用户资源类型user resource type

重要

Microsoft Graph 中/beta的版本下的 api 可能会发生更改。APIs under the /beta version in Microsoft Graph are subject to change. 不支持在生产应用程序中使用这些 API。Use of these APIs in production applications is not supported.

表示 Azure AD 用户帐户。继承自 directoryObjectRepresents an Azure AD user account. Inherits from directoryObject.

该资源支持:This resource supports:

方法Methods

方法Method 返回类型Return Type 说明Description
List usersList users user 集合user collection 获取用户对象列表。Get a list of user objects.
Create userCreate user useruser 新建用户对象。Create a new user object.
Get userGet user useruser 读取 user 对象的属性和关系。Read properties and relationships of user object.
Update userUpdate user useruser 更新 user 对象。Update user object.
Delete userDelete user NoneNone 删除 user 对象。Delete user object.
List messagesList messages message 集合message collection 获取已登录用户的邮箱中的所有邮件。Get all the messages in the signed-in user's mailbox.
创建邮件Create message messagemessage 通过发布到邮件集合创建邮件。Create a message by posting to the messages collection.
List mailFoldersList mailFolders mailFolder 集合mailFolder collection 在已登录用户的根文件夹下获取邮件文件夹集合。Get the mail folder collection under the root folder of the signed-in user.
Create mailFolderCreate mailFolder mailFoldermailFolder 通过发布到 mailFolders 集合创建新 mailFolder。Create a new mailFolder by posting to the mailFolders collection.
sendMailsendMail NoneNone 发送请求正文中指定的邮件。Send the message specified in the request body.
List eventsList events event 集合event collection 获取用户邮箱中的 event 对象列表。该列表包含单个实例会议和系列主控形状。Get a list of event objects in the user's mailbox. The list contains single instance meetings and series masters.
Create eventCreate event eventevent 通过发布到事件集合新建事件。Create a new event by posting to the events collection.
List calendarsList calendars Calendar collectionCalendar collection 获取 Calendar 对象集合。Get a Calendar object collection.
Create calendarCreate calendar CalendarCalendar 通过发布到日历集合创建新日历。Create a new Calendar by posting to the calendars collection.
List calendarGroupsList calendarGroups CalendarGroup collectionCalendarGroup collection 获取 CalendarGroup 对象集合。Get a CalendarGroup object collection.
Create calendarGroupCreate calendarGroup CalendarGroupCalendarGroup 通过发布到 calendarGroups 集合新建 CalendarGroup。Create a new CalendarGroup by posting to the calendarGroups collection.
List calendarViewList calendarView event 集合event collection 获取 event 对象集合。Get an event object collection.
List contactsList contacts contact 集合contact collection 从已登录用户的默认联系人文件夹中获取联系人集合。Get a contact collection from the default contacts folder of the signed-in user.
Create contactCreate contact contactcontact 通过发布到联系人集合创建新联系人。Create a new contact by posting to the contacts collection.
List contactFoldersList contactFolders ContactFolder 集合contactFolder collection 获取已登录用户的默认联系人文件夹中的联系人文件夹集合。Get the contact folder collection in the default contacts folder of the signed-in user.
Create contactFolderCreate contactFolder contactFoldercontactFolder 通过发布到 contactFolders 集合创建新 contactFolder。Create a new contactFolder by posting to the contactFolders collection.
List directReportsList directReports directoryObject collectiondirectoryObject collection 从 directReports 导航属性中获取向此用户报告的用户和联系人。Get the users and contacts that report to the user from the directReports navigation property.
List managerList manager directoryObjectdirectoryObject 从 manager 导航属性中获取是此用户的经理的用户或联系人。Get the user or contact that is this user's manager from the manager navigation property.
List memberOfList memberOf directoryObject 集合directoryObject collection 从 memberOf 导航属性中获取此用户直接所属的组、目录角色和管理单元。Get the groups, directory roles, and administrative units that the user is a direct member of from the memberOf navigation property.
List transitive memberOfList transitive memberOf directoryObject 集合directoryObject collection 列出用户所属的所有组、目录角色和管理单元。List the groups, directory roles, and administrative units that the user is a member of. 此操作是可传递的,并包括用户以嵌套方式所属的组。This operation is transitive and includes the groups that the user is a nested member of.
List joinedTeamsList joinedTeams 团队 集合team collection 从 joinedTeams 导航属性中获取此用户直接所属的 Microsoft Teams 团队。Get the Microsoft Teams teams that the user is a direct member of from the joinedTeams navigation property.
List ownedDevicesList ownedDevices directoryObject collectiondirectoryObject collection 从 ownedDevices 导航属性中获取此用户所拥有的设备。Get the devices that are owned by the user from the ownedDevices navigation property.
List ownedObjectsList ownedObjects directoryObject collectiondirectoryObject collection 从 ownedObjects 导航属性中获取此用户所拥有的目录对象。Get the directory objects that are owned by the user from the ownedObjects navigation property.
List plannerTasksList plannerTasks plannerTask 集合plannerTask collection 获取分配给此用户的 plannerTasks。Get plannerTasks assigned to the user.
List registeredDevicesList registeredDevices directoryObject 集合directoryObject collection 从 registeredDevices 导航属性中获取为此用户注册的设备。Get the devices that are registered for the user from the registeredDevices navigation property.
List scoped-role membershipsList scoped-role memberships scopedRoleMembership 集合scopedRoleMembership collection 获取此用户的作用域角色管理单元成员身份。Get the scoped-role administrative units memberships for this user.
List createdObjectsList createdObjects directoryObject collectiondirectoryObject collection 从 createdObjects 导航属性中获取此用户创建的目录对象。Get the directory objects created by the user from the createdObjects navigation property.
List agreementAcceptancesList agreementAcceptances agreementAcceptance 集合agreementAcceptance collection 获取此用户的使用条款接受状态列表。Get a list of terms of use acceptance statuses of the user.
assignLicenseassignLicense useruser 为用户添加或删除订阅。还可以启用和禁用与订阅相关的特定计划。Add or remove subscriptions for the user. You can also enable and disable specific plans associated with a subscription.
reprocessLicensereprocessLicense useruser 重新处理用户的订阅分配。Reprocess subscription assignments for the user.
List licenseDetailsList licenseDetails licenseDetails 集合licenseDetails collection 获取 licenseDetails 对象集合。Get a licenseDetails object collection.
checkMemberGroupscheckMemberGroups String collectionString collection 检查组列表中的成员身份。检查是可传递的。Check for membership in a list of groups. The check is transitive.
checkMemberObjectscheckMemberObjects String 集合String collection 检查组、目录角色或管理单元对象列表中的成员身份。Check for membership in a list of group, directory role, or administrative unit objects. 检查是可传递的。The check is transitive.
deltadelta 用户集合user collection 获取用户的增量更改。Get incremental changes for users.
findMeetingTimesfindMeetingTimes meetingTimeSuggestionsResultmeetingTimeSuggestionsResult 基于与会者忙闲状态、位置或时间限制查找会议时间和位置。Find time and locations to meet based on attendee availability, location, or time constraints.
findRoomListsfindRoomLists emailaddress.md 集合emailaddress.md collection 获取租户中定义的会议室列表。Get the room lists defined in a tenant.
findRoomsfindRooms emailaddress.md 集合emailaddress.md collection 获取用户租户中或特定房间列表中的所有会议室。Get all the meeting rooms in the user's tenant or in a specific room list.
getMailTipsgetMailTips 邮件提醒集合mailTips collection 返回向已登录用户提供的一个或多个收件人的邮件提醒。Return the MailTips of one or more recipients as available to the signed-in user.
getMemberGroupsgetMemberGroups String collectionString collection 返回用户是其成员的所有组。检查是可传递的。Return all the groups that the user is a member of. The check is transitive.
getMemberObjectsgetMemberObjects String 集合String collection 返回用户所属的所有组、目录角色和管理单元。Return all the groups, directory roles, and administrative units that the user is a member of. 检查是可传递的。The check is transitive.
invalidateAllRefreshTokensinvalidateAllRefreshTokens None 通过将 refreshTokensValidFromDateTime 用户属性重置为当前的日期时间来使向应用程序发出的用户的所有刷新和会话令牌失效。Invalidates all the user's refresh and session tokens issued to applications, by resetting the refreshTokensValidFromDateTime user property to the current date-time. 这将强制用户再次登录到这些应用程序。This forces the user to sign in to those applications again. 此方法被 revokeSignInSessions 替换。This method is replaced by revokeSignInSessions.
reminderViewreminderView Reminder collectionReminder collection 返回指定开始时间和结束时间范围内的日历提醒列表。Return a list of calendar reminders within the start and end times specified.
revokeSignInSessionsrevokeSignInSessions None 通过将 signInSessionsValidFromDateTime 用户属性重置为当前的日期时间来吊销向应用程序发出的用户的所有刷新和会话令牌。Revokes all the user's refresh and session tokens issued to applications, by resetting the signInSessionsValidFromDateTime user property to the current date-time. 这将强制用户再次登录到这些应用程序。This forces the user to sign in to those applications again. 此方法将替换 invalidateAllRefreshTokensThis method replaces invalidateAllRefreshTokens.
translateExchangeIdstranslateExchangeIds convertIdResult 集合convertIdResult collection 对与 Outlook 相关的资源的标识符进行格式转换。Translate identifiers of Outlook-related resources between formats.
开放扩展Open extensions
创建开放扩展Create open extension openTypeExtensionopenTypeExtension 创建开放扩展,并将自定义属性添加到新资源或现有资源。Create an open extension and add custom properties to a new or existing resource.
获取开放扩展Get open extension openTypeExtension 集合openTypeExtension collection 获取扩展名称标识的开放扩展。Get an open extension identified by the extension name.
架构扩展Schema extensions
添加架构扩展值Add schema extension values 创建架构扩展定义,然后使用它向资源添加自定义键入数据。Create a schema extension definition and then use it to add custom typed data to a resource.

