根据用户的法定年龄组正确处理用户。This read-only property is used by enterprise application developers to ensure the correct handling of a user based on their legal age group. 此属性是基于用户的 ageGroupconsentProvidedForMinor 属性计算得出的。It is calculated based on the user's ageGroup and consentProvidedForMinor properties.

Value # 说明Description
null 00% 默认值,尚未给用户设置 ageGroupDefault value, no ageGroup has been set for the user.
minorWithoutParentalConsentminorWithoutParentalConsent 11. (保留以备今后使用)(Reserved for future use)
minorWithParentalConsentminorWithParentalConsent 22. 根据用户所在国家或地区与年龄相关的法规,将用户视为未成年人,并且帐户管理员已相应获得父母或监护人的同意。The user is considered a minor based on the age-related regulations of their country or region and the administrator of the account has obtained appropriate consent from a parent or guardian.
adultadult 33. 根据用户所在国家或地区与年龄相关的法规,将用户视为成年人。The user considered an adult based on the age-related regulations of their country or region.
notAdultnotAdult 44. 用户所在国家或地区存在其他与年龄相关的法规(例如美国、英国、欧盟和韩国),用户的年龄介于未成年人和成年人之间(根据所在国家或地区的规定)。The user is from a country or region that has additional age-related regulations (such as the United States, United Kingdom, European Union or South Korea), and the user's age is between a minor and an adult age (as stipulated based on country or region). 通常,这意味着会在管控的国家或地区将青少年视为 notAdultGenerally, this means that teenagers are considered as notAdult in regulated countries.
minorNoParentalConsentRequiredminorNoParentalConsentRequired 55. 用户是未成年人,但所在国家或地区没有与年龄相关的法规。The user is a minor but is from a country or region that has no age-related regulations.

年龄组和未成年人同意属性是 Azure AD 管理员使用的可选属性,可帮助确保根据用户所在国家或地区与年龄相关的监管规则正确处理帐户的使用。The age group and minor consent properties are optional properties used by Azure AD administrators to help ensure the use of an account is handled correctly based on the age-related regulatory rules governing the user's country or region.

ageGroup 属性ageGroup property

Value # 说明Description
null 00% 默认值,尚未给用户设置 ageGroupDefault value, no ageGroup has been set for the user.
minorminor 11. 将用户视为未成年人。The user is consider a minor.
notAdultnotAdult 22. 用户所在国家或地区存在其他法规(例如美国、英国、欧盟和韩国),用户年龄超过儿童年龄上限(根据所在国家或地区的规定)且低于成年人年龄下限(根据所在国家或地区的规定)。The user is from a country that has statutory regulations United States, United Kingdom, European Union or South Korea) and user’s age is more than the upper limit of kid age (as per country) and less than lower limit of adult age (as stipulated based on country or region). 因此,基本上会在管控的国家或地区将青少年视为 notAdultSo basically, teenagers are considered as notAdult in regulated countries.
adultadult 33. 应将用户视为成年人。The user should be a treated as an adult.

consentProvidedForMinor 属性consentProvidedForMinor property

Value # 说明Description
null 00% 默认值,尚未给用户设置 consentProvidedForMinorDefault value, no consentProvidedForMinor has been set for the user.
grantedgranted 11. 已就用户拥有帐户获得同意。Consent has been obtained for the user to have an account.
denieddenied 22. 尚未就用户拥有帐户获得同意。Consent has not been obtained for the user to have an account.
notRequirednotRequired 33. 用户所在地不要求获得同意。The user is from a location that does not require consent.

