Merge pull request #28724 from microsoftgraph/main

Auto Publish – main to live - 2026-04-23 00:30 UTC

Author: learn-build-service-prod[bot]

api-reference/beta/api/attachment-delete.md

@@ -1,11 +1,11 @@
 ---
 title: "Delete attachment"
-description: "Delete an attachment from a calendar event, message, Outlook task, or post."
+description: "Delete an attachment from a calendar event, message, note, Outlook task, or post."
 ms.localizationpriority: medium
 doc_type: apiPageType
 ms.subservice: "outlook"
 author: "SuryaLashmiS"
-ms.date: 08/08/2024
+ms.date: 04/15/2026
 ---
 
 # Delete attachment
@@ -14,20 +14,21 @@ Namespace: microsoft.graph
 
 [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
 
-Delete an attachment from a user calendar [event](../resources/event.md), [message](../resources/message.md), [Outlook task](../resources/outlooktask.md), or [post](../resources/post.md).
+Delete an attachment from a user calendar [event](../resources/event.md), [message](../resources/message.md), [note](../resources/note.md), [Outlook task](../resources/outlooktask.md), or [post](../resources/post.md).
 
 [!INCLUDE [outlooktask-deprecate-sharedfeature](../../includes/outlooktask-deprecate-sharedfeature.md)]
 
 [!INCLUDE [national-cloud-support](../../includes/all-clouds.md)]
 
 ## Permissions
 
-Depending on the resource (**event**, **message**, **outlookTask**, or **post**) that the attachment is attached to and the permission type (delegated or application) requested, the permission specified in the following table is the least privileged required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
+Depending on the resource (**event**, **message**, **note**, **outlookTask**, or **post**) that the attachment is attached to and the permission type (delegated or application) requested, the permission specified in the following table is the least privileged required to call this API. To learn more, including [taking caution](/graph/auth/auth-concepts#best-practices-for-requesting-permissions) before choosing more privileged permissions, search for the following permissions in [Permissions](/graph/permissions-reference).
 
 | Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application |
 |:-----|:-----|:-----|:-----|
 | [event](../resources/event.md) | Calendars.ReadWrite | Calendars.ReadWrite | Calendars.ReadWrite |
 | [message](../resources/message.md) | Mail.ReadWrite | Mail.ReadWrite | Mail.ReadWrite |
+| [note](../resources/note.md) | ShortNotes.ReadWrite | ShortNotes.ReadWrite | ShortNotes.ReadWrite.All |
 | [outlookTask](../resources/outlooktask.md) |  Tasks.ReadWrite | Tasks.ReadWrite | Not supported |
 | [post](../resources/post.md) | Group.ReadWrite.All | Not supported | Not supported |
 