属性Properties

属性Property 类型Type 说明Description
aboutMeaboutMe StringString 任意形式的文本输入字段,用于介绍用户自身。A freeform text entry field for the user to describe themselves.
accountEnabledaccountEnabled BooleanBoolean 启用帐户时为 true,否则为 falsetrue if the account is enabled; otherwise, false. 创建用户时此属性是必需的。This property is required when a user is created. 支持 $filter。Supports $filter.
ageGroupageGroup StringString 设置用户的年龄组。Sets the age group of the user. 允许的值:nullminornotAdultadultAllowed values: null, minor, notAdult and adult. 请参阅法定年龄组属性定义以了解详细信息。Refer to the legal age group property definitions for further information.
assignedLicensesassignedLicenses assignedLicense collectionassignedLicense collection 分配给该用户的许可证。不可为 null。The licenses that are assigned to the user. Not nullable.
assignedPlansassignedPlans assignedPlan collectionassignedPlan collection 分配给该用户的计划。只读。不可为 null。The plans that are assigned to the user. Read-only. Not nullable.
birthdaybirthday DateTimeOffsetDateTimeOffset 用户的生日。时间戳类型表示使用 ISO 8601 格式的日期和时间信息,并且始终处于 UTC 时间。例如,2014 年 1 月 1 日午夜 UTC 如下所示:'2014-01-01T00:00:00Z'The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'
businessPhonesbusinessPhones String collectionString collection 用户的电话号码。注意:虽然这是字符串集合,但是只能为该属性设置一个号码。The telephone numbers for the user. NOTE: Although this is a string collection, only one number can be set for this property.
城市city StringString 用户所在的城市。支持 $filter。The city in which the user is located. Supports $filter.
companyNamecompanyName StringString 与用户关联的公司名称。The company name which the user is associated. 此属性可用于描述外部用户所属的公司。This property can be useful for describing the company that an external user comes from.
consentProvidedForMinorconsentProvidedForMinor StringString 设置是否已获得未成年人的同意。Sets whether consent has been obtained for minors. 允许的值:nullgranteddeniednotRequiredAllowed values: null, granted, denied and notRequired. 请参阅法定年龄组属性定义以了解详细信息。Refer to the legal age group property definitions for further information.
countrycountry StringString 用户所处的国家/地区,如“美国”或“英国”。支持 $filter。The country/region in which the user is located; for example, "US" or "UK". Supports $filter.
createdDateTimecreatedDateTime DateTimeOffsetDateTimeOffset 创建用户的日期和时间。The date and time the user was created. 值无法修改,并在实体创建时自动填充。The value cannot be modified and is automatically populated when the entity is created. DateTimeOffset 表示使用 ISO 8601 格式的日期和时间信息,并且始终处于 UTC 时间。The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. 属性可为 Null。Property is nullable. Null 值表示无法为用户确定准确的创建时间。A null value indicates that an accurate creation time couldn't be determined for the user. 只读。Read-only. 支持 $filter。Supports $filter.
creationTypecreationType 字符串String 指示创建的用户帐户是普通学校或工作帐户 (null)、外部帐户 (Invitation)、Azure Active Directory B2C 租户的本地帐户 (LocalAccount) 还是使用电子邮件验证的自助注册帐户 (EmailVerified)。Indicates whether the user account was created as a regular school or work account (null), an external account (Invitation), a local account for an Azure Active Directory B2C tenant (LocalAccount) or self-service sign-up using email verification (EmailVerified). 只读。Read-only.
deletedDateTimedeletedDateTime DateTimeOffsetDateTimeOffset 删除用户的日期和时间。The date and time the user was deleted.
departmentdepartment StringString 用户工作部门的名称。支持 $filter。The name for the department in which the user works. Supports $filter.
displayNamedisplayName StringString 用户通讯簿中显示的名称。The name displayed in the address book for the user. 此值通常是用户名字、中间名首字母和姓氏的组合。This value is usually the combination of the user's first name, middle initial, and last name. 此属性在创建用户时是必需的,并且在更新过程中不能清除。This property is required when a user is created and it cannot be cleared during updates. 支持 $filter 和 $orderby。Supports $filter and $orderby.
employeeIdemployeeId StringString 由组织分配给该用户的员工标识符。The employee identifier assigned to the user by the organization. 支持 $filter。Supports $filter.
externalUserStateexternalUserState StringString 对于使用邀请 API 邀请到租户的外部用户,此属性表示受邀用户的邀请状态。For an external user invited to the tenant using the invitation API, this property represents the invited user's invitation status. 对于受邀用户,状态可以是 PendingAcceptanceAccepted,而对于所有其他用户,状态为 nullFor invited users, the state can be PendingAcceptance or Accepted, or null for all other users. 支持包含受支持值的 $filter。Supports $filter with the supported values. 例如:$filter=externalUserState eq 'PendingAcceptance'For example: $filter=externalUserState eq 'PendingAcceptance'.
externalUserStateChangeDateTimeexternalUserStateChangeDateTime StringString 显示对 externalUserState 属性的最新更改的时间戳。Shows the timestamp for the latest change to the externalUserState property.
faxNumberfaxNumber StringString 用户的传真号。The fax number of the user.
givenNamegivenName StringString 用户的名。支持 $filter。The given name (first name) of the user. Supports $filter.
hireDatehireDate DateTimeOffsetDateTimeOffset 用户的雇佣日期。时间戳类型表示使用 ISO 8601 格式的日期和时间信息,并且始终处于 UTC 时间。例如,2014 年 1 月 1 日午夜 UTC 如下所示:'2014-01-01T00:00:00Z'The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'
idid StringString 用户的唯一标识符。继承自 directoryObject。键。不可为 null。只读。The unique identifier for the user. Inherited from directoryObject. Key. Not nullable. Read-only.
