What's new in Microsoft Graph
Microsoft Graph provides a unified programmability model that you can use to access data in Microsoft 365, Windows, and Enterprise Mobility + Security. This article provides information about what's new in Microsoft Graph APIs, documentation, SDKs, and more.
For more detailed API-level updates, see the Microsoft Graph API changelog.
For details about previous updates to Microsoft Graph, see Microsoft Graph what's new history.
Important
Features in preview status are subject to change without notice, and might not be promoted to generally available (GA) status. Don't use preview features in production apps.
October 2024: New and generally available
Backup storage
Updated the endpoints of the following methods:
Identity and access | Directory management
Get the root domain of a subdomain.
Added recommendations to use unified RBAC APIs in unifiedRoleDefinition instead of directoryRole and directoryRoleTemplate.
Security | eDiscovery
- Enabled the deletion of Exchange mailbox items in the ediscoverySearch: purgeData method.
- Deleted the
permanentlyDeleted
member from the purgeType enumeration in favor of thepermanentlyDelete
member.
Teamwork and communications | Apps
Use the clientAppId property on teamsAppAuthorization to get the registration ID of the Microsoft Entra app ID associated with an app in the Microsoft Teams app catalog.
Teamwork and communications | Messaging
Updated the chatMessage: delta method to use a new endpoint that gets the list of delta messages from all chats in which a user is a participant, including one-on-one chats, group chats, and meeting chats.
October 2024: New in preview only
Backup storage
Added new endpoints for bulk addition of protection units into a protection policy:
Updated the endpoints of the following methods:
Device and app management | Cloud PC
- Enabled the
$select
query parameter for the cloudPC: getProvisionedCloudPCs method. - Use the notificationSetting property on cloudPcUserSetting to define the Cloud PC notification prompts for a Cloud PC user.
Reports | Identity and access reports
The Microsoft Entra Health monitoring alerts APIs enable you to detect anomalous usage patterns in business-critical identity scenarios for your tenant and receive alert notifications. Use the operations of the alert and alertConfiguration resources to retrieve and update alerts and alert configurations. For details, see the related changelog section.
Security | eDiscovery
- Enabled the deletion of Exchange mailbox items in the ediscoverySearch: purgeData method.
- Deleted the
permanentlyDeleted
member from the purgeType enumeration in favor of thepermanentlyDelete
member.
Teamwork and communications | Calls and online meetings
- Use the externalRegistrationInformation property on virtualEventRegistration to get or set the external information for a virtual event registration.
- Use the following new methods for virtual events that are of the virtualEventTownhall type:
Device and app management | Cloud licensing
- Use the new cloud licensing usageRight entity that is designed for client and workload license checks, with relationships structured to flow from the user or group to the usageRight. This new entity supports the following operations:
- Use the cloudLicensing property on a group or user to get their relationships with cloud licensing resources.
Teamwork and communications | Messaging
- Updated the chatMessage: delta method to use a new endpoint that gets the list of delta messages from all chats in which a user is a participant, including one-on-one chats, group chats, and meeting chats.
- Remove multiple members from a team in a single request.
Users
Changed the following on-premises synced properties of the user resource type that were read-only in Microsoft Graph to be updatable via Microsoft Graph:
- onPremisesDistinguishedName
- onPremisesDomainName
- onPremisesSamAccountName
- onPremisesSecurityIdentifier
- onPremisesUserPrincipalName
September 2024: New and generally available
Change notifications
Announced the deprecation of shared access signatures (SAS) for authenticating Event Hubs for Microsoft Graph change notifications. We recommend using Microsoft Entra ID role-based access control (RBAC) instead. Follow the guidance to migrate to RBAC.
Identity and access | Directory management
Removed the previously deprecated Directory.Write.Restricted
permission from the device, group, and user resources.
Security | Alerts and incidents
- Use the dnsDomain property on deviceEvidence to get the DNS domain that a computer belongs to.
- Use the hostName property on deviceEvidence to get the hostname without the domain suffix.
- Use the ntDomain property on deviceEvidence to get a logical grouping of computers within a Microsoft Windows network.
Security | Identities
Added the ability to get, list, and update Microsoft Defender for Identity health issues that represent potential issues identified within a customer's Defender for Identity configuration.
Teamwork and communications | Messaging
- Get all retained messages across all channels in a team.
- Get all retained messages from all chats that a user is a participant in, including one-on-one chats, group chats, and meeting chats.
September 2024: New in preview only
Applications | Service principal
Use the serviceManagementReference optional property in the applicationTemplate: instantiate method to set the service tree ID for a service.
Device and app management | Cloud PC
- Enabled the
middleEast
andmexico
members as supported regions in the cloudPcRegionGroup enumeration. - Removed the getShiftWorkCloudPcAccessState method from the cloudPC resource. Going forward, use the getFrontlineCloudPcAccessState API.
- Use the autopilotConfiguration property on cloudPcProvisioningPolicy to get or set the settings for Windows Autopilot that enable Windows 365 customers to experience it on Cloud PC.
- Use the osVersionNumber property on cloudPcDeviceImage and cloudPcGalleryImage resources to get the operating system version of an image.
- Introduced the retrieveSnapshots method on the cloudPC resource to enable you to return a list of all snapshots of a Cloud PC.
Deprecated the following methods:
- bulkSetReviewStatus; use the cloudPcBulkSetReviewStatus resource and its supported APIs instead.
- List snapshots; use the retrieveSnapshots resource and its supported APIs instead.
Files
- Update the recycle bin settings for a fileStorageContainer.
- Use the
$skip
,$top
,$orderBy
,$filter
, andincludeAllContainerUsers
query parameters to customize the List permissions operation response. - Include all version history when you copy a drive item. The version history is included up to the target version setting limit.
Identity and access | Directory management
Use the passwordResetUri property on internalDomainFederation to get or set the URI that clients are redirected to for resetting their password.
Identity and access | Identity and sign in
- Use the identifierUris property in the get and update operations of the tenantAppManagementPolicy resource to get or set restrictions on vulnerable or easily compromised identifier URI formats for an application.
- Updated the return type for the applicationRestrictions property of the tenantAppManagementPolicy resource from appManagementConfiguration to appManagementApplicationConfiguration.
- Updated the return type for the servicePrincipalRestrictions property of the tenantAppManagementPolicy resource from appManagementConfiguration to appManagementServicePrincipalConfiguration.
- Updated the return type for the restrictions property of the appManagementPolicy resource from appManagementConfiguration to customAppManagementConfiguration.
Reports | Microsoft 365 usage reports
- Get the most recent activity data for enabled users of Microsoft 365 Copilot apps.
- Get the aggregated number of active and enabled users of Microsoft 365 Copilot for a specified time period.
- Get the trend in the daily number of active and enabled users of Microsoft 365 Copilot for a specified time period.
Security | Alerts and incidents
- Use the dnsDomain property on deviceEvidence to get the DNS domain that a computer belongs to.
- Use the hostName property on deviceEvidence to get the hostname without the domain suffix.
- Use the ntDomain property on deviceEvidence to get a logical grouping of computers within a Microsoft Windows network.
Security | Identities
- Generate a new deployment access key.
- Get the deployment access key associated with a Microsoft Defender for Identity.
- Get the sensor deployment package URL and version.
Teamwork and communications | Calls and online meetings
Use the isDeltaRosterEnabled property on incomingCallOptions and outgoingCallOptions to indicate whether delta roster is enabled for a call.
Contribute to Microsoft Graph
Are there scenarios you'd like Microsoft Graph to support?
Suggest and vote for new features by using the Microsoft Graph Feedback Portal. Some new features originate as popular requests from the developer community. The Microsoft Graph team regularly evaluates customer needs and releases new features to the beta (
https://graph.microsoft.com/beta
) and v1.0 (https://graph.microsoft.com/v1.0
) endpoints.Join the weekly Microsoft 365 platform community call and become an active member of the Microsoft Graph community. To discover the full calendar of developer calls, visit the Microsoft 365 and Power Platform community page.
Join our research panel to provide your input on our developer experiences.