secureScoreControlProfile resource type

Namespace: microsoft.graph


APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Represents a tenant's secure score per control data. By default, it returns all controls for a tenant and can explicitly pull individual controls.


Method Return Type Description
List secure score control profiles secureScoreControlProfile collection Get a collection of secureScoreControlProfile objects.


Property Type Description
actionType String Control action type (Config, Review, Behavior).
actionUrl String URL to where the control can be actioned.
azureTenantId String GUID string for tenant ID.
complianceInformation complianceInformation collection The collection of compliance information associated with secure score control
controlCategory String Control action category (Account, Data, Device, Apps, Infrastructure).
controlName String Name of the control.
controlStateUpdates secureScoreControlStateUpdate collection Flag to indicate where the tenant has marked a control (ignored, thirdParty, reviewed) (supports update).
deprecated Boolean Flag to indicate if a control is depreciated.
id String Provider-generated GUID/unique identifier. Read-only. Required.
implementationCost String Resource cost of implemmentating control (low, moderate, high).
lastModifiedDateTime DateTimeOffset Time at which the control profile entity was last modified. The Timestamp type represents date and time
maxScore String Current obtained max score on specified date.
rank Int32 Microsoft's stack ranking of control.
remediation String Description of what the control will help remediate.
remediationImpact String Description of the impact on users of the remediation.
service String Service that owns the control (Exchange, Sharepoint, Microsoft Entra ID).
threats String collection List of threats the control mitigates (accountBreach, dataDeletion, dataExfiltration, dataSpillage, elevationOfPrivilege, maliciousInsider, passwordCracking, phishingOrWhaling, spoofing).
tier String Control tier (Core, Defense in Depth, Advanced.)
title String Title of the control.
userImpact String User impact of implementing control (low, moderate, high).
vendorInformation securityVendorInformation Complex type containing details about the security product/service vendor, provider, and subprovider (for example, vendor=Microsoft; provider=SecureScore). Required.



JSON representation

The following is a JSON representation of the resource.

  "actionType": "String",
  "actionUrl": "String",
  "azureTenantId": "String",
  "complianceInformation": [{"@odata.type": "microsoft.graph.complianceInformation"}],
  "controlCategory": "String",
  "controlStateUpdates": [{"@odata.type": "microsoft.graph.secureScoreControlStateUpdate"}],
  "deprecated": false,
  "id": "String (identifier)",
  "implementationCost": "String",
  "lastModifiedDateTime": "String (timestamp)",
  "maxScore": 1024.13,
  "rank": 100,
  "remediation": "String",
  "remediationImpact": "String",
  "service": "String",
  "threats": ["String"],
  "tier": "String",
  "title": "String",
  "userImpact": "String",
  "vendorInformation": {"@odata.type": "microsoft.graph.securityVendorInformation"}