POST https://graph.microsoft.com/v1.0/policies/appManagementPolicies
{
"displayName": "Credential management policy",
"description": "Cred policy sample",
"isEnabled": true,
"restrictions": {
"passwordCredentials": [
{
"restrictionType": "passwordAddition",
"maxLifetime": null,
"restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
},
{
"restrictionType": "passwordLifetime",
"maxLifetime": "P4DT12H30M5S",
"restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
},
{
"restrictionType": "symmetricKeyAddition",
"maxLifetime": null,
"restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
},
{
"restrictionType": "symmetricKeyLifetime",
"maxLifetime": "P4D",
"restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
}
],
"keyCredentials": [
{
"restrictionType": "asymmetricKeyLifetime",
"maxLifetime": "P90D",
"restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
}
]
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new AppManagementPolicy
{
DisplayName = "Credential management policy",
Description = "Cred policy sample",
IsEnabled = true,
Restrictions = new CustomAppManagementConfiguration
{
PasswordCredentials = new List<PasswordCredentialConfiguration>
{
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.PasswordAddition,
MaxLifetime = null,
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2019-10-19T10:37:00Z"),
},
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.PasswordLifetime,
MaxLifetime = TimeSpan.Parse("P4DT12H30M5S"),
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2014-10-19T10:37:00Z"),
},
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.SymmetricKeyAddition,
MaxLifetime = null,
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2019-10-19T10:37:00Z"),
},
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.SymmetricKeyLifetime,
MaxLifetime = TimeSpan.Parse("P4D"),
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2014-10-19T10:37:00Z"),
},
},
KeyCredentials = new List<KeyCredentialConfiguration>
{
new KeyCredentialConfiguration
{
RestrictionType = AppKeyCredentialRestrictionType.AsymmetricKeyLifetime,
MaxLifetime = TimeSpan.Parse("P90D"),
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2014-10-19T10:37:00Z"),
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.AppManagementPolicies.PostAsync(requestBody);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewAppManagementPolicy()
displayName := "Credential management policy"
requestBody.SetDisplayName(&displayName)
description := "Cred policy sample"
requestBody.SetDescription(&description)
isEnabled := true
requestBody.SetIsEnabled(&isEnabled)
restrictions := graphmodels.NewCustomAppManagementConfiguration()
passwordCredentialConfiguration := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.PASSWORDADDITION_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration.SetRestrictionType(&restrictionType)
maxLifetime := null
passwordCredentialConfiguration.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2019-10-19T10:37:00Z")
passwordCredentialConfiguration.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentialConfiguration1 := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.PASSWORDLIFETIME_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration1.SetRestrictionType(&restrictionType)
maxLifetime , err := abstractions.ParseISODuration("P4DT12H30M5S")
passwordCredentialConfiguration1.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2014-10-19T10:37:00Z")
passwordCredentialConfiguration1.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentialConfiguration2 := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.SYMMETRICKEYADDITION_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration2.SetRestrictionType(&restrictionType)
maxLifetime := null
passwordCredentialConfiguration2.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2019-10-19T10:37:00Z")
passwordCredentialConfiguration2.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentialConfiguration3 := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.SYMMETRICKEYLIFETIME_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration3.SetRestrictionType(&restrictionType)
maxLifetime , err := abstractions.ParseISODuration("P4D")
passwordCredentialConfiguration3.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2014-10-19T10:37:00Z")
passwordCredentialConfiguration3.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentials := []graphmodels.PasswordCredentialConfigurationable {
passwordCredentialConfiguration,
passwordCredentialConfiguration1,
passwordCredentialConfiguration2,
passwordCredentialConfiguration3,
}
restrictions.SetPasswordCredentials(passwordCredentials)
keyCredentialConfiguration := graphmodels.NewKeyCredentialConfiguration()
restrictionType := graphmodels.ASYMMETRICKEYLIFETIME_APPKEYCREDENTIALRESTRICTIONTYPE
keyCredentialConfiguration.SetRestrictionType(&restrictionType)
maxLifetime , err := abstractions.ParseISODuration("P90D")
keyCredentialConfiguration.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2014-10-19T10:37:00Z")
keyCredentialConfiguration.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
keyCredentials := []graphmodels.KeyCredentialConfigurationable {
keyCredentialConfiguration,
}
restrictions.SetKeyCredentials(keyCredentials)
requestBody.SetRestrictions(restrictions)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
appManagementPolicies, err := graphClient.Policies().AppManagementPolicies().Post(context.Background(), requestBody, nil)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
AppManagementPolicy appManagementPolicy = new AppManagementPolicy();
appManagementPolicy.setDisplayName("Credential management policy");
appManagementPolicy.setDescription("Cred policy sample");
appManagementPolicy.setIsEnabled(true);
CustomAppManagementConfiguration restrictions = new CustomAppManagementConfiguration();
LinkedList<PasswordCredentialConfiguration> passwordCredentials = new LinkedList<PasswordCredentialConfiguration>();
PasswordCredentialConfiguration passwordCredentialConfiguration = new PasswordCredentialConfiguration();
passwordCredentialConfiguration.setRestrictionType(AppCredentialRestrictionType.PasswordAddition);
passwordCredentialConfiguration.setMaxLifetime(null);
OffsetDateTime restrictForAppsCreatedAfterDateTime = OffsetDateTime.parse("2019-10-19T10:37:00Z");
passwordCredentialConfiguration.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime);
passwordCredentials.add(passwordCredentialConfiguration);
PasswordCredentialConfiguration passwordCredentialConfiguration1 = new PasswordCredentialConfiguration();
passwordCredentialConfiguration1.setRestrictionType(AppCredentialRestrictionType.PasswordLifetime);
PeriodAndDuration maxLifetime1 = PeriodAndDuration.ofDuration(Duration.parse("P4DT12H30M5S"));
passwordCredentialConfiguration1.setMaxLifetime(maxLifetime1);
OffsetDateTime restrictForAppsCreatedAfterDateTime1 = OffsetDateTime.parse("2014-10-19T10:37:00Z");
passwordCredentialConfiguration1.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime1);
passwordCredentials.add(passwordCredentialConfiguration1);
PasswordCredentialConfiguration passwordCredentialConfiguration2 = new PasswordCredentialConfiguration();
passwordCredentialConfiguration2.setRestrictionType(AppCredentialRestrictionType.SymmetricKeyAddition);
passwordCredentialConfiguration2.setMaxLifetime(null);
OffsetDateTime restrictForAppsCreatedAfterDateTime2 = OffsetDateTime.parse("2019-10-19T10:37:00Z");
passwordCredentialConfiguration2.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime2);
passwordCredentials.add(passwordCredentialConfiguration2);
PasswordCredentialConfiguration passwordCredentialConfiguration3 = new PasswordCredentialConfiguration();
passwordCredentialConfiguration3.setRestrictionType(AppCredentialRestrictionType.SymmetricKeyLifetime);
PeriodAndDuration maxLifetime3 = PeriodAndDuration.ofDuration(Duration.parse("P4D"));
passwordCredentialConfiguration3.setMaxLifetime(maxLifetime3);
OffsetDateTime restrictForAppsCreatedAfterDateTime3 = OffsetDateTime.parse("2014-10-19T10:37:00Z");
passwordCredentialConfiguration3.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime3);
passwordCredentials.add(passwordCredentialConfiguration3);
restrictions.setPasswordCredentials(passwordCredentials);
LinkedList<KeyCredentialConfiguration> keyCredentials = new LinkedList<KeyCredentialConfiguration>();
KeyCredentialConfiguration keyCredentialConfiguration = new KeyCredentialConfiguration();
keyCredentialConfiguration.setRestrictionType(AppKeyCredentialRestrictionType.AsymmetricKeyLifetime);
PeriodAndDuration maxLifetime4 = PeriodAndDuration.ofDuration(Duration.parse("P90D"));
keyCredentialConfiguration.setMaxLifetime(maxLifetime4);
OffsetDateTime restrictForAppsCreatedAfterDateTime4 = OffsetDateTime.parse("2014-10-19T10:37:00Z");
keyCredentialConfiguration.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime4);
keyCredentials.add(keyCredentialConfiguration);
restrictions.setKeyCredentials(keyCredentials);
appManagementPolicy.setRestrictions(restrictions);
AppManagementPolicy result = graphClient.policies().appManagementPolicies().post(appManagementPolicy);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const appManagementPolicy = {
displayName: 'Credential management policy',
description: 'Cred policy sample',
isEnabled: true,
restrictions: {
passwordCredentials: [
{
restrictionType: 'passwordAddition',
maxLifetime: null,
restrictForAppsCreatedAfterDateTime: '2019-10-19T10:37:00Z'
},
{
restrictionType: 'passwordLifetime',
maxLifetime: 'P4DT12H30M5S',
restrictForAppsCreatedAfterDateTime: '2014-10-19T10:37:00Z'
},
{
restrictionType: 'symmetricKeyAddition',
maxLifetime: null,
restrictForAppsCreatedAfterDateTime: '2019-10-19T10:37:00Z'
},
{
restrictionType: 'symmetricKeyLifetime',
maxLifetime: 'P4D',
restrictForAppsCreatedAfterDateTime: '2014-10-19T10:37:00Z'
}
],
keyCredentials: [
{
restrictionType: 'asymmetricKeyLifetime',
maxLifetime: 'P90D',
restrictForAppsCreatedAfterDateTime: '2014-10-19T10:37:00Z'
}
]
}
};
await client.api('/policies/appManagementPolicies')
.post(appManagementPolicy);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AppManagementPolicy;
use Microsoft\Graph\Generated\Models\CustomAppManagementConfiguration;
use Microsoft\Graph\Generated\Models\PasswordCredentialConfiguration;
use Microsoft\Graph\Generated\Models\AppCredentialRestrictionType;
use Microsoft\Graph\Generated\Models\KeyCredentialConfiguration;
use Microsoft\Graph\Generated\Models\AppKeyCredentialRestrictionType;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new AppManagementPolicy();
$requestBody->setDisplayName('Credential management policy');
$requestBody->setDescription('Cred policy sample');
$requestBody->setIsEnabled(true);
$restrictions = new CustomAppManagementConfiguration();