identitiesidentities objectIdentity 集合objectIdentity collection 表示可用于登录此用户帐户的标识。Represents the identities that can be used to sign in to this user account. 标识可由 Microsoft (也称为本地帐户)、组织或社交身份提供商(如 Facebook、Google 和 Microsoft)提供,并绑定到用户帐户。An identity can be provided by Microsoft, by organizations, or by social identity providers such as Facebook, Google, and Microsoft, and tied to a user account. 可能包含具有相同 signInType 值的多个项目。May contain multiple items with the same signInType value.
支持 $filter。Supports $filter.
interestsinterests String collectionString collection 用户介绍自身兴趣的列表。A list for the user to describe their interests.
isResourceAccountisResourceAccount BooleanBoolean 如果用户是资源帐户,则为 true,否则为 falsetrue if the user is a resource account; otherwise, false. Null 值应视为 falseNull value should be considered false.
jobTitlejobTitle StringString 用户的职务。支持 $filter。The user’s job title. Supports $filter.
lastPasswordChangeDateTimelastPasswordChangeDateTime DateTimeOffsetDateTimeOffset 此 Azure AD 用户上次更改其密码的时间。The time when this Azure AD user last changed their password. 时间戳类型表示采用 ISO 8601 格式的日期和时间信息,始终采用 UTC 时区。The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. 例如,2014 年 1 月 1 日午夜 UTC 如下所示:'2014-01-01T00:00:00Z'For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'
legalAgeGroupClassificationlegalAgeGroupClassification StringString 由企业应用程序用于确定用户的法定年龄组。Used by enterprise applications to determine the legal age group of the user. 此属性为只读,并且基于 ageGroupconsentProvidedForMinor 属性进行计算。This property is read-only and calculated based on ageGroup and consentProvidedForMinor properties. 允许的值:nullminorWithOutParentalConsentminorWithParentalConsentminorNoParentalConsentRequirednotAdultadultAllowed values: null, minorWithOutParentalConsent, minorWithParentalConsent, minorNoParentalConsentRequired, notAdult and adult. 请参阅法定年龄组属性定义以了解详细信息。Refer to the legal age group property definitions for further information.)
licenseAssignmentStateslicenseAssignmentStates licenseAssignmentState 集合licenseAssignmentState collection 此用户的许可证分配状态。State of license assignments for this user. 只读。Read-only.
mailmail StringString 用户的 SMTP 地址,例如,“jeff@contoso.onmicrosoft.com”。只读。支持 $filter。The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com". Read-Only. Supports $filter.
mailboxSettingsmailboxSettings mailboxSettingsmailboxSettings 已登录用户的主邮箱的设置。Settings for the primary mailbox of the signed-in user. 可以获取更新用于向传入邮件发送自动答复、区域设置和时区的设置。You can get or update settings for sending automatic replies to incoming messages, locale, and time zone.
mailNicknamemailNickname StringString 用户的邮件别名。创建用户时必须指定此属性。支持 $filter。The mail alias for the user. This property must be specified when a user is created. Supports $filter.
mobilePhonemobilePhone StringString 用户的主要移动电话号码。The primary cellular telephone number for the user.
mySitemySite StringString 用户个人网站的 URL。The URL for the user's personal site.
officeLocationofficeLocation StringString 用户公司地点的办公室位置。The office location in the user's place of business.
onPremisesDistinguishedNameonPremisesDistinguishedName StringString 包含本地 Active Directory distinguished nameDNContains the on-premises Active Directory distinguished name or DN. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
onPremisesDomainNameonPremisesDomainName StringString 包含从本地目录同步的本地 domainFQDN(也称为 dnsDomainName)。Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
onPremisesExtensionAttributesonPremisesExtensionAttributes onPremisesExtensionAttributesonPremisesExtensionAttributes 包含用户的 extensionAttributes 1-15。Contains extensionAttributes 1-15 for the user. 请注意,单个扩展属性既不可选择,也不可筛选。Note that the individual extension attributes are neither selectable nor filterable. 对于 onPremisesSyncEnabled 用户,此属性集是在本地主控的,并且为只读。For an onPremisesSyncEnabled user, this set of properties is mastered on-premises and is read-only. 对于只使用云的用户(其中 onPremisesSyncEnabled 为 false),可以在创建或更新期间设置这些属性。For a cloud-only user (where onPremisesSyncEnabled is false), these properties may be set during creation or update.
onPremisesImmutableIdonPremisesImmutableId StringString 此属性用于将本地 Active Directory 用户帐户关联到他们的 Azure AD 用户对象。This property is used to associate an on-premises Active Directory user account to their Azure AD user object. 如果对用户的 userPrincipalName (UPN) 属性使用联盟域,必须在 Graph 中创建新用户帐户时指定此属性。This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user’s userPrincipalName (UPN) property. 重要说明: 指定此属性时不能使用 $_ 字符。Important: The $ and _ characters cannot be used when specifying this property. 支持 $filter。Supports $filter.
onPremisesLastSyncDateTimeonPremisesLastSyncDateTime DateTimeOffsetDateTimeOffset 表示上一次对象与本地目录同步的时间;例如:“2013-02-16T03:04:54Z”。时间戳类型表示使用 ISO 8601 格式的日期和时间信息,并且始终处于 UTC 时间。例如,2014 年 1 月 1 日午夜 UTC 如下所示:'2014-01-01T00:00:00Z'。只读。Indicates the last time at which the object was synced with the on-premises directory; for example: "2013-02-16T03:04:54Z". The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Read-only.
onPremisesProvisioningErrorsonPremisesProvisioningErrors onPremisesProvisioningError 集合onPremisesProvisioningError collection 在预配期间使用 Microsoft 同步产品时发生的错误。Errors when using Microsoft synchronization product during provisioning.
