更新 crossTenantAccessPolicyConfigurationDefault
- 项目
命名空间:microsoft.graph
更新跨租户访问策略 的默认配置 。
此 API 可用于以下国家级云部署。
| 全局服务 | 美国政府 L4 | 美国政府 L5 (DOD) | 由世纪互联运营的中国 |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
权限
为此 API 选择标记为最低特权的权限。 只有在应用需要它时,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型。 要了解有关这些权限的详细信息,请参阅 权限参考。
| 权限类型 | 最低特权权限 | 更高特权权限 |
|---|---|---|
| 委派(工作或学校帐户) | Policy.ReadWrite.CrossTenantAccess | 不可用。 |
| 委派(个人 Microsoft 帐户) | 不支持。 | 不支持。 |
| 应用程序 | Policy.ReadWrite.CrossTenantAccess | 不可用。 |
HTTP 请求
PATCH /policies/crossTenantAccessPolicy/default
请求标头
| 名称 | 说明 |
|---|---|
| Authorization | 持有者 {token}。 必填。 详细了解 身份验证和授权。 |
| Content-Type | application/json. 必需。 |
请求正文
在请求正文中,仅提供应更新的属性的值。 请求正文中未包含的现有属性会保留其以前的值,或者根据对其他属性值的更改重新计算。
下表指定可更新的属性。
| 属性 | 类型 | 说明 |
|---|---|---|
| b2bCollaborationInbound | crossTenantAccessPolicyB2BSetting | 定义来自其他组织的用户的默认配置,这些用户通过Microsoft Entra B2B 协作访问资源。 |
| b2bCollaborationOutbound | crossTenantAccessPolicyB2BSetting | 定义组织中通过 Microsoft Entra B2B 协作出站访问另一个组织中的资源的默认配置。 |
| b2bDirectConnectInbound | crossTenantAccessPolicyB2BSetting | 为通过 Microsoft Entra B2B 直连访问资源的其他组织中的用户定义默认配置。 |
| b2bDirectConnectOutbound | crossTenantAccessPolicyB2BSetting | 为组织中的用户定义默认配置,以便通过Microsoft Entra B2B 直连出站访问另一个组织中的资源。 |
| inboundTrust | crossTenantAccessPolicyInboundTrust | 确定用于信任外部Microsoft Entra组织的其他条件访问声明的默认配置。 |
响应
如果成功,此方法返回 204 No Content 响应代码。
示例
示例 1:阻止一组用户的出站 B2B 协作
请求
PATCH https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/default
Content-Type: application/json
{
"b2bCollaborationOutbound":
{
"usersAndGroups":
{
"accessType": "blocked",
"targets": [
{
"target": "0be493dc-cb56-4a53-936f-9cf64410b8b0",
"targetType": "group"
}
]
},
"applications":
{
"accessType": "blocked",
"targets": [
{
"target": "AllApplications",
"targetType": "application"
}
]
}
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new CrossTenantAccessPolicyConfigurationDefault
{
B2bCollaborationOutbound = new CrossTenantAccessPolicyB2BSetting
{
UsersAndGroups = new CrossTenantAccessPolicyTargetConfiguration
{
AccessType = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
Targets = new List<CrossTenantAccessPolicyTarget>
{
new CrossTenantAccessPolicyTarget
{
Target = "0be493dc-cb56-4a53-936f-9cf64410b8b0",
TargetType = CrossTenantAccessPolicyTargetType.Group,
},
},
},
Applications = new CrossTenantAccessPolicyTargetConfiguration
{
AccessType = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
Targets = new List<CrossTenantAccessPolicyTarget>
{
new CrossTenantAccessPolicyTarget
{
Target = "AllApplications",
TargetType = CrossTenantAccessPolicyTargetType.Application,
},
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.CrossTenantAccessPolicy.Default.PatchAsync(requestBody);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc policies cross-tenant-access-policy default patch --body '{\
"b2bCollaborationOutbound":\
{\
"usersAndGroups":\
{\
"accessType": "blocked",\
"targets": [\
{\
"target": "0be493dc-cb56-4a53-936f-9cf64410b8b0",\
"targetType": "group"\
}\
]\
},\
"applications":\
{\
"accessType": "blocked",\
"targets": [\
{\
"target": "AllApplications",\
"targetType": "application"\
}\
]\
}\
}\
}\
'
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)
requestBody := graphmodels.NewCrossTenantAccessPolicyConfigurationDefault()
b2bCollaborationOutbound := graphmodels.NewCrossTenantAccessPolicyB2BSetting()
usersAndGroups := graphmodels.NewCrossTenantAccessPolicyTargetConfiguration()
accessType := graphmodels.BLOCKED_CROSSTENANTACCESSPOLICYTARGETCONFIGURATIONACCESSTYPE
usersAndGroups.SetAccessType(&accessType)
crossTenantAccessPolicyTarget := graphmodels.NewCrossTenantAccessPolicyTarget()
target := "0be493dc-cb56-4a53-936f-9cf64410b8b0"
crossTenantAccessPolicyTarget.SetTarget(&target)
targetType := graphmodels.GROUP_CROSSTENANTACCESSPOLICYTARGETTYPE
crossTenantAccessPolicyTarget.SetTargetType(&targetType)
targets := []graphmodels.CrossTenantAccessPolicyTargetable {
crossTenantAccessPolicyTarget,
}
usersAndGroups.SetTargets(targets)
b2bCollaborationOutbound.SetUsersAndGroups(usersAndGroups)
applications := graphmodels.NewCrossTenantAccessPolicyTargetConfiguration()
accessType := graphmodels.BLOCKED_CROSSTENANTACCESSPOLICYTARGETCONFIGURATIONACCESSTYPE
applications.SetAccessType(&accessType)
crossTenantAccessPolicyTarget := graphmodels.NewCrossTenantAccessPolicyTarget()
target := "AllApplications"
crossTenantAccessPolicyTarget.SetTarget(&target)
targetType := graphmodels.APPLICATION_CROSSTENANTACCESSPOLICYTARGETTYPE
crossTenantAccessPolicyTarget.SetTargetType(&targetType)
targets := []graphmodels.CrossTenantAccessPolicyTargetable {
crossTenantAccessPolicyTarget,
}
applications.SetTargets(targets)
b2bCollaborationOutbound.SetApplications(applications)
requestBody.SetB2bCollaborationOutbound(b2bCollaborationOutbound)
default, err := graphClient.Policies().CrossTenantAccessPolicy().Default().Patch(context.Background(), requestBody, nil)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CrossTenantAccessPolicyConfigurationDefault crossTenantAccessPolicyConfigurationDefault = new CrossTenantAccessPolicyConfigurationDefault();
CrossTenantAccessPolicyB2BSetting b2bCollaborationOutbound = new CrossTenantAccessPolicyB2BSetting();
CrossTenantAccessPolicyTargetConfiguration usersAndGroups = new CrossTenantAccessPolicyTargetConfiguration();
usersAndGroups.setAccessType(CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked);
LinkedList<CrossTenantAccessPolicyTarget> targets = new LinkedList<CrossTenantAccessPolicyTarget>();
CrossTenantAccessPolicyTarget crossTenantAccessPolicyTarget = new CrossTenantAccessPolicyTarget();
crossTenantAccessPolicyTarget.setTarget("0be493dc-cb56-4a53-936f-9cf64410b8b0");
crossTenantAccessPolicyTarget.setTargetType(CrossTenantAccessPolicyTargetType.Group);
targets.add(crossTenantAccessPolicyTarget);
usersAndGroups.setTargets(targets);
b2bCollaborationOutbound.setUsersAndGroups(usersAndGroups);
CrossTenantAccessPolicyTargetConfiguration applications = new CrossTenantAccessPolicyTargetConfiguration();
applications.setAccessType(CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked);
LinkedList<CrossTenantAccessPolicyTarget> targets1 = new LinkedList<CrossTenantAccessPolicyTarget>();
CrossTenantAccessPolicyTarget crossTenantAccessPolicyTarget1 = new CrossTenantAccessPolicyTarget();
crossTenantAccessPolicyTarget1.setTarget("AllApplications");
crossTenantAccessPolicyTarget1.setTargetType(CrossTenantAccessPolicyTargetType.Application);
targets1.add(crossTenantAccessPolicyTarget1);
applications.setTargets(targets1);
b2bCollaborationOutbound.setApplications(applications);
crossTenantAccessPolicyConfigurationDefault.setB2bCollaborationOutbound(b2bCollaborationOutbound);
CrossTenantAccessPolicyConfigurationDefault result = graphClient.policies().crossTenantAccessPolicy().defaultEscaped().patch(crossTenantAccessPolicyConfigurationDefault);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const crossTenantAccessPolicyConfigurationDefault = {
b2bCollaborationOutbound:
{
usersAndGroups:
{
accessType: 'blocked',
targets: [
{
target: '0be493dc-cb56-4a53-936f-9cf64410b8b0',
targetType: 'group'
}
]
},
applications:
{
accessType: 'blocked',
targets: [
{
target: 'AllApplications',
targetType: 'application'
}
]
}
}
};
await client.api('/policies/crossTenantAccessPolicy/default')
.update(crossTenantAccessPolicyConfigurationDefault);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\CrossTenantAccessPolicyConfigurationDefault;
use Microsoft\Graph\Generated\Models\CrossTenantAccessPolicyB2BSetting;
use Microsoft\Graph\Generated\Models\CrossTenantAccessPolicyTargetConfiguration;
use Microsoft\Graph\Generated\Models\CrossTenantAccessPolicyTarget;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CrossTenantAccessPolicyConfigurationDefault();
$b2bCollaborationOutbound = new CrossTenantAccessPolicyB2BSetting();
$b2bCollaborationOutboundUsersAndGroups = new CrossTenantAccessPolicyTargetConfiguration();
