Set-AzureADMSAuthorizationPolicy

Updates an authorization policy, which represents a policy that can control Azure Active Directory authorization settings.

Syntax

Set-AzureADMSAuthorizationPolicy
   [-AllowedToSignUpEmailBasedSubscriptions <Boolean>]
   [-AllowedToUseSSPR <Boolean>]
   [-AllowEmailVerifiedUsersToJoinOrganization <Boolean>]
   [-BlockMsolPowerShell <Boolean>]
   [-DefaultUserRolePermissions <DefaultUserRolePermissions>]
   [-Description <String>]
   [-DisplayName <String>]
   [<CommonParameters>]

Description

The Set-AzureADMSAuthorizationPolicy cmdlet updates an Azure Active Directory authorization policy.

Examples

Example 1: Update an authorization policy

PS C:\>Set-AzureADMSAuthorizationPolicy -DisplayName "updated displayname" -Description "updated description" -DefaultUserRolePermissions @{ AllowedToCreateApps = $false }

This command updates the specified parameters of the authorization policy.

Parameters

-AllowedToSignUpEmailBasedSubscriptions

Specifies whether users can sign up for email based subscriptions. The initial default value is true.

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AllowedToUseSSPR

Specifies whether the Self-Serve Password Reset feature can be used by users on the tenant. The initial default value is true.

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AllowEmailVerifiedUsersToJoinOrganization

Specifies whether a user can join the tenant by email validation. The initial default value is true.

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-BlockMsolPowerShell

Specifies whether the user-based access to the legacy service endpoint used by MSOL PowerShell is blocked or not.

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultUserRolePermissions

Contains various customizable default user role permissions.

Type:DefaultUserRolePermissions
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Description

Specifies the description of the authorization policy.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DisplayName

Specifies the display name of the authorization policy.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions

Notes

See the migration guide for Set-AzureADMSAuthorizationPolicy to the Microsoft Graph PowerShell.