conditionalAccessUsers resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Represents users, groups, and roles included in and excluded from the policy scope.

Properties

Property Type Description
excludeGroups String collection Group IDs excluded from scope of policy.
excludeGuestsOrExternalUsers conditionalAccessGuestsOrExternalUsers Internal guests or external users excluded from the policy scope. Optionally populated.
excludeRoles String collection Role IDs excluded from scope of policy.
excludeUsers String collection User IDs excluded from scope of policy and/or GuestsOrExternalUsers.
includeGroups String collection Group IDs in scope of policy unless explicitly excluded.
includeGuestsOrExternalUsers conditionalAccessGuestsOrExternalUsers Internal guests or external users included in the policy scope. Optionally populated.
includeRoles String collection Role IDs in scope of policy unless explicitly excluded.
includeUsers String collection User IDs in scope of policy unless explicitly excluded, None, All, or GuestsOrExternalUsers.

Relationships

None.

JSON representation

The following is a JSON representation of the resource.

{
  "excludeGroups": ["String"],
  "excludeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"},
  "excludeRoles": ["String"],
  "excludeUsers": ["String"],
  "includeGroups": ["String"],
  "includeGuestsOrExternalUsers": {"@odata.type": "microsoft.graph.conditionalAccessGuestOrExternalUsers"},
  "includeRoles": ["String"],
  "includeUsers": ["String"]
}