关系Relationships

关系Relationship 类型Type 说明Description
activitiesactivities userActivity 集合userActivity collection 跨设备的用户活动。The user's activities across devices. 只读。Read-only. 可为 Null。Nullable.
calendarcalendar calendarcalendar 用户的主日历。只读。The user's primary calendar. Read-only.
calendarGroupscalendarGroups CalendarGroup 集合calendarGroup collection 用户的日历组。只读。可为 Null。The user's calendar groups. Read-only. Nullable.
calendarViewcalendarView event 集合event collection 日历的日历视图。只读。可为 Null。The calendar view for the calendar. Read-only. Nullable.
calendarscalendars calendar 集合calendar collection 用户的日历。只读。可为 Null。The user's calendars. Read-only. Nullable.
contactFolderscontactFolders ContactFolder 集合contactFolder collection 用户的联系人文件夹。只读。可为 Null。The user's contacts folders. Read-only. Nullable.
contactscontacts contact 集合contact collection 用户的联系人。只读。可为 Null。The user's contacts. Read-only. Nullable.
createdObjectscreatedObjects directoryObject collectiondirectoryObject collection 由用户创建的 directory 对象。只读。可为 Null。Directory objects that were created by the user. Read-only. Nullable.
directReportsdirectReports directoryObject collectiondirectoryObject collection 向此用户报告的用户和联系人。(其 manager 属性已设置为此用户的用户和联系人。)只读。可为 Null。The users and contacts that report to the user. (The users and contacts that have their manager property set to this user.) Read-only. Nullable.
drivedrive drivedrive 用户的 OneDrive。只读。The user's OneDrive. Read-only.
drivesdrives drive 集合drive collection 该用户的可用驱动器集合。只读。A collection of drives available for this user. Read-only.
活动events event 集合event collection 用户的事件。默认显示“默认日历”下的事件。只读。可为 Null。The user's events. Default is to show Events under the Default Calendar. Read-only. Nullable.
extensionsextensions 扩展集合extension collection 为用户定义的开放扩展集合。只读。可为 Null。The collection of open extensions defined for the user. Read-only. Nullable.
inferenceClassificationinferenceClassification inferenceClassificationinferenceClassification 基于显式指定的用户邮件的相关性分类,可以替代推断的相关性或重要性。Relevance classification of the user's messages based on explicit designations which override inferred relevance or importance.
licenseDetailslicenseDetails licenseDetails 集合licenseDetails collection 此用户许可证详细信息的集合。A collection of this user's license details. 只读。Read-only.
mailFoldersmailFolders mailFolder 集合mailFolder collection 用户的邮件文件夹。只读。可为 Null。The user's mail folders. Read-only. Nullable.
managermanager directoryObjectdirectoryObject 是此用户的经理的用户或联系人。只读。(HTTP 方法:GET、PUT、DELETE)The user or contact that is this user’s manager. Read-only. (HTTP Methods: GET, PUT, DELETE.)
memberOfmemberOf directoryObject collectiondirectoryObject collection 用户所属的组和目录角色。只读。可为 Null。The groups and directory roles that the user is a member of. Read-only. Nullable.
messagesmessages message 集合message collection 邮箱或文件夹中的邮件。只读。可为 Null。The messages in a mailbox or folder. Read-only. Nullable.
onenoteonenote onenoteonenote 只读。Read-only.
outlookoutlook outlookUseroutlookUser 只读。Read-only.
ownedDevicesownedDevices directoryObject collectiondirectoryObject collection 用户拥有的设备。只读。可为 Null。Devices that are owned by the user. Read-only. Nullable.
ownedObjectsownedObjects directoryObject collectiondirectoryObject collection 用户拥有的 directory 对象。只读。可为 Null。Directory objects that are owned by the user. Read-only. Nullable.
peoplepeople person 集合person collection 与用户相关的人员。People that are relevant to the user. 只读。Read-only. 可为 Null。Nullable.
photophoto profilePhotoprofilePhoto 用户的个人资料照片。只读。The user's profile photo. Read-only.
plannerplanner plannerUserplannerUser 用户可能存在的 Planner 资源入口点。Entry-point to the Planner resource that might exist for a user. 只读。Read-only.
registeredDevicesregisteredDevices directoryObject collectiondirectoryObject collection 已注册的用户的设备。只读。可为 Null。Devices that are registered for the user. Read-only. Nullable.

