One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permission type
Permissions (from least to most privileged)
Delegated (work or school account)
Policy.Read.All and Policy.ReadWrite.ConditionalAccess
Delegated (personal Microsoft account)
Not supported.
Application
Policy.Read.All and Policy.ReadWrite.ConditionalAccess
HTTP request
POST /identity/conditionalAccess/namedLocations
Request headers
Name
Description
Authorization
Bearer {token}. Required.
Content-Type
application/json. Required.
Request body
In the request body, supply a JSON representation of an ipNamedLocation or countryNamedLocation object. You must specify the @odata.type of the derived type, that is, #microsoft.graph.ipNamedLocation for an ipNamedLocation object or #microsoft.graph.countryNamedLocation for a countryNamedLocation object.
The following table lists the properties that are required to create an ipNamedLocation object.
List of IP address ranges in IPv4 CIDR format (e.g. 1.2.3.4/32) or any allowable IPv6 format from IETF RFC596. Required. The @odata.type of the ipRange is also required.
The following table lists the properties that are required to create an countryNamedLocation object.
Property
Type
Description
countriesAndRegions
String collection
List of countries and/or regions in two-letter format specified by ISO 3166-2. Required.
displayName
String
Human-readable name of the location. Required.
Response
If successful, this method returns a 201 Createdresponse code and a new ipNamedLocation or countryNamedLocation object in the response body.
POST https://graph.microsoft.com/v1.0/identity/conditionalAccess/namedLocations
Content-type: application/json
{
"@odata.type": "#microsoft.graph.ipNamedLocation",
"displayName": "Untrusted IP named location",
"isTrusted": false,
"ipRanges": [
{
"@odata.type": "#microsoft.graph.iPv4CidrRange",
"cidrAddress": "12.34.221.11/22"
},
{
"@odata.type": "#microsoft.graph.iPv6CidrRange",
"cidrAddress": "2001:0:9d38:90d6:0:0:0:0/63"
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
var graphClient = new GraphServiceClient(requestAdapter);
var requestBody = new NamedLocation
{
OdataType = "#microsoft.graph.ipNamedLocation",
DisplayName = "Untrusted IP named location",
AdditionalData = new Dictionary<string, object>
{
{
"isTrusted" , false
},
{
"ipRanges" , new List<>
{
new
{
OdataType = "#microsoft.graph.iPv4CidrRange",
CidrAddress = "12.34.221.11/22",
},
new
{
OdataType = "#microsoft.graph.iPv6CidrRange",
CidrAddress = "2001:0:9d38:90d6:0:0:0:0/63",
},
}
},
},
};
var result = await graphClient.Identity.ConditionalAccess.NamedLocations.PostAsync(requestBody);
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new NamedLocation();
$requestBody->set@odatatype('#microsoft.graph.ipNamedLocation');
$requestBody->setDisplayName('Untrusted IP named location');
$additionalData = [
'isTrusted' => false,
'ipRanges' => $ipRanges1 = new ();
$ ipRanges1->set@odatatype('#microsoft.graph.iPv4CidrRange');
$ ipRanges1->setCidrAddress('12.34.221.11/22');
$ipRangesArray []= $ipRanges1;
$ipRanges2 = new ();
$ ipRanges2->set@odatatype('#microsoft.graph.iPv6CidrRange');
$ ipRanges2->setCidrAddress('2001:0:9d38:90d6:0:0:0:0/63');
$ipRangesArray []= $ipRanges2;
$requestBody->setIpRanges($ipRangesArray);
];
$requestBody->setAdditionalData($additionalData);
$result = $graphServiceClient->identity()->conditionalAccess()->namedLocations()->post($requestBody);
POST https://graph.microsoft.com/v1.0/identity/conditionalAccess/namedLocations
Content-type: application/json
{
"@odata.type": "#microsoft.graph.countryNamedLocation",
"displayName": "Named location with unknown countries and regions",
"countriesAndRegions": [
"US",
"GB"
],
"includeUnknownCountriesAndRegions": true
}
// Code snippets are only available for the latest version. Current version is 5.x
var graphClient = new GraphServiceClient(requestAdapter);
var requestBody = new NamedLocation
{
OdataType = "#microsoft.graph.countryNamedLocation",
DisplayName = "Named location with unknown countries and regions",
AdditionalData = new Dictionary<string, object>
{
{
"countriesAndRegions" , new List<string>
{
"US",
"GB",
}
},
{
"includeUnknownCountriesAndRegions" , true
},
},
};
var result = await graphClient.Identity.ConditionalAccess.NamedLocations.PostAsync(requestBody);
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$requestBody = new NamedLocation();
$requestBody->set@odatatype('#microsoft.graph.countryNamedLocation');
$requestBody->setDisplayName('Named location with unknown countries and regions');
$additionalData = [
'countriesAndRegions' => ['US', 'GB', ],
'includeUnknownCountriesAndRegions' => true,
];
$requestBody->setAdditionalData($additionalData);
$result = $graphServiceClient->identity()->conditionalAccess()->namedLocations()->post($requestBody);