Update deviceComplianceScript

Namespace: microsoft.graph

Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.

Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.

Update the properties of a deviceComplianceScript object.

This API is available in the following national cloud deployments.

Global service	US Government L4	US Government L5 (DOD)	China operated by 21Vianet
✅	✅	✅	✅

Permissions

One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

Permission type	Permissions (from least to most privileged)
Delegated (work or school account)	DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All
Delegated (personal Microsoft account)	Not supported.
Application	DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All

HTTP Request

PATCH /deviceManagement/deviceComplianceScripts/{deviceComplianceScriptId}

Request headers

Header	Value
Authorization	Bearer {token}. Required. Learn more about authentication and authorization.
Accept	application/json

Request body

In the request body, supply a JSON representation for the deviceComplianceScript object.

The following table shows the properties that are required when you create the deviceComplianceScript.

Property	Type	Description
id	String	Unique Identifier for the device compliance script
publisher	String	Name of the device compliance script publisher
version	String	Version of the device compliance script
displayName	String	Name of the device compliance script
description	String	Description of the device compliance script
detectionScriptContent	Binary	The entire content of the detection powershell script
createdDateTime	DateTimeOffset	The timestamp of when the device compliance script was created. This property is read-only.
lastModifiedDateTime	DateTimeOffset	The timestamp of when the device compliance script was modified. This property is read-only.
runAsAccount	runAsAccountType	Indicates the type of execution context. Possible values are: system, user.
enforceSignatureCheck	Boolean	Indicate whether the script signature needs be checked
runAs32Bit	Boolean	Indicate whether PowerShell script(s) should run as 32-bit
roleScopeTagIds	String collection	List of Scope Tag IDs for the device compliance script

Response

If successful, this method returns a 200 OK response code and an updated deviceComplianceScript object in the response body.

Example

Request

Here is an example of the request.

PATCH https://graph.microsoft.com/beta/deviceManagement/deviceComplianceScripts/{deviceComplianceScriptId}
Content-type: application/json
Content-length: 420

{
  "@odata.type": "#microsoft.graph.deviceComplianceScript",
  "publisher": "Publisher value",
  "version": "Version value",
  "displayName": "Display Name value",
  "description": "Description value",
  "detectionScriptContent": "ZGV0ZWN0aW9uU2NyaXB0Q29udGVudA==",
  "runAsAccount": "user",
  "enforceSignatureCheck": true,
  "runAs32Bit": true,
  "roleScopeTagIds": [
    "Role Scope Tag Ids value"
  ]
}

Response

Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 592

{
  "@odata.type": "#microsoft.graph.deviceComplianceScript",
  "id": "14e72a7b-2a7b-14e7-7b2a-e7147b2ae714",
  "publisher": "Publisher value",
  "version": "Version value",
  "displayName": "Display Name value",
  "description": "Description value",
  "detectionScriptContent": "ZGV0ZWN0aW9uU2NyaXB0Q29udGVudA==",
  "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
  "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
  "runAsAccount": "user",
  "enforceSignatureCheck": true,
  "runAs32Bit": true,
  "roleScopeTagIds": [
    "Role Scope Tag Ids value"
  ]
}