Edit

permissionGrantPolicy resource type

  • Article

Namespace: microsoft.graph

A permission grant policy is used to specify the conditions under which consent can be granted.

A permission grant policy consists of a list of includes condition sets, and a list of excludes condition sets. For an event to match a permission grant policy, it must match at least one of the includes conditions sets, and none of the excludes condition sets.

Methods

Method Return Type Description
List permission grant policies permissionGrantPolicy collection Retrieve a list of permissionGrantPolicy objects.
Create permission grant policy permissionGrantPolicy Creates a new permissionGrantPolicy object.
Get permission grant policy permissionGrantPolicy Read properties and relationships of permissionGrantPolicy object.
Update permission grant policy permissionGrantPolicy Update permissionGrantPolicy object.
Include condition sets
List include condition sets permissionGrantConditionSet collection Get the condition sets which are included in this permission grant policy.
Add include condition set permissionGrantConditionSet Add a condition set which is included from this permission grant policy.
Remove include condition set None Remove a condition set which is excluded from this permission grant policy.
Exclude condition sets
List exclude condition sets permissionGrantConditionSet collection Get the condition sets which are excluded in this permission grant policy.
Add exclude condition set permissionGrantConditionSet Add a condition set which is excluded from this permission grant policy.
Remove exclude condition set None Remove a condition set which is excluded from this permission grant policy.

Properties

Property Type Description
displayName String The display name for the permission grant policy.
description String The description for the permission grant policy.
excludes permissionGrantConditionSet collection Condition sets which are excluded in this permission grant policy. Automatically expanded on GET.
id String The unique identifier for the permission grant policy. The id prefix microsoft- is reserved for built-in permission grant policies, and may not be used in a custom permission grant policy. Only letters, numbers, hyphens (-) and underscores (_) are allowed. Key. Not nullable. Required on create. Immutable.
includes permissionGrantConditionSet collection Condition sets which are included in this permission grant policy. Automatically expanded on GET.

Relationships

Relationship Type Description
excludes permissionGrantConditionSet collection Condition sets which are excluded in this permission grant policy. This navigation is automatically expanded on GET.
includes permissionGrantConditionSet collection Condition sets which are included in this permission grant policy. This navigation is automatically expanded on GET.

JSON representation

{
  "id": "string (identifier)",
  "displayName": "string",
  "description": "string",
  "includes": "collection(microsoft.graph.permissionGrantConditionSet)",
  "excludes": "collection(microsoft.graph.permissionGrantConditionSet)"
}