Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Namespace: microsoft.graph
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Create a new windows10MobileCompliancePolicy object.
This API is available in the following national cloud deployments.
| Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet | 
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ | 
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Permissions (from least to most privileged) | 
|---|---|
| Delegated (work or school account) | DeviceManagementConfiguration.ReadWrite.All | 
| Delegated (personal Microsoft account) | Not supported. | 
| Application | DeviceManagementConfiguration.ReadWrite.All | 
HTTP Request
POST /deviceManagement/deviceCompliancePolicies
Request headers
| Header | Value | 
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. | 
| Accept | application/json | 
Request body
In the request body, supply a JSON representation for the windows10MobileCompliancePolicy object.
The following table shows the properties that are required when you create the windows10MobileCompliancePolicy.
| Property | Type | Description | 
|---|---|---|
| id | String | Key of the entity. Inherited from deviceCompliancePolicy | 
| createdDateTime | DateTimeOffset | DateTime the object was created. Inherited from deviceCompliancePolicy | 
| description | String | Admin provided description of the Device Configuration. Inherited from deviceCompliancePolicy | 
| lastModifiedDateTime | DateTimeOffset | DateTime the object was last modified. Inherited from deviceCompliancePolicy | 
| displayName | String | Admin provided name of the device configuration. Inherited from deviceCompliancePolicy | 
| version | Int32 | Version of the device configuration. Inherited from deviceCompliancePolicy | 
| passwordRequired | Boolean | Require a password to unlock Windows Phone device. | 
| passwordBlockSimple | Boolean | Whether or not to block syncing the calendar. | 
| passwordMinimumLength | Int32 | Minimum password length. Valid values 4 to 16 | 
| passwordMinimumCharacterSetCount | Int32 | The number of character sets required in the password. | 
| passwordRequiredType | requiredPasswordType | The required password type. Possible values are: deviceDefault,alphanumeric,numeric. | 
| passwordPreviousPasswordBlockCount | Int32 | The number of previous passwords to prevent re-use of. | 
| passwordExpirationDays | Int32 | Number of days before password expiration. Valid values 1 to 255 | 
| passwordMinutesOfInactivityBeforeLock | Int32 | Minutes of inactivity before a password is required. | 
| passwordRequireToUnlockFromIdle | Boolean | Require a password to unlock an idle device. | 
| osMinimumVersion | String | Minimum Windows Phone version. | 
| osMaximumVersion | String | Maximum Windows Phone version. | 
| earlyLaunchAntiMalwareDriverEnabled | Boolean | Require devices to be reported as healthy by Windows Device Health Attestation - early launch antimalware driver is enabled. | 
| bitLockerEnabled | Boolean | Require devices to be reported healthy by Windows Device Health Attestation - bit locker is enabled | 
| secureBootEnabled | Boolean | Require devices to be reported as healthy by Windows Device Health Attestation - secure boot is enabled. | 
| codeIntegrityEnabled | Boolean | Require devices to be reported as healthy by Windows Device Health Attestation. | 
| storageRequireEncryption | Boolean | Require encryption on windows devices. | 
Response
If successful, this method returns a 201 Created response code and a windows10MobileCompliancePolicy object in the response body.
Example
Request
Here is an example of the request.
POST https://graph.microsoft.com/v1.0/deviceManagement/deviceCompliancePolicies
Content-type: application/json
Content-length: 792
{
  "@odata.type": "#microsoft.graph.windows10MobileCompliancePolicy",
  "description": "Description value",
  "displayName": "Display Name value",
  "version": 7,
  "passwordRequired": true,
  "passwordBlockSimple": true,
  "passwordMinimumLength": 5,
  "passwordMinimumCharacterSetCount": 0,
  "passwordRequiredType": "alphanumeric",
  "passwordPreviousPasswordBlockCount": 2,
  "passwordExpirationDays": 6,
  "passwordMinutesOfInactivityBeforeLock": 5,
  "passwordRequireToUnlockFromIdle": true,
  "osMinimumVersion": "Os Minimum Version value",
  "osMaximumVersion": "Os Maximum Version value",
  "earlyLaunchAntiMalwareDriverEnabled": true,
  "bitLockerEnabled": true,
  "secureBootEnabled": true,
  "codeIntegrityEnabled": true,
  "storageRequireEncryption": true
}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 964
{
  "@odata.type": "#microsoft.graph.windows10MobileCompliancePolicy",
  "id": "3d4237b0-37b0-3d42-b037-423db037423d",
  "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
  "description": "Description value",
  "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
  "displayName": "Display Name value",
  "version": 7,
  "passwordRequired": true,
  "passwordBlockSimple": true,
  "passwordMinimumLength": 5,
  "passwordMinimumCharacterSetCount": 0,
  "passwordRequiredType": "alphanumeric",
  "passwordPreviousPasswordBlockCount": 2,
  "passwordExpirationDays": 6,
  "passwordMinutesOfInactivityBeforeLock": 5,
  "passwordRequireToUnlockFromIdle": true,
  "osMinimumVersion": "Os Minimum Version value",
  "osMaximumVersion": "Os Maximum Version value",
  "earlyLaunchAntiMalwareDriverEnabled": true,
  "bitLockerEnabled": true,
  "secureBootEnabled": true,
  "codeIntegrityEnabled": true,
  "storageRequireEncryption": true
}