Update-MgBetaOrganizationSettingMicrosoftApplicationDataAccess
Update the settings in a microsoftApplicationDataAccessSettings object that specify access from Microsoft applications to Microsoft 365 user data in an organization.
Syntax
Update-MgBetaOrganizationSettingMicrosoftApplicationDataAccess
-OrganizationId <String>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-DisabledForGroup <String>]
[-Id <String>]
[-IsEnabledForAllMicrosoftApplications]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-MgBetaOrganizationSettingMicrosoftApplicationDataAccess
-OrganizationId <String>
-BodyParameter <IMicrosoftGraphMicrosoftApplicationDataAccessSettings>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-MgBetaOrganizationSettingMicrosoftApplicationDataAccess
-InputObject <IIdentityDirectoryManagementIdentity>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-DisabledForGroup <String>]
[-Id <String>]
[-IsEnabledForAllMicrosoftApplications]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-MgBetaOrganizationSettingMicrosoftApplicationDataAccess
-InputObject <IIdentityDirectoryManagementIdentity>
-BodyParameter <IMicrosoftGraphMicrosoftApplicationDataAccessSettings>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Update the settings in a microsoftApplicationDataAccessSettings object that specify access from Microsoft applications to Microsoft 365 user data in an organization.
Permissions
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | Organization.ReadWrite.All | Not available. |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | Not supported. | Not supported. |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Beta.Identity.DirectoryManagement
$params = @{
disabledForGroup = "edbfe4fb-ec70-4300-928f-dbb2ae86c981"
}
Update-MgBetaOrganizationSettingMicrosoftApplicationDataAccess -OrganizationId $organizationId -BodyParameter $paramsThis example shows how to use the Update-MgBetaOrganizationSettingMicrosoftApplicationDataAccess Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BodyParameter
microsoftApplicationDataAccessSettings To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
| Type: | IMicrosoftGraphMicrosoftApplicationDataAccessSettings |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisabledForGroup
The ID of a Microsoft Entra security group for which the members are allowed to access Microsoft 365 data using only Microsoft 365 apps, but not other Microsoft apps such as Edge. This is only applicable if isEnabledForAllMicrosoftApplications is set to true.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
| Type: | IDictionary |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
| Type: | IIdentityDirectoryManagementIdentity |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-IsEnabledForAllMicrosoftApplications
When set to true, all users in the organization can access in a Microsoft app any Microsoft 365 data that the user has been authorized to access. The Microsoft app can be a Microsoft 365 app (for example, Excel, Outlook) or non-Microsoft 365 app (for example, Edge). The default is true. It is possible to disable this access for a subset of users in a Microsoft Entra security group, by specifying the group in the disabledForGroup property. When set to false, all users can access authorized Microsoft 365 data only in a Microsoft 365 app.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-OrganizationId
The unique identifier of organization
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
| Type: | ActionPreference |
| Aliases: | proga |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
| Type: | String |
| Aliases: | RHV |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IIdentityDirectoryManagementIdentity
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphMicrosoftApplicationDataAccessSettings
System.Collections.IDictionary
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphMicrosoftApplicationDataAccessSettings
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphMicrosoftApplicationDataAccessSettings>: microsoftApplicationDataAccessSettings
[(Any) <Object>]: This indicates any property can be added to this object.[Id <String>]: The unique identifier for an entity. Read-only.[DisabledForGroup <String>]: The ID of a Microsoft Entra security group for which the members are allowed to access Microsoft 365 data using only Microsoft 365 apps, but not other Microsoft apps such as Edge. This is only applicable if isEnabledForAllMicrosoftApplications is set to true.[IsEnabledForAllMicrosoftApplications <Boolean?>]: When set to true, all users in the organization can access in a Microsoft app any Microsoft 365 data that the user has been authorized to access. The Microsoft app can be a Microsoft 365 app (for example, Excel, Outlook) or non-Microsoft 365 app (for example, Edge). The default is true. It is possible to disable this access for a subset of users in a Microsoft Entra security group, by specifying the group in the disabledForGroup property. When set to false, all users can access authorized Microsoft 365 data only in a Microsoft 365 app.
INPUTOBJECT <IIdentityDirectoryManagementIdentity>: Identity Parameter
[AdministrativeUnitId <String>]: The unique identifier of administrativeUnit[AllowedValueId <String>]: The unique identifier of allowedValue[AttributeSetId <String>]: The unique identifier of attributeSet[CertificateAuthorityAsEntityId <String>]: The unique identifier of certificateAuthorityAsEntity[CertificateBasedApplicationConfigurationId <String>]: The unique identifier of certificateBasedApplicationConfiguration[CommandId <String>]: The unique identifier of command[CommerceSubscriptionId <String>]: Alternate key of companySubscription[CompanySubscriptionId <String>]: The unique identifier of companySubscription[ContractId <String>]: The unique identifier of contract[CustomSecurityAttributeDefinitionId <String>]: The unique identifier of customSecurityAttributeDefinition[DeviceId <String>]: The unique identifier of device[DeviceLocalCredentialInfoId <String>]: The unique identifier of deviceLocalCredentialInfo[DirectoryObjectId <String>]: The unique identifier of directoryObject[DirectoryRoleId <String>]: The unique identifier of directoryRole[DirectoryRoleTemplateId <String>]: The unique identifier of directoryRoleTemplate[DirectorySettingId <String>]: The unique identifier of directorySetting[DirectorySettingTemplateId <String>]: The unique identifier of directorySettingTemplate[DomainDnsRecordId <String>]: The unique identifier of domainDnsRecord[DomainId <String>]: The unique identifier of domain[ExtensionId <String>]: The unique identifier of extension[ExternalUserProfileId <String>]: The unique identifier of externalUserProfile[FeatureRolloutPolicyId <String>]: The unique identifier of featureRolloutPolicy[IdentityProviderBaseId <String>]: The unique identifier of identityProviderBase[ImpactedResourceId <String>]: The unique identifier of impactedResource[InboundSharedUserProfileUserId <String>]: The unique identifier of inboundSharedUserProfile[InternalDomainFederationId <String>]: The unique identifier of internalDomainFederation[ManagedTenantAlertId <String>]: The unique identifier of managedTenantAlert[ManagementActionId <String>]: The unique identifier of managementAction[OcpSubscriptionId <String>]: Alternate key of companySubscription[OnPremisesDirectorySynchronizationId <String>]: The unique identifier of onPremisesDirectorySynchronization[OrgContactId <String>]: The unique identifier of orgContact[OrganizationId <String>]: The unique identifier of organization[OrganizationalBrandingLocalizationId <String>]: The unique identifier of organizationalBrandingLocalization[OutboundSharedUserProfileUserId <String>]: The unique identifier of outboundSharedUserProfile[PendingExternalUserProfileId <String>]: The unique identifier of pendingExternalUserProfile[ProfileCardPropertyId <String>]: The unique identifier of profileCardProperty[RecommendationId <String>]: The unique identifier of recommendation[RoleTemplateId <String>]: Alternate key of directoryRole[ScopedRoleMembershipId <String>]: The unique identifier of scopedRoleMembership[SharedEmailDomainId <String>]: The unique identifier of sharedEmailDomain[SharedEmailDomainInvitationId <String>]: The unique identifier of sharedEmailDomainInvitation[SubscribedSkuId <String>]: The unique identifier of subscribedSku[TenantId <String>]: The unique identifier of tenant[TenantReferenceTenantId <String>]: The unique identifier of tenantReference[TenantTagId <String>]: The unique identifier of tenantTag[UsageRightId <String>]: The unique identifier of usageRight[UserId <String>]: The unique identifier of user