is there any Microsoft graph api v1.0 or any powershell command to automate compliance settings of device compliance policy for window 10/11 ?

Question

Hi, I want to automate many configuration settings in microsoft endpoint manage admin center. In device compliance policy I am able to add policy using
"https://learn.microsoft.com/en-us/graph/api/intune-deviceconfig-windows10compliancepolicy-create?view=graph-rest-1.0" api. But for system security I am not able to get any place holder in json body or any seprate api to automate.
I need there options as required.

thanks in advance

Answer 1

@16557136 , Thanks for posting in Q&A.

Based on my checking via DevTool on Edge, (Click F12 and open DevTools), I find the request is post to "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies"

The request body look likes as below:
{"id":"00000000-0000-0000-0000-000000000000","displayName":"test","roleScopeTagIds":["0"],"@odata.type":"#microsoft.graph.windows10CompliancePolicy","scheduledActionsForRule":[{"ruleName":"PasswordRequired","scheduledActionConfigurations":[{"actionType":"block","gracePeriodHours":0,"notificationTemplateId":"","notificationMessageCCList":[]}]}],"deviceThreatProtectionRequiredSecurityLevel":"unavailable","passwordRequiredType":"deviceDefault","passwordRequired":true,"passwordMinimumLength":4,"deviceThreatProtectionEnabled":false}

Here are some pictures for your reference:

From the document you provided, I notice it is also supported on v1.0. Given the situation, you can create the same setting on Intune portal and capture the logs, find the payload of the request, click view source to get the request body you want.

Hope it can help.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.