National cloud deployments

In addition to our global network of datacenters, Microsoft cloud services are available in two separate national clouds. These national cloud versions are physical and logical network-isolated instances of Microsoft enterprise cloud services that are confined within the geographic borders of specific countries and operated by local personnel.

Current national clouds include:

  • Microsoft Cloud for US Government
  • Microsoft Azure and Microsoft 365 operated by 21Vianet in China

Each national cloud environment is unique and different than the Microsoft global environment. It's important to be aware of some of these key differences when you develop applications for national cloud environments; for example, registering applications, acquiring tokens, and calling the Microsoft Graph API can be different.

This article provides information about the different Microsoft Graph national cloud deployments and the capabilities that are available to developers within each.


Microsoft Graph Data Connect does not support any of the national cloud deployments.

App registration and token service root endpoints

Before calling the Microsoft Graph APIs, you should first register your application and acquire a token. The following table lists the base URLs for the endpoints to register your application and acquire tokens for each national cloud.

National cloud Azure portal endpoint Microsoft Entra ID endpoint
Azure global service
Azure US Government
Azure China operated by 21Vianet

To learn more about access tokens and Microsoft Graph, see authentication basics. For authentication scenarios, see Microsoft identity platform authentication basics.

Microsoft Graph and Graph Explorer service root endpoints

The following table shows the service root endpoints for Microsoft Graph and Graph Explorer for each national cloud.

National Cloud Microsoft Graph Graph Explorer
Microsoft Graph global service
Microsoft Graph for US Government L4 Not supported.
Microsoft Graph for US Government L5 (DOD) Not supported.
Microsoft Graph China operated by 21Vianet Not supported.


For an app in US Government:

  • If you're working in a Microsoft 365 GCC environment, continue using the worldwide endpoints: and
  • If you're working in a Microsoft 365 GCC High environment, use and
  • If you're working in a Microsoft 365 DoD environment, use and


Apps can only access organizational data through the national cloud endpoints. This means that apps can only access data in tenants that are registered in the specific national cloud. Apps that are trying to access consumer data associated with Microsoft personal accounts through Microsoft Graph should use the global service Access tokens acquired for a national cloud deployment are not interchangeable with those acquired for the global service or any other national cloud.

Supported features

The following Microsoft Graph features are generally available on the /v1.0 endpoint across all national cloud deployments, except where noted.

Microsoft Graph features Microsoft Cloud for US Government Microsoft Cloud China operated by 21Vianet
Access reviews
Applications and service principals
Change notifications (subscriptions)
Change tracking (delta query)
Directory extensions
OneDrive ✔*
Open type extensions
Organizational contacts
Outlook Calendar
Outlook Mail
Personal Contacts
Privileged identity management
Reports (Microsoft Entra activity reports)
Reports (Microsoft 365 reports)
Search (Microsoft Search)
Service health and communications
To Do

For more information about the availability of Microsoft 365 usage reports in national clouds, see Working with Microsoft 365 usage reports in Microsoft Graph.

(*) Limited support for Exchange and OneDrive services only. Microsoft Entra services aren't supported.


Certain services and features that are in specific regions of the global service might not be available in all of the national clouds. To find out what services are available, see products available by region.

To learn more about National clouds, see the following articles:

Explore samples for authenticating and working with Azure and Microsoft 365 in National cloud deployments: