permissionGrantPolicy resource type
Namespace: microsoft.graph
A permission grant policy is used to specify the conditions under which consent can be granted.
A permission grant policy consists of a list of includes condition sets, and a list of excludes condition sets. For an event to match a permission grant policy, it must match at least one of the includes conditions sets, and none of the excludes condition sets.
For more information, see Manage app consent policies.
Methods
| Method | Return Type | Description |
|---|---|---|
| List permission grant policies | permissionGrantPolicy collection | Retrieve a list of permissionGrantPolicy objects. |
| Create permission grant policy | permissionGrantPolicy | Creates a new permissionGrantPolicy object. |
| Get permission grant policy | permissionGrantPolicy | Read properties and relationships of permissionGrantPolicy object. |
| Update permission grant policy | permissionGrantPolicy | Update permissionGrantPolicy object. |
| Include condition sets | ||
| List include condition sets | permissionGrantConditionSet collection | Get the condition sets that are included in this permission grant policy. |
| Add include condition set | permissionGrantConditionSet | Add a condition set that is included from this permission grant policy. |
| Remove include condition set | None | Remove a condition set that is excluded from this permission grant policy. |
| Exclude condition sets | ||
| List exclude condition sets | permissionGrantConditionSet collection | Get the condition sets that are excluded in this permission grant policy. |
| Add exclude condition set | permissionGrantConditionSet | Add a condition set that is excluded from this permission grant policy. |
| Remove exclude condition set | None | Remove a condition set that is excluded from this permission grant policy. |
Properties
| Property | Type | Description |
|---|---|---|
| displayName | String | The display name for the permission grant policy. |
| description | String | The description for the permission grant policy. |
| excludes | permissionGrantConditionSet collection | Condition sets that are excluded in this permission grant policy. Automatically expanded on GET. |
| id | String | The unique identifier for the permission grant policy. The id prefix microsoft- is reserved for built-in permission grant policies, and may not be used in a custom permission grant policy. Only letters, numbers, hyphens (-) and underscores (_) are allowed. Key. Not nullable. Required on create. Immutable. |
| includes | permissionGrantConditionSet collection | Condition sets that are included in this permission grant policy. Automatically expanded on GET. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| excludes | permissionGrantConditionSet collection | Condition sets that are excluded in this permission grant policy. This navigation is automatically expanded on GET. |
| includes | permissionGrantConditionSet collection | Condition sets that are included in this permission grant policy. This navigation is automatically expanded on GET. |
JSON representation
The following JSON representation shows the resource type.
{
"id": "string (identifier)",
"displayName": "string",
"description": "string",
"includes": "collection(microsoft.graph.permissionGrantConditionSet)",
"excludes": "collection(microsoft.graph.permissionGrantConditionSet)"
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for