// Project: https://github.com/microsoftgraph/msgraph-typescript-typings // Definitions by: Microsoft Graph Team // Michael Mainer // Peter Ombwa // Mustafa Zengin // DeVere Dyett // Nikitha Udaykumar Chettiar // Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped // TypeScript Version: 2.1 export as namespace microsoftgraph; export type NullableOption = T | null; export type AppliedConditionalAccessPolicyResult = | "success" | "failure" | "notApplied" | "notEnabled" | "unknown" | "unknownFutureValue"; export type AuthenticationMethodFeature = | "ssprRegistered" | "ssprEnabled" | "ssprCapable" | "passwordlessCapable" | "mfaCapable" | "unknownFutureValue"; export type ConditionalAccessStatus = "success" | "failure" | "notApplied" | "unknownFutureValue"; export type FeatureType = "registration" | "reset" | "unknownFutureValue"; export type GroupType = "unifiedGroups" | "azureAD" | "unknownFutureValue"; export type IncludedUserRoles = "all" | "privilegedAdmin" | "admin" | "user" | "unknownFutureValue"; export type IncludedUserTypes = "all" | "member" | "guest" | "unknownFutureValue"; export type InitiatorType = "user" | "application" | "system" | "unknownFutureValue"; export type OperationResult = "success" | "failure" | "timeout" | "unknownFutureValue"; export type OutlierContainerType = "group" | "unknownFutureValue"; export type OutlierMemberType = "user" | "unknownFutureValue"; export type ProvisioningAction = | "other" | "create" | "delete" | "disable" | "update" | "stagedDelete" | "unknownFutureValue"; export type ProvisioningResult = "success" | "failure" | "skipped" | "warning" | "unknownFutureValue"; export type ProvisioningStatusErrorCategory = "failure" | "nonServiceFailure" | "success" | "unknownFutureValue"; export type ProvisioningStepType = | "import" | "scoping" | "matching" | "processing" | "referenceResolution" | "export" | "unknownFutureValue"; export type RiskDetail = | "none" | "adminGeneratedTemporaryPassword" | "userPerformedSecuredPasswordChange" | "userPerformedSecuredPasswordReset" | "adminConfirmedSigninSafe" | "aiConfirmedSigninSafe" | "userPassedMFADrivenByRiskBasedPolicy" | "adminDismissedAllRiskForUser" | "adminConfirmedSigninCompromised" | "hidden" | "adminConfirmedUserCompromised" | "unknownFutureValue" | "adminConfirmedServicePrincipalCompromised" | "adminDismissedAllRiskForServicePrincipal" | "m365DAdminDismissedDetection"; export type RiskEventType = | "unlikelyTravel" | "anonymizedIPAddress" | "maliciousIPAddress" | "unfamiliarFeatures" | "malwareInfectedIPAddress" | "suspiciousIPAddress" | "leakedCredentials" | "investigationsThreatIntelligence" | "generic" | "adminConfirmedUserCompromised" | "mcasImpossibleTravel" | "mcasSuspiciousInboxManipulationRules" | "investigationsThreatIntelligenceSigninLinked" | "maliciousIPAddressValidCredentialsBlockedIP" | "unknownFutureValue"; export type RiskLevel = "low" | "medium" | "high" | "hidden" | "none" | "unknownFutureValue"; export type RiskState = | "none" | "confirmedSafe" | "remediated" | "dismissed" | "atRisk" | "confirmedCompromised" | "unknownFutureValue"; export type SignInUserType = "member" | "guest" | "unknownFutureValue"; export type UserDefaultAuthenticationMethod = | "push" | "oath" | "voiceMobile" | "voiceAlternateMobile" | "voiceOffice" | "sms" | "none" | "unknownFutureValue"; export type AdvancedConfigState = "default" | "enabled" | "disabled" | "unknownFutureValue"; export type AuthenticationMethodModes = | "password" | "voice" | "hardwareOath" | "softwareOath" | "sms" | "fido2" | "windowsHelloForBusiness" | "microsoftAuthenticatorPush" | "deviceBasedPush" | "temporaryAccessPassOneTime" | "temporaryAccessPassMultiUse" | "email" | "x509CertificateSingleFactor" | "x509CertificateMultiFactor" | "federatedSingleFactor" | "federatedMultiFactor" | "unknownFutureValue"; export type AuthenticationMethodsPolicyMigrationState = | "preMigration" | "migrationInProgress" | "migrationComplete" | "unknownFutureValue"; export type AuthenticationMethodState = "enabled" | "disabled"; export type AuthenticationMethodTargetType = "user" | "group" | "unknownFutureValue"; export type AuthenticationStrengthPolicyType = "builtIn" | "custom" | "unknownFutureValue"; export type AuthenticationStrengthRequirements = "none" | "mfa" | "unknownFutureValue"; export type BaseAuthenticationMethod = | "password" | "voice" | "hardwareOath" | "softwareOath" | "sms" | "fido2" | "windowsHelloForBusiness" | "microsoftAuthenticator" | "temporaryAccessPass" | "email" | "x509Certificate" | "federation" | "unknownFutureValue"; export type ExternalEmailOtpState = "default" | "enabled" | "disabled" | "unknownFutureValue"; export type FeatureTargetType = "group" | "administrativeUnit" | "role" | "unknownFutureValue"; export type Fido2RestrictionEnforcementType = "allow" | "block" | "unknownFutureValue"; export type MicrosoftAuthenticatorAuthenticationMode = "deviceBasedPush" | "push" | "any"; export type X509CertificateAuthenticationMode = | "x509CertificateSingleFactor" | "x509CertificateMultiFactor" | "unknownFutureValue"; export type X509CertificateRuleType = "issuerSubject" | "policyOID" | "unknownFutureValue"; export type VolumeType = "operatingSystemVolume" | "fixedDataVolume" | "removableDataVolume" | "unknownFutureValue"; export type AnswerInputType = "text" | "radioButton" | "unknownFutureValue"; export type BookingPriceType = | "undefined" | "fixedPrice" | "startingAt" | "hourly" | "free" | "priceVaries" | "callUs" | "notSet" | "unknownFutureValue"; export type BookingReminderRecipients = "allAttendees" | "staff" | "customer" | "unknownFutureValue"; export type BookingsAvailabilityStatus = "available" | "busy" | "slotsAvailable" | "outOfOffice" | "unknownFutureValue"; export type BookingStaffRole = | "guest" | "administrator" | "viewer" | "externalGuest" | "unknownFutureValue" | "scheduler" | "teamMember"; export type DayOfWeek = "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday"; export type LocationType = | "default" | "conferenceRoom" | "homeAddress" | "businessAddress" | "geoCoordinates" | "streetAddress" | "hotel" | "restaurant" | "localBusiness" | "postalAddress"; export type LocationUniqueIdType = "unknown" | "locationStore" | "directory" | "private" | "bing"; export type PhoneType = | "home" | "business" | "mobile" | "other" | "assistant" | "homeFax" | "businessFax" | "otherFax" | "pager" | "radio"; export type PhysicalAddressType = "unknown" | "home" | "business" | "other"; export type BodyType = "text" | "html"; export type DataSubjectType = | "customer" | "currentEmployee" | "formerEmployee" | "prospectiveEmployee" | "student" | "teacher" | "faculty" | "other" | "unknownFutureValue"; export type SubjectRightsRequestStage = | "contentRetrieval" | "contentReview" | "generateReport" | "contentDeletion" | "caseResolved" | "contentEstimate" | "unknownFutureValue" | "approval"; export type SubjectRightsRequestStageStatus = "notStarted" | "current" | "completed" | "failed" | "unknownFutureValue"; export type SubjectRightsRequestStatus = "active" | "closed" | "unknownFutureValue"; export type SubjectRightsRequestType = "export" | "delete" | "access" | "tagForAction" | "unknownFutureValue"; export type IdentityUserFlowAttributeDataType = | "string" | "boolean" | "int64" | "stringCollection" | "dateTime" | "unknownFutureValue"; export type IdentityUserFlowAttributeInputType = | "textBox" | "dateTimeDropdown" | "radioSingleSelect" | "dropdownSingleSelect" | "emailBox" | "checkboxMultiSelect"; export type IdentityUserFlowAttributeType = "builtIn" | "custom" | "required" | "unknownFutureValue"; export type UserFlowType = | "signUp" | "signIn" | "signUpOrSignIn" | "passwordReset" | "profileUpdate" | "resourceOwner" | "unknownFutureValue"; export type LobbyBypassScope = | "organizer" | "organization" | "organizationAndFederated" | "everyone" | "unknownFutureValue" | "invited" | "organizationExcludingGuests"; export type MeetingChatMode = "enabled" | "disabled" | "limited" | "unknownFutureValue"; export type