$b2bCollaborationOutboundUsersAndGroups->setAccessType(new CrossTenantAccessPolicyTargetConfigurationAccessType('blocked'));
$targetsCrossTenantAccessPolicyTarget1 = new CrossTenantAccessPolicyTarget();
$targetsCrossTenantAccessPolicyTarget1->setTarget('0be493dc-cb56-4a53-936f-9cf64410b8b0');
$targetsCrossTenantAccessPolicyTarget1->setTargetType(new CrossTenantAccessPolicyTargetType('group'));
$targetsArray []= $targetsCrossTenantAccessPolicyTarget1;
$b2bCollaborationOutboundUsersAndGroups->setTargets($targetsArray);
$b2bCollaborationOutbound->setUsersAndGroups($b2bCollaborationOutboundUsersAndGroups);
$b2bCollaborationOutboundApplications = new CrossTenantAccessPolicyTargetConfiguration();
$b2bCollaborationOutboundApplications->setAccessType(new CrossTenantAccessPolicyTargetConfigurationAccessType('blocked'));
$targetsCrossTenantAccessPolicyTarget1 = new CrossTenantAccessPolicyTarget();
$targetsCrossTenantAccessPolicyTarget1->setTarget('AllApplications');
$targetsCrossTenantAccessPolicyTarget1->setTargetType(new CrossTenantAccessPolicyTargetType('application'));
$targetsArray []= $targetsCrossTenantAccessPolicyTarget1;
$b2bCollaborationOutboundApplications->setTargets($targetsArray);
$b2bCollaborationOutbound->setApplications($b2bCollaborationOutboundApplications);
$requestBody->setB2bCollaborationOutbound($b2bCollaborationOutbound);
$result = $graphServiceClient->policies()->crossTenantAccessPolicy()->escapedDefault()->patch($requestBody)->wait();
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
b2bCollaborationOutbound = @{
usersAndGroups = @{
accessType = "blocked"
targets = @(
@{
target = "0be493dc-cb56-4a53-936f-9cf64410b8b0"
targetType = "group"
}
)
}
applications = @{
accessType = "blocked"
targets = @(
@{
target = "AllApplications"
targetType = "application"
}
)
}
}
}
Update-MgPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
from msgraph import GraphServiceClient
from msgraph.generated.models.cross_tenant_access_policy_configuration_default import CrossTenantAccessPolicyConfigurationDefault
from msgraph.generated.models.cross_tenant_access_policy_b2_b_setting import CrossTenantAccessPolicyB2BSetting
from msgraph.generated.models.cross_tenant_access_policy_target_configuration import CrossTenantAccessPolicyTargetConfiguration
from msgraph.generated.models.cross_tenant_access_policy_target import CrossTenantAccessPolicyTarget
graph_client = GraphServiceClient(credentials, scopes)
request_body = CrossTenantAccessPolicyConfigurationDefault(
b2b_collaboration_outbound = CrossTenantAccessPolicyB2BSetting(
users_and_groups = CrossTenantAccessPolicyTargetConfiguration(
access_type = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
targets = [
CrossTenantAccessPolicyTarget(
target = "0be493dc-cb56-4a53-936f-9cf64410b8b0",
target_type = CrossTenantAccessPolicyTargetType.Group,
),
],
),
applications = CrossTenantAccessPolicyTargetConfiguration(
access_type = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
targets = [
CrossTenantAccessPolicyTarget(
target = "AllApplications",
target_type = CrossTenantAccessPolicyTargetType.Application,
),
],
),
),
)
result = await graph_client.policies.cross_tenant_access_policy.default.patch(request_body)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
HTTP/1.1 204 No Content
示例 2:更新默认邀请兑换配置
请求
PATCH https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/default
Content-Type: application/json
{
"invitationRedemptionIdentityProviderConfiguration": {
"primaryIdentityProviderPrecedenceOrder": [
"externalFederation",
"azureActiveDirectory",
"socialIdentityProviders"
],
"fallbackIdentityProvider": "defaultConfiguredIdp"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new CrossTenantAccessPolicyConfigurationDefault
{
InvitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration
{
PrimaryIdentityProviderPrecedenceOrder = new List<B2bIdentityProvidersType?>
{
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
},
FallbackIdentityProvider = B2bIdentityProvidersType.DefaultConfiguredIdp,
