Create emailThreatSubmissionPolicy
Namespace: microsoft.graph.security
Important
APIs under the /beta
version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Create a new emailThreatSubmissionPolicy object.
This API is available in the following national cloud deployments.
Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
---|---|---|---|
✅ | ❌ | ❌ | ❌ |
Permissions
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
Permission type | Least privileged permissions | Higher privileged permissions |
---|---|---|
Delegated (work or school account) | ThreatSubmissionPolicy.ReadWrite.All | Not available. |
Delegated (personal Microsoft account) | Not supported. | Not supported. |
Application | ThreatSubmissionPolicy.ReadWrite.All | Not available. |
HTTP request
POST /security/threatSubmission/emailThreatSubmissionPolicies
Request headers
Name | Description |
---|---|
Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Content-Type | application/json. Required. |
Request body
In the request body, supply a JSON representation of the emailThreatSubmissionPolicy object.
You can also specify the following properties when creating an emailThreatSubmissionPolicy. These properties are related to the user reported message settings. For details, see User reported message settings.
Property | Type | Description |
---|---|---|
customizedNotificationSenderEmailAddress | String | Specifies the email address of the sender from which email notifications will be sent to end users to inform them whether an email is spam, phish or clean. The default value is null . Optional for creation. |
customizedReportRecipientEmailAddress | String | Specifies the destination where the reported messages from end users will land whenever they report something as phish, junk or not junk. The default value is null . Optional for creation. |
isAlwaysReportEnabledForUsers | Boolean | Indicates whether end users can report a message as spam, phish or junk directly without a confirmation(popup). The default value is true . Optional for creation. |
isAskMeEnabledForUsers | Boolean | Indicates whether end users can confirm using a popup before reporting messages as spam, phish or not junk. The default value is true . Optional for creation. |
isCustomizedMessageEnabled | Boolean | Indicates whether the email notifications sent to end users to inform them if an email is phish, spam or junk is customized or not. The default value is false . Optional for creation. |
isCustomizedMessageEnabledForPhishing | Boolean | If enabled, customized message only shows when email is reported as phishing. The default value is false . Optional for creation. |
isCustomizedNotificationSenderEnabled | Boolean | Indicates whether to use the sender email address set using customizedNotificationSenderEmailAddress for sending email notifications to end users. The default value is false . Optional for creation. |
isNeverReportEnabledForUsers | Boolean | Indicates whether end users can simply move the message from one folder to another based on the action of spam, phish or not junk without actually reporting it. The default value is true . Optional for creation. |
isOrganizationBrandingEnabled | Boolean | Indicates whether the branding logo should be used in the email notifications sent to end users. The default value is false . Optional for creation. |
isReportFromQuarantineEnabled | Boolean | Indicates whether end users can submit from the quarantine page. The default value is true . Optional for creation. |
isReportToCustomizedEmailAddressEnabled | Boolean | Indicates whether emails reported by end users should be send to the custom mailbox configured using customizedReportRecipientEmailAddress. The default value is false . Optional for creation. |
isReportToMicrosoftEnabled | Boolean | If enabled, the email will be sent to Microsoft for analysis. The default value is false . Requried for creation. |
isReviewEmailNotificationEnabled | Boolean | Indicates whether an email notification is sent to the end user who reported the email when it has been reviewed by the admin. The default value is false . Optional for creation. |
Response
If successful, this method returns a 201 Created
response code and an emailThreatSubmissionPolicy object in the response body.
Examples
Request
The following example shows a request.
POST https://graph.microsoft.com/beta/security/threatSubmission/emailthreatSubmissionPolicies
Content-type: application/json
{
"isReportToMicrosoftEnabled": true
}
Response
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 201 Created
Content-Type: application/json
{
"@odata.type": "#microsoft.graph.security.emailThreatSubmissionPolicy",
"id": "DefaultReportSubmissionPolicy",
"isReportToMicrosoftEnabled": true,
"isReportToCustomizedEmailAddressEnabled": false,
"isAskMeEnabledForUsers": true,
"isAlwaysReportEnabledForUsers": true,
"isNeverReportEnabledForUsers": true,
"isCustomizedMessageEnabledForPhishing": false,
"isCustomizedMessageEnabled": false,
"customizedReportRecipientEmailAddress": null,
"isReviewEmailNotificationEnabled": false,
"isCustomNotificationSenderEnabled": false,
"isOrganizationBrandingEnabled": false,
"customizedNotificationSenderEmailAddress": null,
"isReportFromQuarantineEnabled": false
}