OnlineMeetingPresenters = | "everyone" | "organization" | "roleIsPresenter" | "organizer" | "unknownFutureValue"; export type AllowInvitesFrom = | "none" | "adminsAndGuestInviters" | "adminsGuestInvitersAndAllMembers" | "everyone" | "unknownFutureValue"; export type AppCredentialRestrictionType = | "passwordAddition" | "passwordLifetime" | "symmetricKeyAddition" | "symmetricKeyLifetime" | "customPasswordAddition" | "unknownFutureValue"; export type AppKeyCredentialRestrictionType = "asymmetricKeyLifetime" | "unknownFutureValue"; export type AuthenticationProtocol = "wsFed" | "saml" | "unknownFutureValue"; export type CrossTenantAccessPolicyTargetConfigurationAccessType = "allowed" | "blocked" | "unknownFutureValue"; export type CrossTenantAccessPolicyTargetType = "user" | "group" | "application" | "unknownFutureValue"; export type FederatedIdpMfaBehavior = | "acceptIfMfaDoneByFederatedIdp" | "enforceMfaByFederatedIdp" | "rejectMfaByFederatedIdp" | "unknownFutureValue"; export type LayoutTemplateType = "default" | "verticalSplit" | "unknownFutureValue"; export type OnPremisesDirectorySynchronizationDeletionPreventionType = | "disabled" | "enabledForCount" | "enabledForPercentage" | "unknownFutureValue"; export type PartnerTenantType = | "microsoftSupport" | "syndicatePartner" | "breadthPartner" | "breadthPartnerDelegatedAdmin" | "resellerPartnerDelegatedAdmin" | "valueAddedResellerPartnerDelegatedAdmin" | "unknownFutureValue"; export type PermissionClassificationType = "low" | "medium" | "high" | "unknownFutureValue"; export type PermissionType = "application" | "delegated" | "delegatedUserConsentable"; export type PromptLoginBehavior = | "translateToFreshPasswordAuthentication" | "nativeSupport" | "disabled" | "unknownFutureValue"; export type WeakAlgorithms = "rsaSha1" | "unknownFutureValue"; export type BrowserSharedCookieSourceEnvironment = | "microsoftEdge" | "internetExplorer11" | "both" | "unknownFutureValue"; export type BrowserSharedCookieStatus = | "published" | "pendingAdd" | "pendingEdit" | "pendingDelete" | "unknownFutureValue"; export type BrowserSiteCompatibilityMode = | "default" | "internetExplorer8Enterprise" | "internetExplorer7Enterprise" | "internetExplorer11" | "internetExplorer10" | "internetExplorer9" | "internetExplorer8" | "internetExplorer7" | "internetExplorer5" | "unknownFutureValue"; export type BrowserSiteListStatus = "draft" | "published" | "pending" | "unknownFutureValue"; export type BrowserSiteMergeType = "noMerge" | "default" | "unknownFutureValue"; export type BrowserSiteStatus = "published" | "pendingAdd" | "pendingEdit" | "pendingDelete" | "unknownFutureValue"; export type BrowserSiteTargetEnvironment = | "internetExplorerMode" | "internetExplorer11" | "microsoftEdge" | "configurable" | "none" | "unknownFutureValue"; export type EducationAddedStudentAction = "none" | "assignIfOpen" | "unknownFutureValue"; export type EducationAddToCalendarOptions = | "none" | "studentsAndPublisher" | "studentsAndTeamOwners" | "unknownFutureValue" | "studentsOnly"; export type EducationAssignmentStatus = "draft" | "published" | "assigned" | "unknownFutureValue"; export type EducationFeedbackResourceOutcomeStatus = | "notPublished" | "pendingPublish" | "published" | "failedPublish" | "unknownFutureValue"; export type EducationSubmissionStatus = | "working" | "submitted" | "released" | "returned" | "unknownFutureValue" | "reassigned"; export type ContactRelationship = | "parent" | "relative" | "aide" | "doctor" | "guardian" | "child" | "other" | "unknownFutureValue"; export type EducationExternalSource = "sis" | "manual" | "unknownFutureValue"; export type EducationGender = "female" | "male" | "other" | "unknownFutureValue"; export type EducationUserRole = "student" | "teacher" | "none" | "unknownFutureValue"; export type WorkbookOperationStatus = "notStarted" | "running" | "succeeded" | "failed"; export type ActivityDomain = "unknown" | "work" | "personal" | "unrestricted"; export type AttendeeType = "required" | "optional" | "resource"; export type FreeBusyStatus = "unknown" | "free" | "tentative" | "busy" | "oof" | "workingElsewhere"; export type BookingType = "unknown" | "standard" | "reserved"; export type AttachmentType = "file" | "item" | "reference"; export type AutomaticRepliesStatus = "disabled" | "alwaysEnabled" | "scheduled"; export type CalendarColor = | "auto" | "lightBlue" | "lightGreen" | "lightOrange" | "lightGray" | "lightYellow" | "lightTeal" | "lightPink" | "lightBrown" | "lightRed" | "maxColor"; export type CalendarRoleType = | "none" | "freeBusyRead" | "limitedRead" | "read" | "write" | "delegateWithoutPrivateEventAccess" | "delegateWithPrivateEventAccess" | "custom"; export type CalendarSharingAction = "accept" | "acceptAndViewCalendar" | "viewCalendar" | "addThisCalendar"; export type CalendarSharingActionImportance = "primary" | "secondary"; export type CalendarSharingActionType = "accept"; export type CategoryColor = | "none" | "preset0" | "preset1" | "preset2" | "preset3" | "preset4" | "preset5" | "preset6" | "preset7" | "preset8" | "preset9" | "preset10" | "preset11" | "preset12" | "preset13" | "preset14" | "preset15" | "preset16" | "preset17" | "preset18" | "preset19" | "preset20" | "preset21" | "preset22" | "preset23" | "preset24"; export type DelegateMeetingMessageDeliveryOptions = | "sendToDelegateAndInformationToPrincipal" | "sendToDelegateAndPrincipal" | "sendToDelegateOnly"; export type EventType = "singleInstance" | "occurrence" | "exception" | "seriesMaster"; export type ExchangeIdFormat = "entryId" | "ewsId" | "immutableEntryId" | "restId" | "restImmutableEntryId"; export type ExternalAudienceScope = "none" | "contactsOnly" | "all"; export type FollowupFlagStatus = "notFlagged" | "complete" | "flagged"; export type Importance = "low" | "normal" | "high"; export type InferenceClassificationType = "focused" | "other"; export type MailTipsType = | "automaticReplies" | "mailboxFullStatus" | "customMailTip" | "externalMemberCount" | "totalMemberCount" | "maxMessageSize" | "deliveryRestriction" | "moderationStatus" | "recipientScope" | "recipientSuggestions"; export type MeetingMessageType = | "none" | "meetingRequest" | "meetingCancelled" | "meetingAccepted" | "meetingTenativelyAccepted" | "meetingDeclined"; export type MeetingRequestType = | "none" | "newMeetingRequest" | "fullUpdate" | "informationalUpdate" | "silentUpdate" | "outdated" | "principalWantsCopy"; export type MessageActionFlag = | "any" | "call" | "doNotForward" | "followUp" | "fyi" | "forward" | "noResponseNecessary" | "read" | "reply" | "replyToAll" | "review"; export type OnlineMeetingProviderType = "unknown" | "skypeForBusiness" | "skypeForConsumer" | "teamsForBusiness"; export type RecipientScopeType = "none" | "internal" | "external" | "externalPartner" | "externalNonPartner"; export type RecurrencePatternType = | "daily" | "weekly" | "absoluteMonthly" | "relativeMonthly" | "absoluteYearly" | "relativeYearly"; export type RecurrenceRangeType = "endDate" | "noEnd" | "numbered"; export type ResponseType = "none" | "organizer" | "tentativelyAccepted" | "accepted" | "declined" | "notResponded"; export type SelectionLikelihoodInfo = "notSpecified" | "high"; export type Sensitivity = "normal" | "personal" | "private" | "confidential"; export type TimeZoneStandard = "windows" | "iana"; export type UserPurpose = "user" | "linked" | "shared" | "room" | "equipment" | "others" | "unknownFutureValue"; export type WebsiteType = "other" | "home" | "work" | "blog" | "profile"; export type WeekIndex = "first" | "second" | "third" | "fourth" | "last"; export type ImageTaggingChoice = "disabled" | "basic" | "enhanced" | "unknownFutureValue"; export type SharingCapabilities = | "disabled" | "externalUserSharingOnly" | "externalUserAndGuestSharing" | "existingExternalUserSharingOnly" | "unknownFutureValue"; export type SharingDomainRestrictionMode = "none" | "allowList" | "blockList" | "unknownFutureValue"; export type ColumnTypes = | "note" | "text" | "choice" | "multichoice" | "number" | "currency" | "dateTime" | "lookup" | "boolean" | "user" | "url" | "calculated" | "location" | "geolocation" | "term" | "multiterm" | "thumbnail" | "approvalStatus" | "unknownFutureValue"; export type LongRunningOperationStatus = "notStarted" | "running" | "succeeded" | "failed" | "unknownFutureValue"; export type SensitivityLabelAssignmentMethod = "standard" | "privileged" | "auto" | "unknownFutureValue"; export type StagedFeatureName = | "passthroughAuthentication" | "seamlessSso" | "passwordHashSync" | "emailAsAlternateId" | "unknownFutureValue" | "certificateBasedAuthentication" | "multiFactorAuthentication"; export type AttributeDefinitionMetadata = | "BaseAttributeName" | "ComplexObjectDefinition" | "IsContainer" | "IsCustomerDefined" | "IsDomainQualified" | "LinkPropertyNames" | "LinkTypeName" | "MaximumLength" | "ReferencedProperty"; export type AttributeFlowBehavior = "FlowWhenChanged" | "FlowAlways"; export type AttributeFlowType = "Always" | "ObjectAddOnly" | "MultiValueAddOnly" | "ValueAddOnly" | "AttributeAddOnly"; export type AttributeMappingSourceType = "Attribute" | "Constant" | "Function"; export type AttributeType = "String" | "Integer" | "Reference" | "Binary" | "Boolean" | "DateTime"; export type DirectoryDefinitionDiscoverabilities = | "None" | "AttributeNames" | "AttributeDataTypes" | "AttributeReadOnly" | "ReferenceAttributes" | "UnknownFutureValue"; export type EntryExportStatus = "Noop" | "Success" | "RetryableError" | "PermanentError" | "Error"; export type EntrySyncOperation = "None" | "Add" | "Delete" | "Update"; export type EscrowBehavior = "Default" | "IgnoreLookupReferenceResolutionFailure"; export type Mutability = "ReadWrite" | "ReadOnly" | "Immutable" | "WriteOnly"; export type ObjectDefinitionMetadata = | "PropertyNameAccountEnabled" | "PropertyNameSoftDeleted" | "IsSoftDeletionSupported" | "IsSynchronizeAllSupported" | "ConnectorDataStorageRequired" | "Extensions" | "BaseObjectName"; export type ObjectFlowTypes = "None" | "Add" | "Update" | "Delete"; export type ObjectMappingMetadata = | "EscrowBehavior" | "DisableMonitoringForChanges" | "OriginalJoiningProperty" | "Disposition" | "IsCustomerDefined" | "ExcludeFromReporting" | "Unsynchronized"; export type QuarantineReason = | "EncounteredBaseEscrowThreshold" | "EncounteredTotalEscrowThreshold" | "EncounteredEscrowProportionThreshold" | "EncounteredQuarantineException" | "Unknown" | "QuarantinedOnDemand" | "TooManyDeletes" | "IngestionInterrupted"; export type ScopeOperatorMultiValuedComparisonType = "All" | "Any"; export type ScopeOperatorType = "Binary" | "Unary"; export type SynchronizationDisposition = "Normal" | "Discard" | "Escrow"; export type SynchronizationJobRestartScope = | "None" | "ConnectorDataStore" | "Escrows" | "Watermark" | "QuarantineState" | "Full" | "ForceDeletes"; export type SynchronizationMetadata = | "GalleryApplicationIdentifier" | "GalleryApplicationKey" | "IsOAuthEnabled" | "IsSynchronizationAgentAssignmentRequired" | "IsSynchronizationAgentRequired" | "IsSynchronizationInPreview" | "OAuthSettings" | "SynchronizationLearnMoreIbizaFwLink" | "ConfigurationFields"; export type SynchronizationScheduleState = "Active" | "Disabled" | "Paused"; export type SynchronizationSecret = | "None" | "UserName" | "Password" | "SecretToken" | "AppKey" | "BaseAddress" | "ClientIdentifier" | "ClientSecret" | "SingleSignOnType" | "Sandbox" | "Url" | "Domain" | "ConsumerKey" | "ConsumerSecret" | "TokenKey" | "TokenExpiration" | "Oauth2AccessToken" | "Oauth2AccessTokenCreationTime" | "Oauth2RefreshToken" | "SyncAll" | "InstanceName" | "Oauth2ClientId" | "Oauth2ClientSecret" | "CompanyId" | "UpdateKeyOnSoftDelete" | "SynchronizationSchedule" | "SystemOfRecord" | "SandboxName" | "EnforceDomain" | "SyncNotificationSettings" | "SkipOutOfScopeDeletions" | "Oauth2AuthorizationCode" | "Oauth2RedirectUri" | "ApplicationTemplateIdentifier" | "Oauth2TokenExchangeUri" | "Oauth2AuthorizationUri" | "AuthenticationType" | "Server" | "PerformInboundEntitlementGrants" | "HardDeletesEnabled" | "SyncAgentCompatibilityKey" | "SyncAgentADContainer" | "ValidateDomain" | "TestReferences" | "ConnectionString"; export type SynchronizationStatusCode = "NotConfigured" | "NotRun" | "Active" | "Paused" | "Quarantine"; export type SynchronizationTaskExecutionResult = "Succeeded" | "Failed" | "EntryLevelErrors"; export type AccessReviewHistoryDecisionFilter = | "approve" | "deny" | "notReviewed" | "dontKnow" | "notNotified" | "unknownFutureValue"; export type AccessReviewHistoryStatus = "done" | "inprogress" | "error" | "requested" | "unknownFutureValue"; export type AccessReviewInstanceDecisionItemFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; export type AccessReviewInstanceFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; export type AccessReviewScheduleDefinitionFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; export type AccessReviewStageFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; export type ApprovalFilterByCurrentUserOptions = "target" | "createdBy" | "approver" | "unknownFutureValue"; export type ConsentRequestFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; export type UserSignInRecommendationScope = "tenant" | "application" | "unknownFutureValue"; export type AgreementAcceptanceState = "accepted" | "declined" | "unknownFutureValue"; export type ActivityType = "signin" | "user" | "unknownFutureValue" | "servicePrincipal"; export type CloudAppSecuritySessionControlType = | "mcasConfigured" | "monitorOnly" | "blockDownloads" | "unknownFutureValue"; export type ConditionalAccessClientApp = | "all" | "browser" | "mobileAppsAndDesktopClients" | "exchangeActiveSync" | "easSupported" | "other" | "unknownFutureValue"; export type ConditionalAccessDevicePlatform = | "android" | "iOS" | "windows" | "windowsPhone" | "macOS" | "all" | "unknownFutureValue" | "linux"; export type ConditionalAccessExternalTenantsMembershipKind = "all" | "enumerated" | "unknownFutureValue"; export type ConditionalAccessGrantControl = | "block" | "mfa" | "compliantDevice" | "domainJoinedDevice" | "approvedApplication" | "compliantApplication" | "passwordChange" | "unknownFutureValue"; export type ConditionalAccessGuestOrExternalUserTypes = | "none" | "internalGuest" | "b2bCollaborationGuest" | "b2bCollaborationMember" | "b2bDirectConnectUser" | "otherExternalUser" | "serviceProvider" | "unknownFutureValue"; export type ConditionalAccessPolicyState = "enabled" | "disabled" | "enabledForReportingButNotEnforced"; export type CountryLookupMethodType = "clientIpAddress" | "authenticatorAppGps" | "unknownFutureValue"; export type FilterMode = "include" | "exclude"; export type PersistentBrowserSessionMode = "always" | "never"; export type RiskDetectionTimingType = "notDefined" | "realtime" | "nearRealtime" | "offline" | "unknownFutureValue"; export type SignInFrequencyAuthenticationType = | "primaryAndSecondaryAuthentication" | "secondaryAuthentication" | "unknownFutureValue"; export type SignInFrequencyInterval = "timeBased" | "everyTime" | "unknownFutureValue"; export type SigninFrequencyType = "days" | "hours"; export type TemplateScenarios = | "new" | "secureFoundation" | "zeroTrust" | "remoteWork" | "protectAdmins" | "emergingThreats" | "unknownFutureValue"; export type TokenIssuerType = | "AzureAD" | "ADFederationServices" | "UnknownFutureValue" | "AzureADBackupAuth" | "ADFederationServicesMFAAdapter" | "NPSExtension"; export type AccessPackageAssignmentFilterByCurrentUserOptions = "target" | "createdBy" | "unknownFutureValue"; export type AccessPackageAssignmentRequestFilterByCurrentUserOptions = | "target" | "createdBy" | "approver" | "unknownFutureValue"; export type AccessPackageAssignmentState = | "delivering" | "partiallyDelivered" | "delivered" | "expired" | "deliveryFailed" | "unknownFutureValue"; export type AccessPackageCatalogState = "unpublished" | "published" | "unknownFutureValue"; export type AccessPackageCatalogType = "userManaged" | "serviceDefault" | "serviceManaged" | "unknownFutureValue"; export