Update crossTenantAccessPolicy

Namespace: microsoft.graph

Update the properties of a cross-tenant access policy.


One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

Permission type Permissions (from least to most privileged)
Delegated (work or school account) Policy.ReadWrite.CrossTenantAccess
Delegated (personal Microsoft account) Not applicable
Application Policy.ReadWrite.CrossTenantAccess

HTTP request

PATCH /policies/crossTenantAccessPolicy

Request headers

Name Description
Authorization Bearer {token}. Required.
Content-Type application/json. Required.

Request body

In the request body, supply only the values for properties that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values.

The following table specifies the properties that can be updated.

Property Type Description
displayName String The display name of the cross-tenant access policy.
allowedCloudEndpoints String collection Used to specify which Microsoft clouds an organization would like to collaborate with. By default, this value is empty. Supported values for this field are: microsoftonline.com, microsoftonline.us, and partner.microsoftonline.cn.


If successful, this method returns a 204 No Content response code.

The crossTenantAccessPolicy object size is currently limited to 25KB. This method will return a 400 Bad Request error code if the size of the policy will exceed 25KB.



PATCH https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy
Content-Type: application/json

  "allowedCloudEndpoints": ["microsoftonline.us"]


HTTP/1.1 204 No Content