JSON 表示形式JSON representation

下面是资源的 JSON 表示形式。Here is a JSON representation of the resource

{
  "aboutMe": "string",
  "accountEnabled": true,
  "ageGroup": "string",
  "assignedLicenses": [{"@odata.type": "microsoft.graph.assignedLicense"}],
  "assignedPlans": [{"@odata.type": "microsoft.graph.assignedPlan"}],
  "birthday": "String (timestamp)",
  "businessPhones": ["string"],
  "city": "string",
  "companyName": "string",
  "consentProvidedForMinor": "string",
  "country": "string",
  "department": "string",
  "displayName": "string",
  "employeeId": "string",
  "faxNumber" : "string",
  "givenName": "string",
  "hireDate": "String (timestamp)",
  "id": "string (identifier)",
  "imAddresses": ["string"],
  "interests": ["string"],
  "isResourceAccount": false,
  "jobTitle": "string",
  "legalAgeGroupClassification": "string",
  "licenseAssignmentStates": [{"@odata.type": "microsoft.graph.licenseAssignmentState"}],
  "lastPasswordChangeDateTime": "String (timestamp)",
  "mail": "string",
  "mailboxSettings": {"@odata.type": "microsoft.graph.mailboxSettings"},
  "mailNickname": "string",
  "mobilePhone": "string",
  "mySite": "string",
  "officeLocation": "string",
  "onPremisesDistinguishedName": "string",
  "onPremisesDomainName": "string",
  "onPremisesExtensionAttributes": {"@odata.type": "microsoft.graph.onPremisesExtensionAttributes"},
  "onPremisesImmutableId": "string",
  "onPremisesLastSyncDateTime": "String (timestamp)",
  "onPremisesProvisioningErrors": [{"@odata.type": "microsoft.graph.onPremisesProvisioningError"}],
  "onPremisesSamAccountName": "string",
  "onPremisesSecurityIdentifier": "string",
  "onPremisesSyncEnabled": true,
  "onPremisesUserPrincipalName": "string",
  "otherMails": "string",
  "passwordPolicies": "string",
  "passwordProfile": {"@odata.type": "microsoft.graph.passwordProfile"},
  "pastProjects": ["string"],
  "postalCode": "string",
  "preferredDataLocation": "string",
  "preferredLanguage": "string",
  "preferredName": "string",
  "provisionedPlans": [{"@odata.type": "microsoft.graph.provisionedPlan"}],
  "proxyAddresses": ["string"],
  "responsibilities": ["string"],
  "schools": ["string"],
  "showInAddressList": true,
  "signInSessionsValidFromDateTime": "String (timestamp)",
  "skills": ["string"],
  "state": "string",
  "streetAddress": "string",
  "surname": "string",
  "usageLocation": "string",
  "userPrincipalName": "string",
  "userType": "string",

  "calendar": { "@odata.type": "microsoft.graph.calendar" },
  "calendarGroups": [{ "@odata.type": "microsoft.graph.calendarGroup" }],
  "calendarView": [{ "@odata.type": "microsoft.graph.event" }],
  "calendars": [ {"@odata.type": "microsoft.graph.calendar"} ],
  "contacts": [ { "@odata.type": "microsoft.graph.contact" } ],
  "contactFolders": [ { "@odata.type": "microsoft.graph.contactFolder" } ],
  "createdObjects": [ { "@odata.type": "microsoft.graph.directoryObject" } ],
  "directReports": [ { "@odata.type": "microsoft.graph.directoryObject" } ],
  "drive": { "@odata.type": "microsoft.graph.drive" },
  "drives": [ { "@odata.type": "microsoft.graph.drive" } ],
  "events": [ { "@odata.type": "microsoft.graph.event" } ],
  "inferenceClassification": { "@odata.type": "microsoft.graph.inferenceClassification" },
  "mailFolders": [ { "@odata.type": "microsoft.graph.mailFolder" } ],
  "manager": { "@odata.type": "microsoft.graph.directoryObject" },
  "memberOf": [ { "@odata.type": "microsoft.graph.directoryObject" } ],
  "messages": [ { "@odata.type": "microsoft.graph.message" } ],
  "outlook": { "@odata.type": "microsoft.graph.outlookUser" },
  "ownedDevices": [ { "@odata.type": "microsoft.graph.directoryObject" } ],
  "ownedObjects": [ { "@odata.type": "microsoft.graph.directoryObject" } ],
  "photo": { "@odata.type": "microsoft.graph.profilePhoto" },
  "registeredDevices": [ { "@odata.type": "microsoft.graph.directoryObject" } ]
}

另请参阅See also