onPremisesSamAccountNameonPremisesSamAccountName StringString 包含从本地目录同步的本地 sAMAccountNameContains the on-premises sAMAccountName synchronized from the on-premises directory. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
onPremisesSecurityIdentifieronPremisesSecurityIdentifier StringString 包含从本地同步到云的用户的本地安全标识符 (SID)。只读。Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. Read-only.
onPremisesSyncEnabledonPremisesSyncEnabled BooleanBoolean 如果此对象从本地目录同步,则为 true;如果此对象最初从本地目录同步,但以后不再同步,则为 false;如果此对象从未从本地目录同步,则为 null(默认值)。true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory (default). 只读Read-only
onPremisesUserPrincipalNameonPremisesUserPrincipalName StringString 包含从本地目录同步的本地 userPrincipalNameContains the on-premises userPrincipalName synchronized from the on-premises directory. 仅当客户正在通过 Azure AD Connect 将其本地目录同步到 Azure Active Directory 时,才会填充该属性。The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory via Azure AD Connect. 只读。Read-only.
otherMailsotherMails 字符串集合String collection 用户的其他电子邮件地址列表;例如:["bob@contoso.com", "Robert@fabrikam.com"]A list of additional email addresses for the user; for example: ["bob@contoso.com", "Robert@fabrikam.com"]. 支持 $filter。Supports $filter.
passwordPoliciespasswordPolicies StringString 指定用户的密码策略。此值是一个枚举,具有一个可能值“DisableStrongPassword”,允许指定比默认策略弱的密码。还可以指定“DisablePasswordExpiration”。可以同时指定这两个策略;例如:“DisablePasswordExpiration、DisableStrongPassword”。Specifies password policies for the user. This value is an enumeration with one possible value being “DisableStrongPassword”, which allows weaker passwords than the default policy to be specified. “DisablePasswordExpiration” can also be specified. The two may be specified together; for example: "DisablePasswordExpiration, DisableStrongPassword".
passwordProfilepasswordProfile passwordProfilepasswordProfile 指定用户的密码配置文件。配置文件包含用户的密码。创建用户时此属性是必需的。配置文件中的密码必须满足 passwordPolicies 属性指定的最低要求。默认情况下,必须使用强密码。Specifies the password profile for the user. The profile contains the user’s password. This property is required when a user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies property. By default, a strong password is required.
pastProjectspastProjects String collectionString collection 供用户枚举其过去项目的列表。A list for the user to enumerate their past projects.
postalCodepostalCode StringString 用户邮政地址的邮政编码。邮政编码特定于用户所在的国家/地区。在美国,此属性包含邮政编码。The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code.
preferredDataLocationpreferredDataLocation StringString 用户的首选数据位置。The preferred data location for the user. 有关详细信息,请参阅 OneDrive Online 多地理位置For more information, see OneDrive Online Multi-Geo.
preferredLanguagepreferredLanguage StringString 用户的首选语言。应遵循 ISO 639-1 代码;例如“EN-US”。The preferred language for the user. Should follow ISO 639-1 Code; for example "en-US".
preferredNamepreferredName StringString 用户的首选名称。The preferred name for the user.
provisionedPlansprovisionedPlans provisionedPlan 集合provisionedPlan collection 为用户设置的计划。只读。不可为 null。The plans that are provisioned for the user. Read-only. Not nullable.
proxyAddressesproxyAddresses String collectionString collection 例如:["SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com"] 多值属性上的筛选器表达式需要 any 运算符。只读,不可为 Null。支持 $filter。For example: ["SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com"] The any operator is required for filter expressions on multi-valued properties. Read-only, Not nullable. Supports $filter.
refreshTokensValidFromDateTimerefreshTokensValidFromDateTime DateTimeOffsetDateTimeOffset 在此时间之前发出的任何刷新令牌或会话令牌(会话 Cookie)都是无效的,并且当使用无效的刷新令牌或会话令牌获取委托的访问令牌(用于访问 Microsoft Graph 等 API)时,应用程序将收到错误。Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). 如果发生这种情况,应用程序将需要通过向授权端点发出请求来获取新的刷新令牌。If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. 只读。Read-only. 使用 invalidateAllRefreshTokens 进行重置。Use invalidateAllRefreshTokens to reset.
responsibilitiesresponsibilities String collectionString collection 供用户枚举其职责的列表。A list for the user to enumerate their responsibilities.
schoolsschools String collectionString collection 供用户枚举其学习过的学校列表。A list for the user to enumerate the schools they have attended.
showInAddressListshowInAddressList BooleanBoolean 如果 Outlook 全局地址列表应包含此用户,则值为 true,否则为 falsetrue if the Outlook global address list should contain this user, otherwise false. 如果未设置,则将其视为 trueIf not set, this will be treated as true. 对于通过邀请管理器邀请的用户,此属性将设置为 falseFor users invited through the invitation manager, this property will be set to false.
signInSessionsValidFromDateTimesignInSessionsValidFromDateTime DateTimeOffsetDateTimeOffset 在此时间之前发出的任何刷新令牌或会话令牌(会话 Cookie)都是无效的,并且当使用无效的刷新令牌或会话令牌获取委托的访问令牌(用于访问 Microsoft Graph 等 API)时,应用程序将收到错误。Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). 如果发生这种情况,应用程序将需要通过向授权端点发出请求来获取新的刷新令牌。If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. 此为只读属性。Read-only. 使用 revokeSignInSessions 进行重置。Use revokeSignInSessions to reset.
skillsskills String collectionString collection 供用户枚举其技能的列表。A list for the user to enumerate their skills.
signInActivitysignInActivity signInActivitysignInActivity 获取指定用户登录的最后一个登录日期和请求 ID。Get the last signed-in date and request ID of the sign-in for a given user.

