identifierUriRestriction resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Configuration object to configure a restriction for identifier URIs on application objects.

Properties

Property Type Description
excludeActors appManagementPolicyActorExemptions Collection of custom security attribute exemptions. If an actor user or service principal has the custom security attribute, they're exempted from the restriction.
excludeAppsReceivingV2Tokens Boolean If true, the restriction isn't enforced for applications that are configured to receive V2 tokens in Microsoft Entra ID; else, the restriction isn't enforced for those applications.
excludeSaml Boolean If true, the restriction isn't enforced for SAML applications in Microsoft Entra ID; else, the restriction is enforced for those applications.
restrictForAppsCreatedAfterDateTime String Specifies the date from which the policy restriction applies to newly created applications. For existing applications, the enforcement date can be retroactively applied.
state appManagementRestrictionState String value that indicates if the restriction is evaluated. The possible values are: enabled, disabled, and unknownFutureValue. If enabled, the restriction is evaluated. If disabled, the restriction isn't evaluated or enforced.

Relationships

None.

JSON representation

The following JSON representation shows the resource type.

{
  "@odata.type": "#microsoft.graph.identifierUriRestriction",
  "state": "String",
  "restrictForAppsCreatedAfterDateTime": "String (timestamp)",
  "excludeAppsReceivingV2Tokens": "Boolean",
  "excludeSaml": "Boolean",
  "excludeActors": {
      "@odata.type": "microsoft.graph.appManagementPolicyActorExemptions"
    }
}