type AccessPackageCustomExtensionStage = | "assignmentRequestCreated" | "assignmentRequestApproved" | "assignmentRequestGranted" | "assignmentRequestRemoved" | "assignmentFourteenDaysBeforeExpiration" | "assignmentOneDayBeforeExpiration" | "unknownFutureValue"; export type AccessPackageExternalUserLifecycleAction = | "none" | "blockSignIn" | "blockSignInAndDelete" | "unknownFutureValue"; export type AccessPackageFilterByCurrentUserOptions = "allowedRequestor" | "unknownFutureValue"; export type AccessPackageRequestState = | "submitted" | "pendingApproval" | "delivering" | "delivered" | "deliveryFailed" | "denied" | "scheduled" | "canceled" | "partiallyDelivered" | "unknownFutureValue"; export type AccessPackageRequestType = | "notSpecified" | "userAdd" | "userUpdate" | "userRemove" | "adminAdd" | "adminUpdate" | "adminRemove" | "systemAdd" | "systemUpdate" | "systemRemove" | "onBehalfAdd" | "unknownFutureValue"; export type AccessPackageSubjectType = "notSpecified" | "user" | "servicePrincipal" | "unknownFutureValue"; export type AccessReviewExpirationBehavior = | "keepAccess" | "removeAccess" | "acceptAccessRecommendation" | "unknownFutureValue"; export type AllowedTargetScope = | "notSpecified" | "specificDirectoryUsers" | "specificConnectedOrganizationUsers" | "specificDirectoryServicePrincipals" | "allMemberUsers" | "allDirectoryUsers" | "allDirectoryServicePrincipals" | "allConfiguredConnectedOrganizationUsers" | "allExternalUsers" | "unknownFutureValue"; export type CustomExtensionCalloutInstanceStatus = | "calloutSent" | "callbackReceived" | "calloutFailed" | "callbackTimedOut" | "waitingForCallback" | "unknownFutureValue"; export type ExpirationPatternType = "notSpecified" | "noExpiration" | "afterDateTime" | "afterDuration"; export type ConnectedOrganizationState = "configured" | "proposed" | "unknownFutureValue"; export type CertificateStatus = "notProvisioned" | "provisioned"; export type ComplianceStatus = | "unknown" | "notApplicable" | "compliant" | "remediated" | "nonCompliant" | "error" | "conflict" | "notAssigned"; export type InstallIntent = "available" | "required" | "uninstall" | "availableWithoutEnrollment"; export type ManagedAppAvailability = "global" | "lineOfBusiness"; export type MdmAppConfigKeyType = "stringType" | "integerType" | "realType" | "booleanType" | "tokenType"; export type MicrosoftEdgeChannel = "dev" | "beta" | "stable" | "unknownFutureValue"; export type MicrosoftStoreForBusinessLicenseType = "offline" | "online"; export type MobileAppContentFileUploadState = | "success" | "transientError" | "error" | "unknown" | "azureStorageUriRequestSuccess" | "azureStorageUriRequestPending" | "azureStorageUriRequestFailed" | "azureStorageUriRequestTimedOut" | "azureStorageUriRenewalSuccess" | "azureStorageUriRenewalPending" | "azureStorageUriRenewalFailed" | "azureStorageUriRenewalTimedOut" | "commitFileSuccess" | "commitFilePending" | "commitFileFailed" | "commitFileTimedOut"; export type MobileAppPublishingState = "notPublished" | "processing" | "published"; export type RunAsAccountType = "system" | "user"; export type VppTokenAccountType = "business" | "education"; export type Win32LobAppDeliveryOptimizationPriority = "notConfigured" | "foreground"; export type Win32LobAppFileSystemOperationType = | "notConfigured" | "exists" | "modifiedDate" | "createdDate" | "version" | "sizeInMB"; export type Win32LobAppMsiPackageType = "perMachine" | "perUser" | "dualPurpose"; export type Win32LobAppNotification = "showAll" | "showReboot" | "hideAll"; export type Win32LobAppPowerShellScriptRuleOperationType = | "notConfigured" | "string" | "dateTime" | "integer" | "float" | "version" | "boolean"; export type Win32LobAppRegistryRuleOperationType = | "notConfigured" | "exists" | "doesNotExist" | "string" | "integer" | "version"; export type Win32LobAppRestartBehavior = "basedOnReturnCode" | "allow" | "suppress" | "force"; export type Win32LobAppReturnCodeType = "failed" | "success" | "softReboot" | "hardReboot" | "retry"; export type Win32LobAppRuleOperator = | "notConfigured" | "equal" | "notEqual" | "greaterThan" | "greaterThanOrEqual" | "lessThan" | "lessThanOrEqual"; export type Win32LobAppRuleType = "detection" | "requirement"; export type WindowsArchitecture = "none" | "x86" | "x64" | "arm" | "neutral"; export type WindowsDeviceType = "none" | "desktop" | "mobile" | "holographic" | "team" | "unknownFutureValue"; export type InstallState = "notApplicable" | "installed" | "failed" | "notInstalled" | "uninstallFailed" | "unknown"; export type AndroidRequiredPasswordType = | "deviceDefault" | "alphabetic" | "alphanumeric" | "alphanumericWithSymbols" | "lowSecurityBiometric" | "numeric" | "numericComplex" | "any"; export type AndroidWorkProfileCrossProfileDataSharingType = | "deviceDefault" | "preventAny" | "allowPersonalToWork" | "noRestrictions"; export type AndroidWorkProfileDefaultAppPermissionPolicyType = "deviceDefault" | "prompt" | "autoGrant" | "autoDeny"; export type AndroidWorkProfileRequiredPasswordType = | "deviceDefault" | "lowSecurityBiometric" | "required" | "atLeastNumeric" | "numericComplex" | "atLeastAlphabetic" | "atLeastAlphanumeric" | "alphanumericWithSymbols"; export type ApplicationGuardBlockClipboardSharingType = | "notConfigured" | "blockBoth" | "blockHostToContainer" | "blockContainerToHost" | "blockNone"; export type ApplicationGuardBlockFileTransferType = | "notConfigured" | "blockImageAndTextFile" | "blockImageFile" | "blockNone" | "blockTextFile"; export type AppListType = "none" | "appsInListCompliant" | "appsNotInListCompliant"; export type AppLockerApplicationControlType = | "notConfigured" | "enforceComponentsAndStoreApps" | "auditComponentsAndStoreApps" | "enforceComponentsStoreAppsAndSmartlocker" | "auditComponentsStoreAppsAndSmartlocker"; export type AutomaticUpdateMode = | "userDefined" | "notifyDownload" | "autoInstallAtMaintenanceTime" | "autoInstallAndRebootAtMaintenanceTime" | "autoInstallAndRebootAtScheduledTime" | "autoInstallAndRebootWithoutEndUserControl"; export type AutoRestartNotificationDismissalMethod = "notConfigured" | "automatic" | "user" | "unknownFutureValue"; export type BitLockerEncryptionMethod = "aesCbc128" | "aesCbc256" | "xtsAes128" | "xtsAes256"; export type DefenderCloudBlockLevelType = "notConfigured" | "high" | "highPlus" | "zeroTolerance"; export type DefenderMonitorFileActivity = | "userDefined" | "disable" | "monitorAllFiles" | "monitorIncomingFilesOnly" | "monitorOutgoingFilesOnly"; export type DefenderPromptForSampleSubmission = | "userDefined" | "alwaysPrompt" | "promptBeforeSendingPersonalData" | "neverSendData" | "sendAllDataWithoutPrompting"; export type DefenderScanType = "userDefined" | "disabled" | "quick" | "full"; export type DefenderThreatAction = | "deviceDefault" | "clean" | "quarantine" | "remove" | "allow" | "userDefined" | "block"; export type DeviceComplianceActionType = | "noAction" | "notification" | "block" | "retire" | "wipe" | "removeResourceAccessProfiles" | "pushNotification"; export type DeviceThreatProtectionLevel = "unavailable" | "secured" | "low" | "medium" | "high" | "notSet"; export type DiagnosticDataSubmissionMode = "userDefined" | "none" | "basic" | "enhanced" | "full"; export type EdgeCookiePolicy = "userDefined" | "allow" | "blockThirdParty" | "blockAll"; export type EdgeSearchEngineType = "default" | "bing"; export type EditionUpgradeLicenseType = "productKey" | "licenseFile"; export type Enablement = "notConfigured" | "enabled" | "disabled"; export type FirewallCertificateRevocationListCheckMethodType = "deviceDefault" | "none" | "attempt" | "require"; export type FirewallPacketQueueingMethodType = | "deviceDefault" | "disabled" | "queueInbound" | "queueOutbound" | "queueBoth"; export type FirewallPreSharedKeyEncodingMethodType = "deviceDefault" | "none" | "utF8"; export type InternetSiteSecurityLevel = "userDefined" | "medium" | "mediumHigh" | "high"; export type IosNotificationAlertType = "deviceDefault" | "banner" | "modal" | "none"; export