支持 $filter,但不支持任何其他的可筛选属性。Supports $filter, but not with any other filterable properties.
仅在 $select 上返回。Returned only on $select.
只读。Read-only.
statestate StringString 用户地址中的省/市/自治区或省。支持 $filter。The state or province in the user's address. Supports $filter.
streetAddressstreetAddress StringString 用户公司地点的街道地址。The street address of the user's place of business.
surnamesurname StringString 用户的姓氏。支持 $filter。The user's surname (family name or last name). Supports $filter.
usageLocationusageLocation StringString 两个字母的国家/地区代码(ISO 标准 3166)。为检查服务在国家/地区的可用性,这对根据法律要求将分配许可证的用户而言是必需的。示例包括:“US”、“JP”和“GB”。不可为 null。支持 $filter。A two letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: "US", "JP", and "GB". Not nullable. Supports $filter.
userPrincipalNameuserPrincipalName StringString 用户的用户主体名称 (UPN)。UPN 是用户基于 Internet 标准 RFC 822 的 Internet 式登录名。按照惯例,此名称应映射到用户的电子邮件名称。常规格式是 alias@domain,其中,domain 必须位于租户的已验证域集合中。创建用户时此属性是必需的。可从 组织verifiedDomains 属性访问租户的已验证域。支持 $filter 和 $orderby。The user principal name (UPN) of the user. The UPN is an Internet-style login name for the user based on the Internet standard RFC 822. By convention, this should map to the user's email name. The general format is alias@domain, where domain must be present in the tenant’s collection of verified domains. This property is required when a user is created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization. Supports $filter and $orderby.
userTypeuserType StringString 可用于对目录中的用户类型分类的字符串值,例如“成员”和“访客”。支持 $filter。A string value that can be used to classify user types in your directory, such as "Member" and "Guest". Supports $filter.