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.CrossTenantAccessPolicy.Default.PatchAsync(requestBody);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc policies cross-tenant-access-policy default patch --body '{\
"invitationRedemptionIdentityProviderConfiguration": { \
"primaryIdentityProviderPrecedenceOrder": [ \
"externalFederation", \
"azureActiveDirectory", \
"socialIdentityProviders" \
], \
"fallbackIdentityProvider": "defaultConfiguredIdp" \
} \
}\
'
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)
requestBody := graphmodels.NewCrossTenantAccessPolicyConfigurationDefault()
invitationRedemptionIdentityProviderConfiguration := graphmodels.NewDefaultInvitationRedemptionIdentityProviderConfiguration()
primaryIdentityProviderPrecedenceOrder := []graphmodels.B2bIdentityProvidersTypeable {
b2bIdentityProvidersType := graphmodels.EXTERNALFEDERATION_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.AZUREACTIVEDIRECTORY_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.SOCIALIDENTITYPROVIDERS_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
}
invitationRedemptionIdentityProviderConfiguration.SetPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder)
fallbackIdentityProvider := graphmodels.DEFAULTCONFIGUREDIDP_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetFallbackIdentityProvider(&fallbackIdentityProvider)
requestBody.SetInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration)
default, err := graphClient.Policies().CrossTenantAccessPolicy().Default().Patch(context.Background(), requestBody, nil)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CrossTenantAccessPolicyConfigurationDefault crossTenantAccessPolicyConfigurationDefault = new CrossTenantAccessPolicyConfigurationDefault();
DefaultInvitationRedemptionIdentityProviderConfiguration invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
LinkedList<B2bIdentityProvidersType> primaryIdentityProviderPrecedenceOrder = new LinkedList<B2bIdentityProvidersType>();
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.ExternalFederation);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.AzureActiveDirectory);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.SocialIdentityProviders);
invitationRedemptionIdentityProviderConfiguration.setPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder);
invitationRedemptionIdentityProviderConfiguration.setFallbackIdentityProvider(B2bIdentityProvidersType.DefaultConfiguredIdp);
crossTenantAccessPolicyConfigurationDefault.setInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration);
CrossTenantAccessPolicyConfigurationDefault result = graphClient.policies().crossTenantAccessPolicy().defaultEscaped().patch(crossTenantAccessPolicyConfigurationDefault);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const crossTenantAccessPolicyConfigurationDefault = {
invitationRedemptionIdentityProviderConfiguration: {
primaryIdentityProviderPrecedenceOrder: [
'externalFederation',
'azureActiveDirectory',
'socialIdentityProviders'
],
fallbackIdentityProvider: 'defaultConfiguredIdp'
}
};
await client.api('/policies/crossTenantAccessPolicy/default')
.update(crossTenantAccessPolicyConfigurationDefault);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\CrossTenantAccessPolicyConfigurationDefault;
use Microsoft\Graph\Generated\Models\DefaultInvitationRedemptionIdentityProviderConfiguration;
use Microsoft\Graph\Generated\Models\B2bIdentityProvidersType;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CrossTenantAccessPolicyConfigurationDefault();
$invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
$invitationRedemptionIdentityProviderConfiguration->setPrimaryIdentityProviderPrecedenceOrder([new B2bIdentityProvidersType('externalFederation'),new B2bIdentityProvidersType('azureActiveDirectory'),new B2bIdentityProvidersType('socialIdentityProviders'), ]);
$invitationRedemptionIdentityProviderConfiguration->setFallbackIdentityProvider(new B2bIdentityProvidersType('defaultConfiguredIdp'));
$requestBody->setInvitationRedemptionIdentityProviderConfiguration($invitationRedemptionIdentityProviderConfiguration);