$passwordCredentialsPasswordCredentialConfiguration1 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration1->setRestrictionType(new AppCredentialRestrictionType('passwordAddition'));
$passwordCredentialsPasswordCredentialConfiguration1->setMaxLifetime(null);
$passwordCredentialsPasswordCredentialConfiguration1->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2019-10-19T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration1;
$passwordCredentialsPasswordCredentialConfiguration2 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration2->setRestrictionType(new AppCredentialRestrictionType('passwordLifetime'));
$passwordCredentialsPasswordCredentialConfiguration2->setMaxLifetime(new \DateInterval('P4DT12H30M5S'));
$passwordCredentialsPasswordCredentialConfiguration2->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2014-10-19T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration2;
$passwordCredentialsPasswordCredentialConfiguration3 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration3->setRestrictionType(new AppCredentialRestrictionType('symmetricKeyAddition'));
$passwordCredentialsPasswordCredentialConfiguration3->setMaxLifetime(null);
$passwordCredentialsPasswordCredentialConfiguration3->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2019-10-19T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration3;
$passwordCredentialsPasswordCredentialConfiguration4 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration4->setRestrictionType(new AppCredentialRestrictionType('symmetricKeyLifetime'));
$passwordCredentialsPasswordCredentialConfiguration4->setMaxLifetime(new \DateInterval('P4D'));
$passwordCredentialsPasswordCredentialConfiguration4->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2014-10-19T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration4;
$restrictions->setPasswordCredentials($passwordCredentialsArray);
$keyCredentialsKeyCredentialConfiguration1 = new KeyCredentialConfiguration();
$keyCredentialsKeyCredentialConfiguration1->setRestrictionType(new AppKeyCredentialRestrictionType('asymmetricKeyLifetime'));
$keyCredentialsKeyCredentialConfiguration1->setMaxLifetime(new \DateInterval('P90D'));
$keyCredentialsKeyCredentialConfiguration1->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2014-10-19T10:37:00Z'));
$keyCredentialsArray []= $keyCredentialsKeyCredentialConfiguration1;
$restrictions->setKeyCredentials($keyCredentialsArray);
$requestBody->setRestrictions($restrictions);
$result = $graphServiceClient->policies()->appManagementPolicies()->post($requestBody)->wait();
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
displayName = "Credential management policy"
description = "Cred policy sample"
isEnabled = $true
restrictions = @{
passwordCredentials = @(
@{
restrictionType = "passwordAddition"
maxLifetime = $null
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2019-10-19T10:37:00Z")
}
@{
restrictionType = "passwordLifetime"
maxLifetime = "P4DT12H30M5S"
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2014-10-19T10:37:00Z")
}
@{
restrictionType = "symmetricKeyAddition"
maxLifetime = $null
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2019-10-19T10:37:00Z")
}
@{
restrictionType = "symmetricKeyLifetime"
maxLifetime = "P4D"
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2014-10-19T10:37:00Z")
}
)
keyCredentials = @(
@{
restrictionType = "asymmetricKeyLifetime"
maxLifetime = "P90D"
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2014-10-19T10:37:00Z")
}
)
}
}
New-MgPolicyAppManagementPolicy -BodyParameter $params
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.app_management_policy import AppManagementPolicy
from msgraph.generated.models.custom_app_management_configuration import CustomAppManagementConfiguration
from msgraph.generated.models.password_credential_configuration import PasswordCredentialConfiguration
from msgraph.generated.models.app_credential_restriction_type import AppCredentialRestrictionType
from msgraph.generated.models.key_credential_configuration import KeyCredentialConfiguration
from msgraph.generated.models.app_key_credential_restriction_type import AppKeyCredentialRestrictionType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = AppManagementPolicy(
display_name = "Credential management policy",
description = "Cred policy sample",
is_enabled = True,
restrictions = CustomAppManagementConfiguration(
password_credentials = [
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.PasswordAddition,
max_lifetime = None,
restrict_for_apps_created_after_date_time = "2019-10-19T10:37:00Z",
),
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.PasswordLifetime,
max_lifetime = "P4DT12H30M5S",
restrict_for_apps_created_after_date_time = "2014-10-19T10:37:00Z",
),
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.SymmetricKeyAddition,
max_lifetime = None,
restrict_for_apps_created_after_date_time = "2019-10-19T10:37:00Z",
),
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.SymmetricKeyLifetime,
max_lifetime = "P4D",
restrict_for_apps_created_after_date_time = "2014-10-19T10:37:00Z",
),
],
key_credentials = [
KeyCredentialConfiguration(
restriction_type = AppKeyCredentialRestrictionType.AsymmetricKeyLifetime,
max_lifetime = "P90D",
restrict_for_apps_created_after_date_time = "2014-10-19T10:37:00Z",
),
],
),
)
result = await graph_client.policies.app_management_policies.post(request_body)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。