defaultManagedAppProtection resource type
Namespace: microsoft.graph
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Policy used to configure detailed management settings for a specified set of apps for all users not targeted by a TargetedManagedAppProtection Policy
Inherits from managedAppProtection
Methods
Method | Return Type | Description |
---|---|---|
List defaultManagedAppProtections | defaultManagedAppProtection collection | List properties and relationships of the defaultManagedAppProtection objects. |
Get defaultManagedAppProtection | defaultManagedAppProtection | Read properties and relationships of the defaultManagedAppProtection object. |
Create defaultManagedAppProtection | defaultManagedAppProtection | Create a new defaultManagedAppProtection object. |
Delete defaultManagedAppProtection | None | Deletes a defaultManagedAppProtection. |
Update defaultManagedAppProtection | defaultManagedAppProtection | Update the properties of a defaultManagedAppProtection object. |
Properties
Property | Type | Description |
---|---|---|
displayName | String | Policy display name. Inherited from managedAppPolicy |
description | String | The policy's description. Inherited from managedAppPolicy |
createdDateTime | DateTimeOffset | The date and time the policy was created. Inherited from managedAppPolicy |
lastModifiedDateTime | DateTimeOffset | Last time the policy was modified. Inherited from managedAppPolicy |
id | String | Key of the entity. Inherited from managedAppPolicy |
version | String | Version of the entity. Inherited from managedAppPolicy |
periodOfflineBeforeAccessCheck | Duration | The period after which access is checked when the device is not connected to the internet. Inherited from managedAppProtection |
periodOnlineBeforeAccessCheck | Duration | The period after which access is checked when the device is connected to the internet. Inherited from managedAppProtection |
allowedInboundDataTransferSources | managedAppDataTransferLevel | Sources from which data is allowed to be transferred. Inherited from managedAppProtection. Possible values are: allApps , managedApps , none . |
allowedOutboundDataTransferDestinations | managedAppDataTransferLevel | Destinations to which data is allowed to be transferred. Inherited from managedAppProtection. Possible values are: allApps , managedApps , none . |
organizationalCredentialsRequired | Boolean | Indicates whether organizational credentials are required for app use. Inherited from managedAppProtection |
allowedOutboundClipboardSharingLevel | managedAppClipboardSharingLevel | The level to which the clipboard may be shared between apps on the managed device. Inherited from managedAppProtection. Possible values are: allApps , managedAppsWithPasteIn , managedApps , blocked . |
dataBackupBlocked | Boolean | Indicates whether the backup of a managed app's data is blocked. Inherited from managedAppProtection |
deviceComplianceRequired | Boolean | Indicates whether device compliance is required. Inherited from managedAppProtection |
managedBrowserToOpenLinksRequired | Boolean | Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android) Inherited from managedAppProtection |
saveAsBlocked | Boolean | Indicates whether users may use the "Save As" menu item to save a copy of protected files. Inherited from managedAppProtection |
periodOfflineBeforeWipeIsEnforced | Duration | The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped. Inherited from managedAppProtection |
pinRequired | Boolean | Indicates whether an app-level pin is required. Inherited from managedAppProtection |
maximumPinRetries | Int32 | Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped. Inherited from managedAppProtection |
simplePinBlocked | Boolean | Indicates whether simplePin is blocked. Inherited from managedAppProtection |
minimumPinLength | Int32 | Minimum pin length required for an app-level pin if PinRequired is set to True Inherited from managedAppProtection |
pinCharacterSet | managedAppPinCharacterSet | Character set which may be used for an app-level pin if PinRequired is set to True. Inherited from managedAppProtection. Possible values are: numeric , alphanumericAndSymbol . |
periodBeforePinReset | Duration | TimePeriod before the all-level pin must be reset if PinRequired is set to True. Inherited from managedAppProtection |
allowedDataStorageLocations | managedAppDataStorageLocation collection | Data storage locations where a user may store managed data. Inherited from managedAppProtection |
contactSyncBlocked | Boolean | Indicates whether contacts can be synced to the user's device. Inherited from managedAppProtection |