@@ -97,6 +98,14 @@ DELETE /me/mailFolders/{id}/childFolders/{id}/.../messages/{id}/attachments/{id}
 DELETE /users/{id | userPrincipalName}/mailFolders/{id}/childFolders/{id}/messages/{id}/attachments/{id}
 ```
 
+Attachments for a [note](../resources/note.md) in a user's mailbox.
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /me/notes/{id}/attachments/{id}
+DELETE /users/{id | userPrincipalName}/notes/{id}/attachments/{id}
+```
+
 Attachments for an [Outlook task](../resources/outlooktask.md).
 <!-- { "blockType": "ignored" } -->
 
@@ -127,11 +136,13 @@ Don't supply a request body for this method.
 
 If successful, this method returns a `204 No Content` response code. It doesn't return anything in the response body.
 
-## Example
+## Examples
 
-### Request
+### Example 1: Delete an event attachment
+The following example shows how to delete an attachment on an [event](../resources/event.md).
+#### Request
 
-The following example shows a request to delete an attachment on an event.
+The following example shows a request.
 
 # [HTTP](#tab/http)
 <!-- {
@@ -173,7 +184,33 @@ DELETE https://graph.microsoft.com/beta/me/events/{id}/attachments/{id}
 
 ---
 
-### Response
+#### Response
+
+The following example shows the response.
+<!-- {
+  "blockType": "response",
+  "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Delete a note attachment
+The following example shows how to delete an attachment on a [note](../resources/note.md).
+#### Request
+
+The following example shows a request.
+<!-- {
+  "blockType": "request",
+  "name": "delete_attachment_from_note"
+} -->
+
+```http
+DELETE https://graph.microsoft.com/beta/me/notes/AAMkAGI2THVSAAA=/attachments/AAMkAGI2attach2
+```
+
+#### Response
 
 The following example shows the response.
 <!-- {

api-reference/beta/api/crosstenantaccesspolicy-post-partners.md

@@ -58,6 +58,7 @@ The following table lists the properties that are required when you create the [
 | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Microsoft Entra B2B collaboration. |
 | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Azure B2B direct connect. |
 | b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Microsoft Entra B2B direct connect. |
+| blockServiceProviderOutboundAccess | Boolean | Specifies whether users can use granular delegated admin privileges (GDAP) to sign-in and access resources in other organizations. Default value is `false`. Optional. |
 | inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the partner-specific configuration for trusting other Conditional Access claims from external Microsoft Entra organizations. |
 | isServiceProvider | Boolean | Identifies whether the partner-specific configuration is a cloud service provider for your organization. |
 | tenantId | String | The tenant identifier for the partner Microsoft Entra organization. Read-only. Key.|

api-reference/beta/api/crosstenantaccesspolicyconfigurationdefault-update.md

@@ -56,6 +56,7 @@ PATCH /policies/crossTenantAccessPolicy/default
 | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users in your organization going outbound to access resources in another organization via Microsoft Entra B2B collaboration. |
 | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users from other organizations accessing your resources via Microsoft Entra B2B direct connect. |
 | b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your default configuration for users in your organization going outbound to access resources in another organization via Microsoft Entra B2B direct connect. |
+| blockServiceProviderOutboundAccess | Boolean | Specifies whether users can use granular delegated admin privileges (GDAP) to sign-in and access resources in other organizations. Default value is `false`. Optional. |
 | inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the default configuration for trusting other Conditional Access claims from external Microsoft Entra organizations. |
 | invitationRedemptionIdentityProviderConfiguration | [defaultInvitationRedemptionIdentityProviderConfiguration](../resources/defaultInvitationRedemptionIdentityProviderConfiguration.md) | Defines the priority order based on which an identity provider is chosen during invitation redemption. |
 | m365CollaborationInbound | [crossTenantAccessPolicyM365CollaborationInboundSetting](../resources/crosstenantaccesspolicym365collaborationinboundsetting.md) | Defines your default configuration for inbound Microsoft 365 collaboration settings that determine which users from other organizations can collaborate with your organization using Microsoft 365 apps. |

api-reference/beta/api/crosstenantaccesspolicyconfigurationpartner-update.md

@@ -57,6 +57,7 @@ PATCH /policies/crossTenantAccessPolicy/partners/{id}
 | b2bCollaborationOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Microsoft Entra B2B collaboration. |
 | b2bDirectConnectInbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users from other organizations accessing your resources via Microsoft Entra B2B direct connect. |
 | b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Microsoft Entra B2B direct connect. |
+| blockServiceProviderOutboundAccess | Boolean | Specifies whether users can use granular delegated admin privileges (GDAP) to sign-in and access resources in other organizations. Default value is `false`. Optional. |
 | inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the partner-specific configuration for trusting other Conditional Access claims from external Microsoft Entra organizations. |
 | m365CollaborationInbound | [crossTenantAccessPolicyM365CollaborationInboundSetting](../resources/crosstenantaccesspolicym365collaborationinboundsetting.md) | Defines your partner-specific configuration for inbound Microsoft 365 collaboration settings. |
 | m365CollaborationOutbound | [crossTenantAccessPolicyM365CollaborationOutboundSetting](../resources/crosstenantaccesspolicym365collaborationoutboundsetting.md) | Defines your partner-specific configuration for outbound Microsoft 365 collaboration settings. |

api-reference/beta/api/multivaluelegacyextendedproperty-get.md

@@ -30,6 +30,7 @@ The following user resources are supported:
 - [event](../resources/event.md)
 - [mailFolder](../resources/mailfolder.md)
 - [message](../resources/message.md)
+- [note](../resources/note.md)
 - [Outlook task](../resources/outlooktask.md)
 - [Outlook task folder](../resources/outlooktaskfolder.md)
 
@@ -58,6 +59,7 @@ Depending on the resource you're getting the extended property from and the perm
 | group [post](../resources/post.md) | Group.Read.All | Not supported | Group.Read.All |
 | [mailFolder](../resources/mailfolder.md) | Mail.Read | Mail.Read | Mail.Read |
 | [message](../resources/message.md) | Mail.Read | Mail.Read | Mail.Read |
+| [note](../resources/note.md) | ShortNotes.Read | ShortNotes.Read | ShortNotes.Read |
 | [Outlook task](../resources/outlooktask.md) | Tasks.Read | Tasks.Read | Not supported |
 | [Outlook task folder](../resources/outlooktaskfolder.md) | Tasks.Read | Tasks.Read | Not supported |
 
@@ -120,6 +122,15 @@ GET /users/{id|userPrincipalName}/contactFolders/{id}?$expand=multiValueExtended
 
 [!INCLUDE [me-apis-sign-in-note](../includes/me-apis-sign-in-note.md)]
 
+Get a **note** instance:
+<!-- { "blockType": "ignored" } -->
+```http
+GET /me/notes/{id}?$expand=multiValueExtendedProperties($filter=id eq '{id_value}')
+GET /users/{id|userPrincipalName}/notes/{id}?$expand=multiValueExtendedProperties($filter=id eq '{id_value}')
+```
+
+[!INCLUDE [me-apis-sign-in-note](../includes/me-apis-sign-in-note.md)]
+
 Get an **outlookTask** instance:
 <!-- { "blockType": "ignored" } -->
 ```http

