Get authorizationPolicy
Namespace: microsoft.graph
Retrieve the properties of an authorizationPolicy object.
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.Authorization |
| Delegated (personal Microsoft account) | Not supported. |
| Application | Policy.Read.All, Policy.ReadWrite.Authorization |
HTTP request
GET /policies/authorizationPolicy
Request headers
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. |
Request body
Do not supply a request body for this method.
Response
If successful, this method returns a 200 OK response code and the single authorizationPolicy object in the response body.
Examples
Request
The following is an example of the request.
GET https://graph.microsoft.com/v1.0/policies/authorizationPolicy
Response
The following is an example of the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/authorizationPolicy/$entity",
"id": "authorizationPolicy",
"allowInvitesFrom": "everyone",
"allowedToSignUpEmailBasedSubscriptions": true,
"allowedToUseSSPR": true,
"allowEmailVerifiedUsersToJoinOrganization": true,
"allowUserConsentForRiskyApps": false,
"blockMsolPowerShell": null,
"displayName": "Authorization Policy",
"description": "Used to manage authorization related settings across the company.",
"defaultUserRolePermissions": {
"allowedToCreateApps": true,
"allowedToCreateSecurityGroups": true,
"allowedToReadOtherUsers": true,
"permissionGrantPoliciesAssigned": [
"just-user-read"
]
}
}
Feedback
Submit and view feedback for