printBlocked | Boolean | Indicates whether printing is allowed from managed apps. Inherited from managedAppProtection |
fingerprintBlocked | Boolean | Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True. Inherited from managedAppProtection |
disableAppPinIfDevicePinIsSet | Boolean | Indicates whether use of the app pin is required if the device pin is set. Inherited from managedAppProtection |
minimumRequiredOsVersion | String | Versions less than the specified version will block the managed app from accessing company data. Inherited from managedAppProtection |
minimumWarningOsVersion | String | Versions less than the specified version will result in warning message on the managed app from accessing company data. Inherited from managedAppProtection |
minimumRequiredAppVersion | String | Versions less than the specified version will block the managed app from accessing company data. Inherited from managedAppProtection |
minimumWarningAppVersion | String | Versions less than the specified version will result in warning message on the managed app. Inherited from managedAppProtection |
managedBrowser | managedBrowserType | Indicates in which managed browser(s) that internet links should be opened. When this property is configured, ManagedBrowserToOpenLinksRequired should be true. Inherited from managedAppProtection. Possible values are: notConfigured , microsoftEdge . |
appDataEncryptionType | managedAppDataEncryptionType | Type of encryption which should be used for data in a managed app. (iOS Only). Possible values are: useDeviceSettings , afterDeviceRestart , whenDeviceLockedExceptOpenFiles , whenDeviceLocked . |
screenCaptureBlocked | Boolean | Indicates whether screen capture is blocked. (Android only) |
encryptAppData | Boolean | Indicates whether managed-app data should be encrypted. (Android only) |
disableAppEncryptionIfDeviceEncryptionIsEnabled | Boolean | When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android only) |
minimumRequiredSdkVersion | String | Versions less than the specified version will block the managed app from accessing company data. (iOS Only) |
customSettings | keyValuePair collection | A set of string key and string value pairs to be sent to the affected users, unalterned by this service |
deployedAppCount | Int32 | Count of apps to which the current policy is deployed. |
minimumRequiredPatchVersion | String | Define the oldest required Android security patch level a user can have to gain secure access to the app. (Android only) |
minimumWarningPatchVersion | String | Define the oldest recommended Android security patch level a user can have for secure access to the app. (Android only) |
faceIdBlocked | Boolean | Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only) |
Relationships
Relationship | Type | Description |
---|---|---|
apps | managedMobileApp collection | List of apps to which the policy is deployed. |
deploymentSummary | managedAppPolicyDeploymentSummary | Navigation property to deployment summary of the configuration. |
JSON Representation
Here is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.defaultManagedAppProtection",
"displayName": "String",
"description": "String",
"createdDateTime": "String (timestamp)",
"lastModifiedDateTime": "String (timestamp)",
"id": "String (identifier)",
"version": "String",
"periodOfflineBeforeAccessCheck": "String (duration)",
"periodOnlineBeforeAccessCheck": "String (duration)",
"allowedInboundDataTransferSources": "String",
"allowedOutboundDataTransferDestinations": "String",
"organizationalCredentialsRequired": true,
"allowedOutboundClipboardSharingLevel": "String",
"dataBackupBlocked": true,
"deviceComplianceRequired": true,
"managedBrowserToOpenLinksRequired": true,
"saveAsBlocked": true,
"periodOfflineBeforeWipeIsEnforced": "String (duration)",
"pinRequired": true,
"maximumPinRetries": 1024,
"simplePinBlocked": true,
"minimumPinLength": 1024,
"pinCharacterSet": "String",
"periodBeforePinReset": "String (duration)",
"allowedDataStorageLocations": [
"String"
],
"contactSyncBlocked": true,
"printBlocked": true,
"fingerprintBlocked": true,
"disableAppPinIfDevicePinIsSet": true,
"minimumRequiredOsVersion": "String",
"minimumWarningOsVersion": "String",
"minimumRequiredAppVersion": "String",
"minimumWarningAppVersion": "String",
"managedBrowser": "String",
"appDataEncryptionType": "String",
"screenCaptureBlocked": true,
"encryptAppData": true,
"disableAppEncryptionIfDeviceEncryptionIsEnabled": true,
"minimumRequiredSdkVersion": "String",
"customSettings": [
{
"@odata.type": "microsoft.graph.keyValuePair",
"name": "String",
"value": "String"
}
],
"deployedAppCount": 1024,
"minimumRequiredPatchVersion": "String",
"minimumWarningPatchVersion": "String",
"faceIdBlocked": true
}