Set-EntraBetaAuthorizationPolicy

Module:

Microsoft.Entra.Beta Module v1.1

Updates an authorization policy.

Syntax

Default (Default)

Set-EntraBetaAuthorizationPolicy

    -Id <String>
    [-DisplayName <String>]
    [-EnabledPreviewFeatures <System.Collections.Generic.List`1[System.String]>]
    [-DefaultUserRolePermissions <DefaultUserRolePermissions>]
    [-AllowedToSignUpEmailBasedSubscriptions <Boolean>]
    [-AllowedToUseSSPR <Boolean>]
    [-PermissionGrantPolicyIdsAssignedToDefaultUserRole <System.Collections.Generic.List`1[System.String]>]
    [-AllowEmailVerifiedUsersToJoinOrganization <Boolean>]
    [-Description <String>]
    [-BlockMsolPowerShell <Boolean>]
    [-GuestUserRoleId <String>]
    [<CommonParameters>]

Description

The Set-EntraBetaAuthorizationPolicy cmdlet updates a Microsoft Entra ID authorization policy.

In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or custom role with the necessary permissions. The least privileged role for this operation is:

• Privileged Role Administrator

Parameters

-AllowedToSignUpEmailBasedSubscriptions

Specifies whether users can sign up for email based subscriptions. The initial default value is true.

Parameter properties

Type:	System.Boolean
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-AllowedToUseSSPR

Specifies whether the Self-Serve Password Reset feature can be used by users on the tenant. The initial default value is true.

Parameter properties

Type:	System.Boolean
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-AllowEmailVerifiedUsersToJoinOrganization

Specifies whether a user can join the tenant by email validation. The initial default value is true.

Parameter properties

Type:	System.Boolean
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-BlockMsolPowerShell

Specifies whether the user-based access to the legacy service endpoint used by MSOL PowerShell is blocked or not.

Parameter properties

Type:	System.Boolean
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-DefaultUserRolePermissions

Contains various customizable default user role permissions.

Parameter properties

Type:	DefaultUserRolePermissions
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-Description

Specifies the description of the authorization policy.

Parameter properties

Type:	System.String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-DisplayName

Specifies the display name of the authorization policy.

Parameter properties

Type:	System.String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-EnabledPreviewFeatures

Specifies the preview features enabled for private preview on the tenant.

Parameter properties

Type:	System.Collections.Generic.List`1[System.String]
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-GuestUserRoleId

Specifies the roletemplateId for the role that should be granted to guest user.

Parameter properties

Type:	System.String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-Id

Specifies the unique identifier of the authorization policy.

Parameter properties

Type:	System.String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	True
Value from pipeline:	True
Value from pipeline by property name:	True
Value from remaining arguments:	False

-PermissionGrantPolicyIdsAssignedToDefaultUserRole

Specifies the policy Ids of permission grant policies assgined to the default user role.

Parameter properties

Type:	System.Collections.Generic.List`1[System.String]
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions

Related Links

• Get-EntraBetaAuthorizationPolicy