type IosUpdatesInstallStatus = | "deviceOsHigherThanDesiredOsVersion" | "sharedDeviceUserLoggedInError" | "notSupportedOperation" | "installFailed" | "installPhoneCallInProgress" | "installInsufficientPower" | "installInsufficientSpace" | "installing" | "downloadInsufficientNetwork" | "downloadInsufficientPower" | "downloadInsufficientSpace" | "downloadRequiresComputer" | "downloadFailed" | "downloading" | "success" | "available" | "idle" | "unknown"; export type MiracastChannel = | "userDefined" | "one" | "two" | "three" | "four" | "five" | "six" | "seven" | "eight" | "nine" | "ten" | "eleven" | "thirtySix" | "forty" | "fortyFour" | "fortyEight" | "oneHundredFortyNine" | "oneHundredFiftyThree" | "oneHundredFiftySeven" | "oneHundredSixtyOne" | "oneHundredSixtyFive"; export type PolicyPlatformType = | "android" | "androidForWork" | "iOS" | "macOS" | "windowsPhone81" | "windows81AndLater" | "windows10AndLater" | "all"; export type PrereleaseFeatures = "userDefined" | "settingsOnly" | "settingsAndExperimentations" | "notAllowed"; export type RatingAppsType = "allAllowed" | "allBlocked" | "agesAbove4" | "agesAbove9" | "agesAbove12" | "agesAbove17"; export type RatingAustraliaMoviesType = | "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "mature" | "agesAbove15" | "agesAbove18"; export type RatingAustraliaTelevisionType = | "allAllowed" | "allBlocked" | "preschoolers" | "children" | "general" | "parentalGuidance" | "mature" | "agesAbove15" | "agesAbove15AdultViolence"; export type RatingCanadaMoviesType = | "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "agesAbove14" | "agesAbove18" | "restricted"; export type RatingCanadaTelevisionType = | "allAllowed" | "allBlocked" | "children" | "childrenAbove8" | "general" | "parentalGuidance" | "agesAbove14" | "agesAbove18"; export type RatingFranceMoviesType = | "allAllowed" | "allBlocked" | "agesAbove10" | "agesAbove12" | "agesAbove16" | "agesAbove18"; export type RatingFranceTelevisionType = | "allAllowed" | "allBlocked" | "agesAbove10" | "agesAbove12" | "agesAbove16" | "agesAbove18"; export type RatingGermanyMoviesType = | "allAllowed" | "allBlocked" | "general" | "agesAbove6" | "agesAbove12" | "agesAbove16" | "adults"; export type RatingGermanyTelevisionType = | "allAllowed" | "allBlocked" | "general" | "agesAbove6" | "agesAbove12" | "agesAbove16" | "adults"; export type RatingIrelandMoviesType = | "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "agesAbove12" | "agesAbove15" | "agesAbove16" | "adults"; export type RatingIrelandTelevisionType = | "allAllowed" | "allBlocked" | "general" | "children" | "youngAdults" | "parentalSupervision" | "mature"; export type RatingJapanMoviesType = | "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "agesAbove15" | "agesAbove18"; export type RatingJapanTelevisionType = "allAllowed" | "allBlocked" | "explicitAllowed"; export type RatingNewZealandMoviesType = | "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "mature" | "agesAbove13" | "agesAbove15" | "agesAbove16" | "agesAbove18" | "restricted" | "agesAbove16Restricted"; export type RatingNewZealandTelevisionType = "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "adults"; export type RatingUnitedKingdomMoviesType = | "allAllowed" | "allBlocked" | "general" | "universalChildren" | "parentalGuidance" | "agesAbove12Video" | "agesAbove12Cinema" | "agesAbove15" | "adults"; export type RatingUnitedKingdomTelevisionType = "allAllowed" | "allBlocked" | "caution"; export type RatingUnitedStatesMoviesType = | "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "parentalGuidance13" | "restricted" | "adults"; export type RatingUnitedStatesTelevisionType = | "allAllowed" | "allBlocked" | "childrenAll" | "childrenAbove7" | "general" | "parentalGuidance" | "childrenAbove14" | "adults"; export type RequiredPasswordType = "deviceDefault" | "alphanumeric" | "numeric"; export type SafeSearchFilterType = "userDefined" | "strict" | "moderate"; export type SettingSourceType = "deviceConfiguration" | "deviceIntent"; export type SharedPCAccountDeletionPolicyType = | "immediate" | "diskSpaceThreshold" | "diskSpaceThresholdOrInactiveThreshold"; export type SharedPCAllowedAccountType = "guest" | "domain"; export type SiteSecurityLevel = "userDefined" | "low" | "mediumLow" | "medium" | "mediumHigh" | "high"; export type StateManagementSetting = "notConfigured" | "blocked" | "allowed"; export type VisibilitySetting = "notConfigured" | "hide" | "show"; export type WebBrowserCookieSettings = | "browserDefault" | "blockAlways" | "allowCurrentWebSite" | "allowFromWebsitesVisited" | "allowAlways"; export type WeeklySchedule = | "userDefined" | "everyday" | "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday"; export type WelcomeScreenMeetingInformation = | "userDefined" | "showOrganizerAndTimeOnly" | "showOrganizerAndTimeAndSubject"; export type Windows10EditionType = | "windows10Enterprise" | "windows10EnterpriseN" | "windows10Education" | "windows10EducationN" | "windows10MobileEnterprise" | "windows10HolographicEnterprise" | "windows10Professional" | "windows10ProfessionalN" | "windows10ProfessionalEducation" | "windows10ProfessionalEducationN" | "windows10ProfessionalWorkstation" | "windows10ProfessionalWorkstationN"; export type WindowsDeliveryOptimizationMode = | "userDefined" | "httpOnly" | "httpWithPeeringNat" | "httpWithPeeringPrivateGroup" | "httpWithInternetPeering" | "simpleDownload" | "bypassMode"; export type WindowsSpotlightEnablementSettings = "notConfigured" | "disabled" | "enabled"; export type WindowsStartMenuAppListVisibilityType = "userDefined" | "collapse" | "remove" | "disableSettingsApp"; export type WindowsStartMenuModeType = "userDefined" | "fullScreen" | "nonFullScreen"; export type WindowsUpdateForBusinessUpdateWeeks = | "userDefined" | "firstWeek" | "secondWeek" | "thirdWeek" | "fourthWeek" | "everyWeek" | "unknownFutureValue"; export type WindowsUpdateNotificationDisplayOption = | "notConfigured" | "defaultNotifications" | "restartWarningsOnly" | "disableAllNotifications" | "unknownFutureValue"; export type WindowsUpdateType = | "userDefined" | "all" | "businessReadyOnly" | "windowsInsiderBuildFast" | "windowsInsiderBuildSlow" | "windowsInsiderBuildRelease"; export type WindowsUserAccountControlSettings = | "userDefined" | "alwaysNotify" | "notifyOnAppChanges" | "notifyOnAppChangesWithoutDimming" | "neverNotify"; export type DeviceManagementExchangeConnectorStatus = | "none" | "connectionPending" | "connected" | "disconnected" | "unknownFutureValue"; export type DeviceManagementExchangeConnectorSyncType = "fullSync" | "deltaSync"; export type DeviceManagementExchangeConnectorType = | "onPremises" | "hosted" | "serviceToService" | "dedicated" | "unknownFutureValue"; export type DeviceManagementPartnerAppType = "unknown" | "singleTenantApp" | "multiTenantApp"; export type DeviceManagementPartnerTenantState = | "unknown" | "unavailable" | "enabled" | "terminated" | "rejected" | "unresponsive"; export type MdmAuthority = "unknown" | "intune" | "sccm" | "office365"; export type MobileThreatPartnerTenantState = "unavailable" | "available" | "enabled" | "unresponsive"; export type VppTokenState = "unknown" | "valid" | "expired" | "invalid" | "assignedToExternalMDM"; export type VppTokenSyncStatus = "none" | "inProgress" | "completed" | "failed"; export type WindowsHelloForBusinessPinUsage = "allowed" | "required" | "disallowed"; export type ActionState = "none" | "pending" | "canceled" | "active" | "done" | "failed" | "notSupported"; export type AppLogDecryptionAlgorithm = "aes256" | "unknownFutureValue"; export type AppLogUploadState = "pending" | "completed" | "failed" | "unknownFutureValue"; export type ComplianceState = | "unknown" | "compliant" | "noncompliant" | "conflict" | "error" | "inGracePeriod" | "configManager"; export type DetectedAppPlatformType = | "unknown" | "windows" | "windowsMobile" | "windowsHolographic" | "ios" | "macOS" | "chromeOS" | "androidOSP" | "androidDeviceAdministrator" | "androidWorkProfile" | "androidDedicatedAndFullyManaged" | "unknownFutureValue"; export