$result = $graphServiceClient->policies()->crossTenantAccessPolicy()->escapedDefault()->patch($requestBody)->wait();
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
invitationRedemptionIdentityProviderConfiguration = @{
primaryIdentityProviderPrecedenceOrder = @(
"externalFederation"
"azureActiveDirectory"
"socialIdentityProviders"
)
fallbackIdentityProvider = "defaultConfiguredIdp"
}
}
Update-MgPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
from msgraph import GraphServiceClient
from msgraph.generated.models.cross_tenant_access_policy_configuration_default import CrossTenantAccessPolicyConfigurationDefault
from msgraph.generated.models.default_invitation_redemption_identity_provider_configuration import DefaultInvitationRedemptionIdentityProviderConfiguration
from msgraph.generated.models.b2b_identity_providers_type import B2bIdentityProvidersType
graph_client = GraphServiceClient(credentials, scopes)
request_body = CrossTenantAccessPolicyConfigurationDefault(
invitation_redemption_identity_provider_configuration = DefaultInvitationRedemptionIdentityProviderConfiguration(
primary_identity_provider_precedence_order = [
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
],
fallback_identity_provider = B2bIdentityProvidersType.DefaultConfiguredIdp,
),
)
result = await graph_client.policies.cross_tenant_access_policy.default.patch(request_body)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
HTTP/1.1 204 No Content
示例 3:禁止将 Microsoft 帐户用作兑换 B2B 邀请的选项
请求
PATCH https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/default
Content-Type: application/json
{
"invitationRedemptionIdentityProviderConfiguration": {
"primaryIdentityProviderPrecedenceOrder": [
"externalFederation",
"azureActiveDirectory",
"socialIdentityProviders"
],
"fallbackIdentityProvider": "emailOneTimePasscode"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new CrossTenantAccessPolicyConfigurationDefault
{
InvitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration
{
PrimaryIdentityProviderPrecedenceOrder = new List<B2bIdentityProvidersType?>
{
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
},
FallbackIdentityProvider = B2bIdentityProvidersType.EmailOneTimePasscode,
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.CrossTenantAccessPolicy.Default.PatchAsync(requestBody);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc policies cross-tenant-access-policy default patch --body '{\
"invitationRedemptionIdentityProviderConfiguration": { \
"primaryIdentityProviderPrecedenceOrder": [ \
"externalFederation", \
"azureActiveDirectory", \
"socialIdentityProviders" \
], \
"fallbackIdentityProvider": "emailOneTimePasscode" \
} \
}\
'
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)
requestBody := graphmodels.NewCrossTenantAccessPolicyConfigurationDefault()
invitationRedemptionIdentityProviderConfiguration := graphmodels.NewDefaultInvitationRedemptionIdentityProviderConfiguration()
primaryIdentityProviderPrecedenceOrder := []graphmodels.B2bIdentityProvidersTypeable {
b2bIdentityProvidersType := graphmodels.EXTERNALFEDERATION_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.AZUREACTIVEDIRECTORY_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.SOCIALIDENTITYPROVIDERS_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
}
invitationRedemptionIdentityProviderConfiguration.SetPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder)
fallbackIdentityProvider := graphmodels.EMAILONETIMEPASSCODE_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetFallbackIdentityProvider(&fallbackIdentityProvider)
requestBody.SetInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration)
default, err := graphClient.Policies().CrossTenantAccessPolicy().Default().Patch(context.Background(), requestBody, nil)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CrossTenantAccessPolicyConfigurationDefault crossTenantAccessPolicyConfigurationDefault = new CrossTenantAccessPolicyConfigurationDefault();
