Create windows10XTrustedRootCertificate
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Create a new windows10XTrustedRootCertificate object.
This API is available in the following national cloud deployments.
| Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | DeviceManagementServiceConfig.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
| Application | DeviceManagementServiceConfig.ReadWrite.All |
HTTP Request
POST /deviceManagement/resourceAccessProfiles
Request headers
| Header | Value |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
| Accept | application/json |
Request body
In the request body, supply a JSON representation for the windows10XTrustedRootCertificate object.
The following table shows the properties that are required when you create the windows10XTrustedRootCertificate.
| Property | Type | Description |
|---|---|---|
| id | String | Profile identifier Inherited from deviceManagementResourceAccessProfileBase |
| version | Int32 | Version of the profile Inherited from deviceManagementResourceAccessProfileBase |
| displayName | String | Profile display name Inherited from deviceManagementResourceAccessProfileBase |
| description | String | Profile description Inherited from deviceManagementResourceAccessProfileBase |
| creationDateTime | DateTimeOffset | DateTime profile was created Inherited from deviceManagementResourceAccessProfileBase |
| lastModifiedDateTime | DateTimeOffset | DateTime profile was last modified Inherited from deviceManagementResourceAccessProfileBase |
| roleScopeTagIds | String collection | Scope Tags Inherited from deviceManagementResourceAccessProfileBase |
| serverApplicabilityRules | applicabilityRule collection | The list of Applicability Rules for a Device Configuration Profile Inherited from deviceManagementResourceAccessProfileBase |
| trustedRootCertificate | Binary | Trusted Root Certificate |
| certFileName | String | File name to display in UI. |
| destinationStore | certificateDestinationStore | Destination store location for the Trusted Root Certificate. Possible values are: computerCertStoreRoot, computerCertStoreIntermediate, userCertStoreIntermediate. |
Response
If successful, this method returns a 201 Created response code and a windows10XTrustedRootCertificate object in the response body.
Example
Request
Here is an example of the request.
POST https://graph.microsoft.com/beta/deviceManagement/resourceAccessProfiles
Content-type: application/json
Content-length: 599
{
"@odata.type": "#microsoft.graph.windows10XTrustedRootCertificate",
"version": 7,
"displayName": "Display Name value",
"description": "Description value",
"creationDateTime": "2017-01-01T00:00:43.1365422-08:00",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"serverApplicabilityRules": [
{
"@odata.type": "microsoft.graph.applicabilityRule",
"filterType": "include"
}
],
"trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
"certFileName": "Cert File Name value",
"destinationStore": "computerCertStoreIntermediate"
}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 712
{
"@odata.type": "#microsoft.graph.windows10XTrustedRootCertificate",
"id": "be0bfd01-fd01-be0b-01fd-0bbe01fd0bbe",
"version": 7,
"displayName": "Display Name value",
"description": "Description value",
"creationDateTime": "2017-01-01T00:00:43.1365422-08:00",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"serverApplicabilityRules": [
{
"@odata.type": "microsoft.graph.applicabilityRule",
"filterType": "include"
}
],
"trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
"certFileName": "Cert File Name value",
"destinationStore": "computerCertStoreIntermediate"
}