| title | permissionGrantPreApprovalPolicy resource type |
|---|---|
| description | Policies that specify the conditions under which consent can be granted to a specific application. |
| author | yuhko-msft |
| ms.localizationpriority | medium |
| ms.subservice | entra-applications |
| doc_type | resourcePageType |
| ms.date | 07/22/2024 |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
A permission grant preapproval policy is used to help administrators granularly control the conditions under which consent can be granted to a specific application.
A permission grant preapproval policy consists of a list of condition sets. An event matches a permission grant preapproval policy if it matches at least one of the condition sets in the conditions list. Inherits from directoryObject.
| Method | Return type | Description |
|---|---|---|
| List | permissionGrantPreApprovalPolicy collection | Get a list of the permissionGrantPreApprovalPolicy objects and their properties. |
| Create | permissionGrantPreApprovalPolicy | Create a new permissionGrantPreApprovalPolicy object. |
| Get | permissionGrantPreApprovalPolicy | Read the properties and relationships of a permissionGrantPreApprovalPolicy object. |
| Update | permissionGrantPreApprovalPolicy | Update the properties of a permissionGrantPreApprovalPolicy object. |
| Delete | None | Delete a permissionGrantPreApprovalPolicy object. |
| List assigned to service principal | permissionGrantPreApprovalPolicy collection | Get permissionGrantPreApprovalPolicy assigned to a service principal. |
| Assign to service principal | permissionGrantPreApprovalPolicy collection | Assign a permissionGrantPreApprovalPolicy to a service principal. |
| Unassign from service principal | permissionGrantPreApprovalPolicy collection | Remove a permissionGrantPreApprovalPolicy from a service principal. |
| Property | Type | Description |
|---|---|---|
| conditions | preApprovalDetail collection | A list of condition sets describing the conditions under which the permission to grant consent for the app has been preapproved. |
| deletedDateTime | DateTimeOffset | Null. Inherited from directoryObject. |
| id | String | The unique identifier for the permission grant preapproval policy. Inherited from entity. |
None.
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.permissionGrantPreApprovalPolicy",
"id": "String (identifier)",
"deletedDateTime": "String (timestamp)",
"conditions": [
{
"@odata.type": "microsoft.graph.preApprovalDetail"
}
]
}