本部分介绍 Azure AD 管理员和企业应用程序开发人员如何使用三个法定年龄组属性(legalAgeGroupClassificationageGroupconsentProvidedForMinor)来满足与年龄相关的法规。This section explains how the three age group properties (legalAgeGroupClassification, ageGroup and consentProvidedForMinor) are used by Azure AD administrators and enterprise application developers to meet age-related regulations.

例如:Cameron 是英国 Holyport 小学的名录管理员。For example: Cameron is administrator of a directory for an elementary school in Holyport in the United Kingdom. 新学年开始,他根据英国与年龄相关的法规,使用入学文件获得未成年人父母的同意。At the beginning of the school year he uses the admissions paperwork to obtain consent from the minor's parents based on the age-related regulations of the United Kingdom. 征得父母同意后,Holyport 学校和 Microsoft 应用可以使用未成年人的帐户。The consent obtained from the parent allows the minor's account to be used by Holyport school and Microsoft apps. Cameron 随后创建所有帐户,将 ageGroup 设置为“minor”,并将 consentProvidedForMinor 设置为“granted”。Cameron then creates all the accounts and sets ageGroup to "minor" and consentProvidedForMinor to "granted". 然后,他的学生使用的应用程序可以禁止不适合未成年人的功能。Applications used by his students are then able to suppress features that are not suitable for minors.

企业应用程序开发人员使用此只读属性来确保根据用户的法定年龄组正确处理用户。This read-only property is used by enterprise application developers to ensure the correct handling of a user based on their legal age group. 此属性是基于用户的 ageGroupconsentProvidedForMinor 属性计算得出的。It is calculated based on the user's ageGroup and consentProvidedForMinor properties.

Value # 说明Description
null 00% 默认值,尚未给用户设置 ageGroupDefault value, no ageGroup has been set for the user.
minorWithoutParentalConsentminorWithoutParentalConsent 11. (保留以备今后使用)(Reserved for future use)
minorWithParentalConsentminorWithParentalConsent 22. 根据用户所在国家或地区与年龄相关的法规,将用户视为未成年人,并且帐户管理员已相应获得父母或监护人的同意。The user is considered a minor based on the age-related regulations of their country or region and the administrator of the account has obtained appropriate consent from a parent or guardian.
adultadult 33. 根据用户所在国家或地区与年龄相关的法规,将用户视为成年人。The user considered an adult based on the age-related regulations of their country or region.
notAdultnotAdult 44. 用户所在国家或地区存在其他与年龄相关的法规(例如美国、英国、欧盟和韩国),用户的年龄介于未成年人和成年人之间(根据所在国家或地区的规定)。The user is from a country or region that has additional age-related regulations (such as the United States, United Kingdom, European Union or South Korea), and the user's age is between a minor and an adult age (as stipulated based on country or region). 通常,这意味着会在管控的国家或地区将青少年视为 notAdultGenerally, this means that teenagers are considered as notAdult in regulated countries.
minorNoParentalConsentRequiredminorNoParentalConsentRequired 55. 用户是未成年人,但所在国家或地区没有与年龄相关的法规。The user is a minor but is from a country or region that has no age-related regulations.

年龄组和未成年人同意属性是 Azure AD 管理员使用的可选属性,可帮助确保根据用户所在国家或地区与年龄相关的监管规则正确处理帐户的使用。The age group and minor consent properties are optional properties used by Azure AD administrators to help ensure the use of an account is handled correctly based on the age-related regulatory rules governing the user's country or region.

ageGroup 属性ageGroup property

Value # 说明Description
null 00% 默认值,尚未给用户设置 ageGroupDefault value, no ageGroup has been set for the user.
minorminor 11. 将用户视为未成年人。The user is consider a minor.
notAdultnotAdult 22. 用户所在国家或地区存在其他法规(例如美国、英国、欧盟和韩国),用户年龄超过儿童年龄上限(根据所在国家或地区的规定)且低于成年人年龄下限(根据所在国家或地区的规定)。The user is from a country that has statutory regulations United States, United Kingdom, European Union or South Korea) and user’s age is more than the upper limit of kid age (as per country) and less than lower limit of adult age (as stipulated based on country or region). 因此,基本上会在管控的国家或地区将青少年视为 notAdultSo basically, teenagers are considered as notAdult in regulated countries.
adultadult 33. 应将用户视为成年人。The user should be a treated as an adult.

consentProvidedForMinor 属性consentProvidedForMinor property

Value # 说明Description
null 00% 默认值,尚未给用户设置 consentProvidedForMinorDefault value, no consentProvidedForMinor has been set for the user.
grantedgranted 11. 已就用户拥有帐户获得同意。Consent has been obtained for the user to have an account.
denieddenied 22. 尚未就用户拥有帐户获得同意。Consent has not been obtained for the user to have an account.
notRequirednotRequired 33. 用户所在地不要求获得同意。The user is from a location that does not require consent.