DefaultInvitationRedemptionIdentityProviderConfiguration invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
LinkedList<B2bIdentityProvidersType> primaryIdentityProviderPrecedenceOrder = new LinkedList<B2bIdentityProvidersType>();
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.ExternalFederation);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.AzureActiveDirectory);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.SocialIdentityProviders);
invitationRedemptionIdentityProviderConfiguration.setPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder);
invitationRedemptionIdentityProviderConfiguration.setFallbackIdentityProvider(B2bIdentityProvidersType.EmailOneTimePasscode);
crossTenantAccessPolicyConfigurationDefault.setInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration);
CrossTenantAccessPolicyConfigurationDefault result = graphClient.policies().crossTenantAccessPolicy().defaultEscaped().patch(crossTenantAccessPolicyConfigurationDefault);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
const options = {
authProvider,
};
const client = Client.init(options);
const crossTenantAccessPolicyConfigurationDefault = {
invitationRedemptionIdentityProviderConfiguration: {
primaryIdentityProviderPrecedenceOrder: [
'externalFederation',
'azureActiveDirectory',
'socialIdentityProviders'
],
fallbackIdentityProvider: 'emailOneTimePasscode'
}
};
await client.api('/policies/crossTenantAccessPolicy/default')
.update(crossTenantAccessPolicyConfigurationDefault);
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\CrossTenantAccessPolicyConfigurationDefault;
use Microsoft\Graph\Generated\Models\DefaultInvitationRedemptionIdentityProviderConfiguration;
use Microsoft\Graph\Generated\Models\B2bIdentityProvidersType;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CrossTenantAccessPolicyConfigurationDefault();
$invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
$invitationRedemptionIdentityProviderConfiguration->setPrimaryIdentityProviderPrecedenceOrder([new B2bIdentityProvidersType('externalFederation'),new B2bIdentityProvidersType('azureActiveDirectory'),new B2bIdentityProvidersType('socialIdentityProviders'), ]);
$invitationRedemptionIdentityProviderConfiguration->setFallbackIdentityProvider(new B2bIdentityProvidersType('emailOneTimePasscode'));
$requestBody->setInvitationRedemptionIdentityProviderConfiguration($invitationRedemptionIdentityProviderConfiguration);
$result = $graphServiceClient->policies()->crossTenantAccessPolicy()->escapedDefault()->patch($requestBody)->wait();
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
invitationRedemptionIdentityProviderConfiguration = @{
primaryIdentityProviderPrecedenceOrder = @(
"externalFederation"
"azureActiveDirectory"
"socialIdentityProviders"
)
fallbackIdentityProvider = "emailOneTimePasscode"
}
}
Update-MgPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
from msgraph import GraphServiceClient
from msgraph.generated.models.cross_tenant_access_policy_configuration_default import CrossTenantAccessPolicyConfigurationDefault
from msgraph.generated.models.default_invitation_redemption_identity_provider_configuration import DefaultInvitationRedemptionIdentityProviderConfiguration
from msgraph.generated.models.b2b_identity_providers_type import B2bIdentityProvidersType
graph_client = GraphServiceClient(credentials, scopes)
request_body = CrossTenantAccessPolicyConfigurationDefault(
invitation_redemption_identity_provider_configuration = DefaultInvitationRedemptionIdentityProviderConfiguration(
primary_identity_provider_precedence_order = [
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
],
fallback_identity_provider = B2bIdentityProvidersType.EmailOneTimePasscode,
),
)
result = await graph_client.policies.cross_tenant_access_policy.default.patch(request_body)
有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息,请参阅 SDK 文档。
响应
HTTP/1.1 204 No Content
反馈
此页面是否有帮助?
反馈
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:https://aka.ms/ContentUserFeedback。
提交和查看相关反馈