Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Resource type exposing navigation properties for the policies singleton.
Inherits from entity.
Methods
None.
Properties
| Property | Type | Description |
|---|---|---|
| id | String | The identifier for a policy singleton. Inherits from entity. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| accessReviewPolicy | accessReviewPolicy | The policy that contains directory-level access review settings. |
| activityBasedTimeoutPolicies | activityBasedTimeoutPolicy collection | The policy that controls the idle time-out for web sessions for applications. |
| adminConsentRequestPolicy | adminConsentRequestPolicy | The policy by which consent requests are created and managed for the entire tenant. |
| appManagementPolicies | appManagementPolicy collection | The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy. |
| authenticationFlowsPolicy | authenticationFlowsPolicy | The policy configuration of the self-service sign-up experience of guests. |
| authenticationMethodsPolicy | authenticationMethodsPolicy | The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication (MFA) in Microsoft Entra ID. |
| authenticationStrengthPolicies | authenticationStrengthPolicy collection | The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access. |
| authorizationPolicy | authorizationPolicy collection | The policy that controls Microsoft Entra authorization settings. |
| b2cAuthenticationMethodsPolicy | b2cAuthenticationMethodsPolicy | The Azure AD B2C policies that define how end users register via local accounts. |
| claimsMappingPolicies | claimsMappingPolicy collection | The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application. |
| conditionalAccessPolicies | conditionalAccessPolicy | The custom rules that define an access scenario. |
| crossTenantAccessPolicy | crossTenantAccessPolicy | The custom rules that define an access scenario when interacting with external Microsoft Entra tenants. |
| deviceRegistrationPolicy | deviceRegistrationPolicy | Represents the policy scope that controls quota restrictions, additional authentication, and authorization policies to register device identities to your organization. |
| defaultAppManagementPolicy | tenantAppManagementPolicy | The tenant-wide policy that enforces app management restrictions for all applications and service principals. |
| externalIdentitiesPolicy | externalIdentitiesPolicy | Represents the tenant-wide policy that controls whether guests can leave a Microsoft Entra tenant via self-service controls. |
| featureRolloutPolicies | featureRolloutPolicy collection | The feature rollout policy associated with a directory object. |
| federatedTokenValidationPolicy | federatedTokenValidationPolicy | Represents a policy to control enabling or disabling validation of federation authentication tokens. |
| homeRealmDiscoveryPolicies | homeRealmDiscoveryPolicy collection | The policy to control Microsoft Entra authentication behavior for federated users. |
| identitySecurityDefaultsEnforcementPolicy | identitySecurityDefaultsEnforcementPolicy | The policy that represents the security defaults that protect against common attacks. |
| mobileAppManagementPolicies | mobilityManagementPolicy collection | The policy that defines autoenrollment configuration for a mobility management (MDM or MAM) application. |
| permissionGrantPolicies | permissionGrantPolicy collection | The policy that specifies the conditions under which consent can be granted. |
| permissionGrantPreApprovalPolicies | permissionGrantPreApprovalPolicy collection | Policies that specify the conditions under which consent can be granted to a specific application. |
| roleManagementPolicies | unifiedRoleManagementPolicy collection | Represents the role management policies. |
| roleManagementPolicyAssignments | unifiedRoleManagementPolicyAssignment collection | Represents the role management policy assignments. |
| tokenIssuancePolicies | tokenIssuancePolicy collection | The policy that specifies the characteristics of SAML tokens issued by Microsoft Entra ID. |
| tokenLifetimePolicies | tokenLifetimePolicy collection | The policy that controls the lifetime of a JWT access token, an ID token, or a SAML 1.1/2.0 token issued by Microsoft Entra ID. |
| deletedItems | policyDeletableItem collection | Policies that support soft-delete functionality and can be restored within 30 days. |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.policyRoot",
"id": "String (identifier)"
}