type DeviceEnrollmentType = | "unknown" | "userEnrollment" | "deviceEnrollmentManager" | "appleBulkWithUser" | "appleBulkWithoutUser" | "windowsAzureADJoin" | "windowsBulkUserless" | "windowsAutoEnrollment" | "windowsBulkAzureDomainJoin" | "windowsCoManagement" | "windowsAzureADJoinUsingDeviceAuth" | "appleUserEnrollment" | "appleUserEnrollmentWithServiceAccount"; export type DeviceLogCollectionTemplateType = "predefined" | "unknownFutureValue"; export type DeviceManagementExchangeAccessState = "none" | "unknown" | "allowed" | "blocked" | "quarantined"; export type DeviceManagementExchangeAccessStateReason = | "none" | "unknown" | "exchangeGlobalRule" | "exchangeIndividualRule" | "exchangeDeviceRule" | "exchangeUpgrade" | "exchangeMailboxPolicy" | "other" | "compliant" | "notCompliant" | "notEnrolled" | "unknownLocation" | "mfaRequired" | "azureADBlockDueToAccessPolicy" | "compromisedPassword" | "deviceNotKnownWithManagedApp"; export type DeviceManagementSubscriptionState = | "pending" | "active" | "warning" | "disabled" | "deleted" | "blocked" | "lockedOut"; export type DeviceRegistrationState = | "notRegistered" | "registered" | "revoked" | "keyConflict" | "approvalPending" | "certificateReset" | "notRegisteredPendingEnrollment" | "unknown"; export type DiskType = "unknown" | "hdd" | "ssd" | "unknownFutureValue"; export type ManagedDeviceOwnerType = "unknown" | "company" | "personal"; export type ManagedDevicePartnerReportedHealthState = | "unknown" | "activated" | "deactivated" | "secured" | "lowSeverity" | "mediumSeverity" | "highSeverity" | "unresponsive" | "compromised" | "misconfigured"; export type ManagementAgentType = | "eas" | "mdm" | "easMdm" | "intuneClient" | "easIntuneClient" | "configurationManagerClient" | "configurationManagerClientMdm" | "configurationManagerClientMdmEas" | "unknown" | "jamf" | "googleCloudDevicePolicyController" | "microsoft365ManagedMdm" | "msSense"; export type ObliterationBehavior = | "default" | "doNotObliterate" | "obliterateWithWarning" | "always" | "unknownFutureValue"; export type OperatingSystemUpgradeEligibility = "upgraded" | "unknown" | "notCapable" | "capable" | "unknownFutureValue"; export type UserExperienceAnalyticsHealthState = | "unknown" | "insufficientData" | "needsAttention" | "meetingGoals" | "unknownFutureValue"; export type UserExperienceAnalyticsInsightSeverity = | "none" | "informational" | "warning" | "error" | "unknownFutureValue"; export type UserExperienceAnalyticsOperatingSystemRestartCategory = | "unknown" | "restartWithUpdate" | "restartWithoutUpdate" | "blueScreen" | "shutdownWithUpdate" | "shutdownWithoutUpdate" | "longPowerButtonPress" | "bootError" | "update" | "unknownFutureValue"; export type UserExperienceAnalyticsSummarizedBy = | "none" | "model" | "allRegressions" | "modelRegression" | "manufacturerRegression" | "operatingSystemVersionRegression" | "unknownFutureValue"; export type WindowsDefenderProductStatus = | "noStatus" | "serviceNotRunning" | "serviceStartedWithoutMalwareProtection" | "pendingFullScanDueToThreatAction" | "pendingRebootDueToThreatAction" | "pendingManualStepsDueToThreatAction" | "avSignaturesOutOfDate" | "asSignaturesOutOfDate" | "noQuickScanHappenedForSpecifiedPeriod" | "noFullScanHappenedForSpecifiedPeriod" | "systemInitiatedScanInProgress" | "systemInitiatedCleanInProgress" | "samplesPendingSubmission" | "productRunningInEvaluationMode" | "productRunningInNonGenuineMode" | "productExpired" | "offlineScanRequired" | "serviceShutdownAsPartOfSystemShutdown" | "threatRemediationFailedCritically" | "threatRemediationFailedNonCritically" | "noStatusFlagsSet" | "platformOutOfDate" | "platformUpdateInProgress" | "platformAboutToBeOutdated" | "signatureOrPlatformEndOfLifeIsPastOrIsImpending" | "windowsSModeSignaturesInUseOnNonWin10SInstall"; export type WindowsDeviceHealthState = | "clean" | "fullScanPending" | "rebootPending" | "manualStepsPending" | "offlineScanPending" | "critical"; export type WindowsMalwareCategory = | "invalid" | "adware" | "spyware" | "passwordStealer" | "trojanDownloader" | "worm" | "backdoor" | "remoteAccessTrojan" | "trojan" | "emailFlooder" | "keylogger" | "dialer" | "monitoringSoftware" | "browserModifier" | "cookie" | "browserPlugin" | "aolExploit" | "nuker" | "securityDisabler" | "jokeProgram" | "hostileActiveXControl" | "softwareBundler" | "stealthNotifier" | "settingsModifier" | "toolBar" | "remoteControlSoftware" | "trojanFtp" | "potentialUnwantedSoftware" | "icqExploit" | "trojanTelnet" | "exploit" | "filesharingProgram" | "malwareCreationTool" | "remote_Control_Software" | "tool" | "trojanDenialOfService" | "trojanDropper" | "trojanMassMailer" | "trojanMonitoringSoftware" | "trojanProxyServer" | "virus" | "known" | "unknown" | "spp" | "behavior" | "vulnerability" | "policy" | "enterpriseUnwantedSoftware" | "ransom" | "hipsRule"; export type WindowsMalwareExecutionState = "unknown" | "blocked" | "allowed" | "running" | "notRunning"; export type WindowsMalwareSeverity = "unknown" | "low" | "moderate" | "high" | "severe"; export type WindowsMalwareState = | "unknown" | "detected" | "cleaned" | "quarantined" | "removed" | "allowed" | "blocked" | "cleanFailed" | "quarantineFailed" | "removeFailed" | "allowFailed" | "abandoned" | "blockFailed"; export type WindowsMalwareThreatState = | "active" | "actionFailed" | "manualStepsRequired" | "fullScanRequired" | "rebootRequired" | "remediatedWithNonCriticalFailures" | "quarantined" | "removed" | "cleaned" | "allowed" | "noStatusCleared"; export type EnrollmentState = "unknown" | "enrolled" | "pendingReset" | "failed" | "notContacted"; export type ImportedWindowsAutopilotDeviceIdentityImportStatus = | "unknown" | "pending" | "partial" | "complete" | "error"; export type ImportedWindowsAutopilotDeviceIdentityUploadStatus = "noUpload" | "pending" | "complete" | "error"; export type ManagedAppClipboardSharingLevel = "allApps" | "managedAppsWithPasteIn" | "managedApps" | "blocked"; export type ManagedAppDataEncryptionType = | "useDeviceSettings" | "afterDeviceRestart" | "whenDeviceLockedExceptOpenFiles" | "whenDeviceLocked"; export type ManagedAppDataStorageLocation = "oneDriveForBusiness" | "sharePoint" | "box" | "localStorage"; export type ManagedAppDataTransferLevel = "allApps" | "managedApps" | "none"; export type ManagedAppFlaggedReason = "none" | "rootedDevice"; export type ManagedAppPinCharacterSet = "numeric" | "alphanumericAndSymbol"; export type ManagedBrowserType = "notConfigured" | "microsoftEdge"; export type TargetedManagedAppGroupType = "selectedPublicApps" | "allCoreMicrosoftApps" | "allMicrosoftApps" | "allApps"; export type WindowsInformationProtectionEnforcementLevel = | "noProtection" | "encryptAndAuditOnly" | "encryptAuditAndPrompt" | "encryptAuditAndBlock"; export type WindowsInformationProtectionPinCharacterRequirements = "notAllow" | "requireAtLeastOne" | "allow"; export type NotificationTemplateBrandingOptions = | "none" | "includeCompanyLogo" | "includeCompanyName" | "includeContactInformation" | "includeCompanyPortalLink" | "includeDeviceDetails" | "unknownFutureValue"; export type RemoteAssistanceOnboardingStatus = "notOnboarded" | "onboarding" | "onboarded"; export type DeviceManagementExportJobLocalizationType = "localizedValuesAsAdditionalColumn" | "replaceLocalizableValues"; export type DeviceManagementReportFileFormat = "csv" | "pdf" | "json" | "unknownFutureValue"; export type DeviceManagementReportStatus = "unknown" | "notStarted" | "inProgress" | "completed" | "failed"; export type DeviceEnrollmentFailureReason = | "unknown" | "authentication" | "authorization" | "accountValidation" | "userValidation" | "deviceNotSupported" | "inMaintenance" | "badRequest" | "featureNotSupported" | "enrollmentRestrictionsEnforced" | "clientDisconnected" | "userAbandonment"; export type ApplicationType = "universal" | "desktop"; export type PostType = "regular" | "quick" | "strategic" | "unknownFutureValue"; export type