deviceManagementExchangeOnPremisesPolicy resource type

Namespace: microsoft.graph

Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.

Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.

Singleton entity which represents the Exchange OnPremises policy configured for a tenant.


Method Return Type Description
Get deviceManagementExchangeOnPremisesPolicy deviceManagementExchangeOnPremisesPolicy Read properties and relationships of the deviceManagementExchangeOnPremisesPolicy object.
Update deviceManagementExchangeOnPremisesPolicy deviceManagementExchangeOnPremisesPolicy Update the properties of a deviceManagementExchangeOnPremisesPolicy object.


Property Type Description
id String
notificationContent Binary Notification text that will be sent to users quarantined by this policy. This is UTF8 encoded byte array HTML.
defaultAccessLevel deviceManagementExchangeAccessLevel Default access state in Exchange. This rule applies globally to the entire Exchange organization. Possible values are: none, allow, block, quarantine.
accessRules deviceManagementExchangeAccessRule collection The list of device access rules in Exchange. The access rules apply globally to the entire Exchange organization
knownDeviceClasses deviceManagementExchangeDeviceClass collection The list of device classes known to Exchange


Relationship Type Description
conditionalAccessSettings onPremisesConditionalAccessSettings The Exchange on premises conditional access settings. On premises conditional access will require devices to be both enrolled and compliant for mail access

JSON Representation

Here is a JSON representation of the resource.

  "@odata.type": "#microsoft.graph.deviceManagementExchangeOnPremisesPolicy",
  "id": "String (identifier)",
  "notificationContent": "binary",
  "defaultAccessLevel": "String",
  "accessRules": [
      "@odata.type": "microsoft.graph.deviceManagementExchangeAccessRule",
      "deviceClass": {
        "@odata.type": "microsoft.graph.deviceManagementExchangeDeviceClass",
        "name": "String",
        "type": "String"
      "accessLevel": "String"
  "knownDeviceClasses": [
      "@odata.type": "microsoft.graph.deviceManagementExchangeDeviceClass",
      "name": "String",
      "type": "String"