关系Relationships

关系Relationship 类型Type 说明Description
agreementAcceptancesagreementAcceptances agreementAcceptance 集合agreementAcceptance collection 用户使用条款接受状态。The user's terms of use acceptance statuses. 只读。Read-only. 可为 Null。Nullable.
calendarcalendar calendarcalendar 用户的主日历。只读。The user's primary calendar. Read-only.
calendarGroupscalendarGroups CalendarGroup 集合calendarGroup collection 用户的日历组。只读。可为 Null。The user's calendar groups. Read-only. Nullable.
calendarViewcalendarView event 集合event collection 日历的日历视图。只读。可为 Null。The calendar view for the calendar. Read-only. Nullable.
calendarscalendars calendar 集合calendar collection 用户的日历。只读。可为 Null。The user's calendars. Read-only. Nullable.
contactFolderscontactFolders ContactFolder 集合contactFolder collection 用户的联系人文件夹。只读。可为 Null。The user's contacts folders. Read-only. Nullable.
contactscontacts contact 集合contact collection 用户的联系人。只读。可为 Null。The user's contacts. Read-only. Nullable.
createdObjectscreatedObjects directoryObject collectiondirectoryObject collection 由用户创建的 directory 对象。只读。可为 Null。Directory objects that were created by the user. Read-only. Nullable.
directReportsdirectReports directoryObject collectiondirectoryObject collection 向此用户报告的用户和联系人。(其 manager 属性已设置为此用户的用户和联系人。)只读。可为 Null。The users and contacts that report to the user. (The users and contacts that have their manager property set to this user.) Read-only. Nullable.
drivedrive drivedrive 用户的 OneDrive。只读。The user's OneDrive. Read-only.
drivesdrives drive 集合drive collection 该用户的可用驱动器集合。只读。A collection of drives available for this user. Read-only.
活动events event 集合event collection 用户的事件。The user's events. 默认显示“默认日历”下的事件。Default is to show events under the Default Calendar. 只读。Read-only. 可为 NULL。Nullable.
extensionsextensions 扩展集合extension collection 为用户定义的开放扩展集合。The collection of open extensions defined for the user. 可为 Null。Nullable.
inferenceClassificationinferenceClassification inferenceClassificationinferenceClassification 基于显式指定的用户邮件的相关性分类,可以替代推断的相关性或重要性。Relevance classification of the user's messages based on explicit designations which override inferred relevance or importance.
insightsinsights officeGraphInsightsofficeGraphInsights 只读。可为 Null。Read-only. Nullable.
joinedGroupsjoinedGroups group 集合group collection 只读。可为 Null。Read-only. Nullable.
mailFoldersmailFolders mailFolder 集合mailFolder collection 用户的邮件文件夹。只读。可为 Null。The user's mail folders. Read-only. Nullable.
managermanager directoryObjectdirectoryObject 是此用户的经理的用户或联系人。只读。(HTTP 方法:GET、PUT、DELETE)The user or contact that is this user’s manager. Read-only. (HTTP Methods: GET, PUT, DELETE.)
memberOfmemberOf directoryObject 集合directoryObject collection 用户所属的所有组、目录角色和管理单元。只读。可为 Null。The groups, directory roles and administrative units that the user is a member of. Read-only. Nullable.
joinedTeamsjoinedTeams 团队 集合team collection 用户所属的 Microsoft Teams 团队。The Microsoft Teams teams that the user is a member of. 只读。Read-only. 可为空。Nullable.
团队合作teamwork userTeamworkuserTeamwork 可供用户使用的 Microsoft Teams 功能的容器。A container for Microsoft Teams features available for the user. 只读。Read-only. 可为 Null。Nullable.
messagesmessages message 集合message collection 邮箱或文件夹中的邮件。只读。可为 Null。The messages in a mailbox or folder. Read-only. Nullable.
onenoteonenote onenoteonenote 只读。Read-only.
outlookoutlook outlookUseroutlookUser 用户可用的选择性 Outlook 服务。Selective Outlook services available to the user. 只读。Read-only. 可为 Null。Nullable.
ownedDevicesownedDevices directoryObject collectiondirectoryObject collection 用户拥有的设备。只读。可为 Null。Devices that are owned by the user. Read-only. Nullable.
ownedObjectsownedObjects directoryObject collectiondirectoryObject collection 用户拥有的 directory 对象。只读。可为 Null。Directory objects that are owned by the user. Read-only. Nullable.
peoplepeople person 集合person collection 只读。与用户最相关的人员。该集合按其与用户的相关性排序,相关性由用户的通信、协作和业务关系决定。人脉是邮件、联系人和社交网络中的信息聚合。Read-only. The most relevant people to the user. The collection is ordered by their relevance to the user, which is determined by the user's communication, collaboration and business relationships. A person is an aggregation of information from across mail, contacts and social networks.
photophoto profilePhotoprofilePhoto 用户的个人资料照片。只读。The user's profile photo. Read-only.
photosphotos photo 集合photo collection 只读。可为 Null。Read-only. Nullable.
plannerplanner plannerUserplannerUser 用户可用的选择性 Planner 服务。Selective Planner services available to the user. 只读。Read-only. 可为空。Nullable.
scopedRoleMemberOfscopedRoleMemberOf scopedRoleMembership 集合scopedRoleMembership collection 该用户的作用域角色管理单元成员身份。The scoped-role administrative unit memberships for this user. 只读。Read-only. 可为 Null。Nullable.
settingssettings userSettingsuserSettings 只读。可为 Null。Read-only. Nullable.
registeredDevicesregisteredDevices directoryObject collectiondirectoryObject collection 已注册的用户的设备。只读。可为 Null。Devices that are registered for the user. Read-only. Nullable.