api-reference/beta/api/multivaluelegacyextendedproperty-post-multivalueextendedproperties.md

@@ -26,6 +26,7 @@ The following user resources are supported:
 - [event](../resources/event.md)
 - [mailFolder](../resources/mailfolder.md)
 - [message](../resources/message.md)
+- [note](../resources/note.md)
 - [Outlook task](../resources/outlooktask.md)
 - [Outlook task folder](../resources/outlooktaskfolder.md)
 
@@ -54,6 +55,7 @@ Depending on the resource you're creating the extended property in and the permi
 | group [post](../resources/post.md) | Group.ReadWrite.All | Not supported | Not supported |
 | [mailFolder](../resources/mailfolder.md) | Mail.ReadWrite | Mail.ReadWrite | Mail.ReadWrite |
 | [message](../resources/message.md) | Mail.ReadWrite | Mail.ReadWrite | Mail.ReadWrite |
+| [note](../resources/note.md) | ShortNotes.ReadWrite | ShortNotes.ReadWrite | ShortNotes.ReadWrite |
 | [Outlook task](../resources/outlooktask.md) | Tasks.ReadWrite | Tasks.ReadWrite | Not supported |
 | [Outlook task folder](../resources/outlooktaskfolder.md) | Tasks.ReadWrite | Tasks.ReadWrite | Not supported |
 
@@ -92,6 +94,9 @@ POST /users/{id|userPrincipalName}/contacts
 POST /me/contactFolders
 POST /users/{id|userPrincipalName}/contactFolders
 
+POST /me/notes
+POST /users/{id|userPrincipalName}/notes
+
 POST /me/outlook/tasks
 POST /users/{id|userPrincipalName}/outlook/tasks
 POST /me/outlook/taskFolders/{id}/tasks
@@ -142,6 +147,9 @@ PATCH /users/{id|userPrincipalName}/contacts/{id}
 PATCH /me/contactFolders/{id}
 PATCH /users/{id|userPrincipalName}/contactFolders/{id}
 
+PATCH /me/notes/{id}
+PATCH /users/{id|userPrincipalName}/notes/{id}
+
 PATCH /me/outlook/tasks/{id}
 PATCH /users/{id|userPrincipalName}/outlook/tasks/{id}
 PATCH /me/outlook/taskFolders/{id}/tasks/{id}

api-reference/beta/api/note-delete.md

@@ -0,0 +1,84 @@
+---
+title: "Delete note"
+description: "Delete a note object."
+author: "rajeshvulla"
+ms.date: 04/07/2026
+ms.localizationpriority: medium
+ms.subservice: "outlook"
+doc_type: apiPageType
+---
+
+# Delete note
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Delete a [note](../resources/note.md) object. Supports optimistic concurrency control via the `If-Match` header.
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+<!-- {
+  "blockType": "permissions",
+  "name": "note-delete-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/note-delete-permissions.md)]
+
+## HTTP request
+
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+DELETE /me/notes/{note-id}
+DELETE /users/{id | userPrincipalName}/notes/{note-id}
+```
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+|If-Match|The **changeKey** value for the note is used for optimistic concurrency control. Optional. We recommend that you use this header to avoid conflicts.|
+
+## Request body
+
+Don't supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+If the `If-Match` header doesn't match the current **changeKey**, this method returns a `412 Precondition Failed` response code.
+
+## Examples
+
+### Request
+
+The following example shows a request.
+<!-- {
+  "blockType": "request",
+  "name": "delete_note"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/me/notes/AAMkAGI2THVSAAA=
+If-Match: "CQAAABYAAABG"
+```
+
+### Response
+
+The following example shows the response.
+<!-- {
+  "blockType": "response",
+  "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+