JSON 表示形式JSON representation

下面是资源的 JSON 表示形式。Here is a JSON representation of the resource

{
  "aboutMe": "string",
  "accountEnabled": true,
  "ageGroup": "string",
  "assignedLicenses": [{"@odata.type": "microsoft.graph.assignedLicense"}],
  "assignedPlans": [{"@odata.type": "microsoft.graph.assignedPlan"}],
  "birthday": "String (timestamp)",
  "businessPhones": ["string"],
  "city": "string",
  "companyName": "string",
  "consentProvidedForMinor": "string",
  "country": "string",
  "createdDateTime": "2019-02-07T21:53:13.067Z",
  "creationType": "string",
  "deletedDateTime": "String (timestamp)",
  "department": "string",
  "displayName": "string",
  "employeeId": "string",
  "externalUserState": "PendingAcceptance",
  "externalUserStateChangeDateTime": "2018-11-12T01:13:13Z",
  "faxNumber": "string",
  "givenName": "string",
  "hireDate": "String (timestamp)",
  "id": "string (identifier)",
  "identities": [{"@odata.type": "microsoft.graph.objectIdentity"}],
  "interests": ["string"],
  "isResourceAccount": false,
  "jobTitle": "string",
  "legalAgeGroupClassification": "string",
  "licenseAssignmentStates": [{"@odata.type": "microsoft.graph.licenseAssignmentState"}],
  "mail": "string",
  "mailboxSettings": {"@odata.type": "microsoft.graph.mailboxSettings"},
  "mailNickname": "string",
  "mobilePhone": "string",
  "mySite": "string",
  "officeLocation": "string",
  "onPremisesDistinguishedName": "string",
  "onPremisesDomainName": "string",
  "onPremisesExtensionAttributes": {"@odata.type": "microsoft.graph.onPremisesExtensionAttributes"},
  "onPremisesImmutableId": "string",
  "onPremisesLastSyncDateTime": "String (timestamp)",
  "onPremisesProvisioningErrors": [{"@odata.type": "microsoft.graph.onPremisesProvisioningError"}],
  "onPremisesSamAccountName": "string",
  "onPremisesSecurityIdentifier": "string",
  "onPremisesSyncEnabled": true,
  "onPremisesUserPrincipalName": "string",
  "otherMails": ["string"],
  "passwordPolicies": "string",
  "passwordProfile": {"@odata.type": "microsoft.graph.passwordProfile"},
  "pastProjects": ["string"],
  "postalCode": "string",
  "preferredDataLocation": "string",
  "preferredLanguage": "string",
  "preferredName": "string",
  "provisionedPlans": [{"@odata.type": "microsoft.graph.provisionedPlan"}],
  "proxyAddresses": ["string"],
  "refreshTokensValidFromDateTime": "2019-02-07T21:53:13.084Z",
  "responsibilities": ["string"],
  "schools": ["string"],
  "showInAddressList": true,
  "signInSessionsValidFromDateTime": "2019-02-07T21:53:13.084Z",
  "skills": ["string"],
  "state": "string",
  "streetAddress": "string",
  "surname": "string",
  "usageLocation": "string",
  "userPrincipalName": "string",
  "userType": "string",
  "calendar": {"@odata.type": "microsoft.graph.calendar"},
  "calendarGroups": [{"@odata.type": "microsoft.graph.calendarGroup"}],
  "calendarView": [{"@odata.type": "microsoft.graph.event"}],
  "calendars": [{"@odata.type": "microsoft.graph.calendar"}],
  "contacts": [{"@odata.type": "microsoft.graph.contact"}],
  "contactFolders": [{"@odata.type": "microsoft.graph.contactFolder"}],
  "createdObjects": [{"@odata.type": "microsoft.graph.directoryObject"}],
  "directReports": [{"@odata.type": "microsoft.graph.directoryObject"}],
  "drive": {"@odata.type": "microsoft.graph.drive"},
  "drives": [{"@odata.type": "microsoft.graph.drive"}],
  "insights": {"@odata.type": "microsoft.graph.officeGraphInsights"},
  "settings": {"@odata.type": "microsoft.graph.userSettings"},
  "events": [{"@odata.type": "microsoft.graph.event"}],
  "extensions": [{"@odata.type": "microsoft.graph.extension"}],
  "inferenceClassification": {"@odata.type": "microsoft.graph.inferenceClassification"},
  "mailFolders": [{"@odata.type": "microsoft.graph.mailFolder"}],
  "manager": {"@odata.type": "microsoft.graph.directoryObject"},
  "memberOf": [{"@odata.type": "microsoft.graph.directoryObject"}],
  "joinedTeams": [{"@odata.type": "microsoft.graph.group"}],
  "teamwork": {"@odata.type": "microsoft.graph.teamwork"},
  "messages": [{ "@odata.type": "microsoft.graph.message"}],
  "outlook": {"@odata.type": "microsoft.graph.outlookUser"},
  "ownedDevices": [{"@odata.type": "microsoft.graph.directoryObject"}],
  "photo": {"@odata.type": "microsoft.graph.profilePhoto"},
  "registeredDevices": [{"@odata.type": "microsoft.graph.directoryObject"}],
  "signInActivity": {"@odata.type": "microsoft.graph.signInActivity"}
}

另请参阅See also