ServiceHealthClassificationType = "advisory" | "incident" | "unknownFutureValue"; export type ServiceHealthOrigin = "microsoft" | "thirdParty" | "customer" | "unknownFutureValue"; export type ServiceHealthStatus = | "serviceOperational" | "investigating" | "restoringService" | "verifyingService" | "serviceRestored" | "postIncidentReviewPublished" | "serviceDegradation" | "serviceInterruption" | "extendedRecovery" | "falsePositive" | "investigationSuspended" | "resolved" | "mitigatedExternal" | "mitigated" | "resolvedExternal" | "confirmed" | "reported" | "unknownFutureValue"; export type ServiceUpdateCategory = "preventOrFixIssue" | "planForChange" | "stayInformed" | "unknownFutureValue"; export type ServiceUpdateSeverity = "normal" | "high" | "critical" | "unknownFutureValue"; export type BucketAggregationSortProperty = "count" | "keyAsString" | "keyAsNumber" | "unknownFutureValue"; export type EntityType = | "event" | "message" | "driveItem" | "externalItem" | "site" | "list" | "listItem" | "drive" | "unknownFutureValue" | "acronym" | "bookmark" | "chatMessage" | "person"; export type SearchAlterationType = "suggestion" | "modification" | "unknownFutureValue"; export type SearchContent = "sharedContent" | "privateContent" | "unknownFutureValue"; export type PlannerContainerType = "group" | "unknownFutureValue" | "roster"; export type PlannerPreviewType = "automatic" | "noPreview" | "checklist" | "description" | "reference"; export type OnenotePatchActionType = "Replace" | "Append" | "Delete" | "Insert" | "Prepend"; export type OnenotePatchInsertPosition = "After" | "Before"; export type OnenoteSourceService = "Unknown" | "OneDrive" | "OneDriveForBusiness" | "OnPremOneDriveForBusiness"; export type OnenoteUserRole = "None" | "Owner" | "Contributor" | "Reader"; export type OperationStatus = "NotStarted" | "Running" | "Completed" | "Failed"; export type DelegatedAdminAccessAssignmentStatus = | "pending" | "active" | "deleting" | "deleted" | "error" | "unknownFutureValue"; export type DelegatedAdminAccessContainerType = "securityGroup" | "unknownFutureValue"; export type DelegatedAdminRelationshipOperationType = "delegatedAdminAccessAssignmentUpdate" | "unknownFutureValue"; export type DelegatedAdminRelationshipRequestAction = | "lockForApproval" | "approve" | "terminate" | "unknownFutureValue" | "reject"; export type DelegatedAdminRelationshipRequestStatus = | "created" | "pending" | "succeeded" | "failed" | "unknownFutureValue"; export type DelegatedAdminRelationshipStatus = | "activating" | "active" | "approvalPending" | "approved" | "created" | "expired" | "expiring" | "terminated" | "terminating" | "terminationRequested" | "unknownFutureValue"; export type AssignmentScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type AssignmentScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type AssignmentScheduleRequestFilterByCurrentUserOptions = | "principal" | "createdBy" | "approver" | "unknownFutureValue"; export type EligibilityScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type EligibilityScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type EligibilityScheduleRequestFilterByCurrentUserOptions = | "principal" | "createdBy" | "approver" | "unknownFutureValue"; export type PrivilegedAccessGroupAssignmentType = "assigned" | "activated" | "unknownFutureValue"; export type PrivilegedAccessGroupMemberType = "direct" | "group" | "unknownFutureValue"; export type PrivilegedAccessGroupRelationships = "owner" | "member" | "unknownFutureValue"; export type RoleAssignmentScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type RoleAssignmentScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type RoleAssignmentScheduleRequestFilterByCurrentUserOptions = | "principal" | "createdBy" | "approver" | "unknownFutureValue"; export type RoleEligibilityScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type RoleEligibilityScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; export type RoleEligibilityScheduleRequestFilterByCurrentUserOptions = | "principal" | "createdBy" | "approver" | "unknownFutureValue"; export type ScheduleRequestActions = | "adminAssign" | "adminUpdate" | "adminRemove" | "selfActivate" | "selfDeactivate" | "adminExtend" | "adminRenew" | "selfExtend" | "selfRenew" | "unknownFutureValue"; export type UnifiedRoleManagementPolicyRuleTargetOperations = | "all" | "activate" | "deactivate" | "assign" | "update" | "remove" | "extend" | "renew" | "unknownFutureValue"; export type UnifiedRoleScheduleRequestActions = | "adminAssign" | "adminUpdate" | "adminRemove" | "selfActivate" | "selfDeactivate" | "adminExtend" | "adminRenew" | "selfExtend" | "selfRenew" | "unknownFutureValue"; export type PrintColorMode = "blackAndWhite" | "grayscale" | "color" | "auto" | "unknownFutureValue"; export type PrintDuplexMode = "flipOnLongEdge" | "flipOnShortEdge" | "oneSided" | "unknownFutureValue"; export type PrinterFeedOrientation = "longEdgeFirst" | "shortEdgeFirst" | "unknownFutureValue"; export type PrinterProcessingState = "unknown" | "idle" | "processing" | "stopped" | "unknownFutureValue"; export type PrinterProcessingStateDetail = | "paused" | "mediaJam" | "mediaNeeded" | "mediaLow" | "mediaEmpty" | "coverOpen" | "interlockOpen" | "outputTrayMissing" | "outputAreaFull" | "markerSupplyLow" | "markerSupplyEmpty" | "inputTrayMissing" | "outputAreaAlmostFull" | "markerWasteAlmostFull" | "markerWasteFull" | "fuserOverTemp" | "fuserUnderTemp" | "other" | "none" | "movingToPaused" | "shutdown" | "connectingToDevice" | "timedOut" | "stopping" | "stoppedPartially" | "tonerLow" | "tonerEmpty" | "spoolAreaFull" | "doorOpen" | "opticalPhotoConductorNearEndOfLife" | "opticalPhotoConductorLifeOver" | "developerLow" | "developerEmpty" | "interpreterResourceUnavailable" | "unknownFutureValue" | "alertRemovalOfBinaryChangeEntry" | "banderAdded" | "banderAlmostEmpty" | "banderAlmostFull" | "banderAtLimit" | "banderClosed" | "banderConfigurationChange" | "banderCoverClosed" | "banderCoverOpen" | "banderEmpty" | "banderFull" | "banderInterlockClosed" | "banderInterlockOpen" | "banderJam" | "banderLifeAlmostOver" | "banderLifeOver" | "banderMemoryExhausted" | "banderMissing" | "banderMotorFailure" | "banderNearLimit" | "banderOffline" | "banderOpened" | "banderOverTemperature" | "banderPowerSaver" | "banderRecoverableFailure" | "banderRecoverableStorage" | "banderRemoved" | "banderResourceAdded" | "banderResourceRemoved" | "banderThermistorFailure" | "banderTimingFailure" | "banderTurnedOff" | "banderTurnedOn" | "banderUnderTemperature" | "banderUnrecoverableFailure" | "banderUnrecoverableStorageError" | "banderWarmingUp" | "binderAdded" | "binderAlmostEmpty" | "binderAlmostFull" | "binderAtLimit" | "binderClosed" | "binderConfigurationChange" | "binderCoverClosed" | "binderCoverOpen" | "binderEmpty" | "binderFull" | "binderInterlockClosed" | "binderInterlockOpen" | "binderJam" | "binderLifeAlmostOver" | "binderLifeOver" | "binderMemoryExhausted" | "binderMissing" | "binderMotorFailure" | "binderNearLimit" | "binderOffline" | "binderOpened" | "binderOverTemperature" | "binderPowerSaver" | "binderRecoverableFailure" | "binderRecoverableStorage" | "binderRemoved" | "binderResourceAdded" | "binderResourceRemoved" | "binderThermistorFailure" | "binderTimingFailure" | "binderTurnedOff" | "binderTurnedOn" | "binderUnderTemperature" | "binderUnrecoverableFailure" | "binderUnrecoverableStorageError" | "binderWarmingUp" | "cameraFailure" | "chamberCooling" | "chamberFailure" | "chamberHeating" | "chamberTemperatureHigh" | "chamberTemperatureLow" | "cleanerLifeAlmostOver" | "cleanerLifeOver" | "configurationChange" | "deactivated" | "deleted" | "dieCutterAdded" | "dieCutterAlmostEmpty" | "dieCutterAlmostFull" | "dieCutterAtLimit" | "dieCutterClosed" | "dieCutterConfigurationChange" | "dieCutterCoverClosed" | "dieCutterCoverOpen" | "dieCutterEmpty" | "dieCutterFull" | "dieCutterInterlockClosed" | "dieCutterInterlockOpen" | "dieCutterJam" | "dieCutterLifeAlmostOver" | "dieCutterLifeOver" | "dieCutterMemoryExhausted" | "dieCutterMissing" | "dieCutterMotorFailure" | "dieCutterNearLimit" | "dieCutterOffline" | "dieCutterOpened" | "dieCutterOverTemperature" | "dieCutterPowerSaver" | "dieCutterRecoverableFailure" | "dieCutterRecoverableStorage" | "dieCutterRemoved" | "dieCutterResourceAdded" | "dieCutterResourceRemoved" | "dieCutterThermistorFailure" | "dieCutterTimingFailure" | "dieCutterTurnedOff" | "dieCutterTurnedOn" | "dieCutterUnderTemperature" | "dieCutterUnrecoverableFailure" | "dieCutterUnrecoverableStorageError" | "dieCutterWarmingUp" | "extruderCooling" | "extruderFailure" | "extruderHeating" | "extruderJam" | "extruderTemperatureHigh" | "extruderTemperatureLow" | "fanFailure" | "faxModemLifeAlmostOver" | "faxModemLifeOver" | "faxModemMissing" | "faxModemTurnedOff" | "faxModemTurnedOn" | "folderAdded" | "folderAlmostEmpty" | "folderAlmostFull" | "folderAtLimit" | "folderClosed" | "folderConfigurationChange" | "folderCoverClosed" | "folderCoverOpen" | "folderEmpty" | "folderFull" | "folderInterlockClosed" | "folderInterlockOpen" | "folderJam" | "folderLifeAlmostOver" | "folderLifeOver" | "folderMemoryExhausted" | "folderMissing" | "folderMotorFailure" | "folderNearLimit" | "folderOffline" | "folderOpened" | "folderOverTemperature" | "folderPowerSaver" | "folderRecoverableFailure" | "folderRecoverableStorage" | "folderRemoved" | "folderResourceAdded" | "folderResourceRemoved" | "folderThermistorFailure" | "folderTimingFailure" | "folderTurnedOff" | "folderTurnedOn" | "folderUnderTemperature" | "folderUnrecoverableFailure" | "folderUnrecoverableStorageError" | "folderWarmingUp" | "hibernate" | "holdNewJobs" | "identifyPrinterRequested" | "imprinterAdded" | "imprinterAlmostEmpty" | "imprinterAlmostFull" | "imprinterAtLimit" | "imprinterClosed" | "imprinterConfigurationChange" | "imprinterCoverClosed" | "imprinterCoverOpen" | "imprinterEmpty" | "imprinterFull" | "imprinterInterlockClosed" | "imprinterInterlockOpen" | "imprinterJam" | "imprinterLifeAlmostOver" | "imprinterLifeOver" | "imprinterMemoryExhausted" | "imprinterMissing" | "imprinterMotorFailure" | "imprinterNearLimit" | "imprinterOffline" | "imprinterOpened" | "imprinterOverTemperature" | "imprinterPowerSaver" | "imprinterRecoverableFailure" | "imprinterRecoverableStorage" | "imprinterRemoved" | "imprinterResourceAdded" | "imprinterResourceRemoved" | "imprinterThermistorFailure" | "imprinterTimingFailure" | "imprinterTurnedOff" | "imprinterTurnedOn" | "imprinterUnderTemperature" | "imprinterUnrecoverableFailure" | "imprinterUnrecoverableStorageError" | "imprinterWarmingUp" | "inputCannotFeedSizeSelected" | "inputManualInputRequest" | "inputMediaColorChange" | "inputMediaFormPartsChange" | "inputMediaSizeChange" | "inputMediaTrayFailure" | "inputMediaTrayFeedError" | "inputMediaTrayJam" | "inputMediaTypeChange" | "inputMediaWeightChange" | "inputPickRollerFailure" | "inputPickRollerLifeOver" | "inputPickRollerLifeWarn" | "inputPickRollerMissing" | "inputTrayElevationFailure" | "inputTrayPositionFailure" | "inserterAdded" | "inserterAlmostEmpty" | "inserterAlmostFull" | "inserterAtLimit" | "inserterClosed" | "inserterConfigurationChange" | "inserterCoverClosed" | "inserterCoverOpen" | "inserterEmpty" | "inserterFull" | "inserterInterlockClosed" | "inserterInterlockOpen" | "inserterJam" | "inserterLifeAlmostOver" | "inserterLifeOver" | "inserterMemoryExhausted" | "inserterMissing" | "inserterMotorFailure" | "inserterNearLimit" | "inserterOffline" | "inserterOpened" | "inserterOverTemperature" | "inserterPowerSaver" | "inserterRecoverableFailure" | "inserterRecoverableStorage" | "inserterRemoved" | "inserterResourceAdded" | "inserterResourceRemoved" | "inserterThermistorFailure" | "inserterTimingFailure" | "inserterTurnedOff" | "inserterTurnedOn" | "inserterUnderTemperature" | "inserterUnrecoverableFailure" | "inserterUnrecoverableStorageError" | "inserterWarmingUp" | "interlockClosed" | "interpreterCartridgeAdded" | "interpreterCartridgeDeleted" | "interpreterComplexPageEncountered" | "interpreterMemoryDecrease" | "interpreterMemoryIncrease" | "interpreterResourceAdded" | "interpreterResourceDeleted" | "lampAtEol" | "lampFailure" | "lampNearEol" | "laserAtEol" | "laserFailure" | "laserNearEol" | "makeEnvelopeAdded" | "makeEnvelopeAlmostEmpty" | "makeEnvelopeAlmostFull" | "makeEnvelopeAtLimit" | "makeEnvelopeClosed" | "makeEnvelopeConfigurationChange" | "makeEnvelopeCoverClosed" | "makeEnvelopeCoverOpen" | "makeEnvelopeEmpty" | "makeEnvelopeFull" | "makeEnvelopeInterlockClosed" | "makeEnvelopeInterlockOpen" | "makeEnvelopeJam" | "makeEnvelopeLifeAlmostOver" | "makeEnvelopeLifeOver" | "makeEnvelopeMemoryExhausted" | "makeEnvelopeMissing" | "makeEnvelopeMotorFailure" | "makeEnvelopeNearLimit" | "makeEnvelopeOffline" | "makeEnvelopeOpened" | "makeEnvelopeOverTemperature" | "makeEnvelopePowerSaver" | "makeEnvelopeRecoverableFailure" | "makeEnvelopeRecoverableStorage" | "makeEnvelopeRemoved" | "makeEnvelopeResourceAdded" | "makeEnvelopeResourceRemoved" | "makeEnvelopeThermistorFailure" | "makeEnvelopeTimingFailure" | "makeEnvelopeTurnedOff" | "makeEnvelopeTurnedOn" | "makeEnvelopeUnderTemperature" | "makeEnvelopeUnrecoverableFailure" | "makeEnvelopeUnrecoverableStorageError" | "makeEnvelopeWarmingUp" | "markerAdjustingPrintQuality" | "markerCleanerMissing" | "markerDeveloperAlmostEmpty" | "markerDeveloperEmpty" | "markerDeveloperMissing" | "markerFuserMissing" | "markerFuserThermistorFailure" | "markerFuserTimingFailure" | "markerInkAlmostEmpty" | "markerInkEmpty" | "markerInkMissing" | "markerOpcMissing" | "markerPrintRibbonAlmostEmpty" | "markerPrintRibbonEmpty" | "markerPrintRibbonMissing" | "markerSupplyAlmostEmpty" | "markerSupplyMissing" | "markerTonerCartridgeMissing" | "markerTonerMissing" | "markerWasteInkReceptacleAlmostFull" | "markerWasteInkReceptacleFull" | "markerWasteInkReceptacleMissing" | "markerWasteMissing" | "markerWasteTonerReceptacleAlmostFull" | "markerWasteTonerReceptacleFull" | "markerWasteTonerReceptacleMissing" | "materialEmpty" | "materialLow" | "materialNeeded" | "mediaDrying" | "mediaPathCannotDuplexMediaSelected" | "mediaPathFailure" | "mediaPathInputEmpty" | "mediaPathInputFeedError" | "mediaPathInputJam" | "mediaPathInputRequest" | "mediaPathJam" | "mediaPathMediaTrayAlmostFull" | "mediaPathMediaTrayFull" | "mediaPathMediaTrayMissing" | "mediaPathOutputFeedError" | "mediaPathOutputFull" | "mediaPathOutputJam" | "mediaPathPickRollerFailure" | "mediaPathPickRollerLifeOver" | "mediaPathPickRollerLifeWarn" | "mediaPathPickRollerMissing" | "motorFailure" | "outputMailboxSelectFailure" | "outputMediaTrayFailure" | "outputMediaTrayFeedError" | "outputMediaTrayJam" | "perforaterAdded" | "perforaterAlmostEmpty" | "perforaterAlmostFull" | "perforaterAtLimit" | "perforaterClosed" | "perforaterConfigurationChange" | "perforaterCoverClosed" | "perforaterCoverOpen" | "perforaterEmpty" | "perforaterFull" | "perforaterInterlockClosed" | "perforaterInterlockOpen" | "perforaterJam" | "perforaterLifeAlmostOver" | "perforaterLifeOver" | "perforaterMemoryExhausted" | "perforaterMissing" | "perforaterMotorFailure" | "perforaterNearLimit" | "perforaterOffline" | "perforaterOpened" | "perforaterOverTemperature" | "perforaterPowerSaver" | "perforaterRecoverableFailure" | "perforaterRecoverableStorage" | "perforaterRemoved" | "perforaterResourceAdded" | "perforaterResourceRemoved" | "perforaterThermistorFailure" | "perforaterTimingFailure" | "perforaterTurnedOff" | "perforaterTurnedOn" | "perforaterUnderTemperature" | "perforaterUnrecoverableFailure" | "perforaterUnrecoverableStorageError" | "perforaterWarmingUp" | "platformCooling" | "platformFailure" | "platformHeating" | "platformTemperatureHigh" | "platformTemperatureLow" | "powerDown" | "powerUp" | "printerManualReset" | "printerNmsReset" | "printerReadyToPrint" | "puncherAdded" | "puncherAlmostEmpty" | "puncherAlmostFull" | "puncherAtLimit" | "puncherClosed" | "puncherConfigurationChange" | "puncherCoverClosed" | "puncherCoverOpen" | "puncherEmpty" | "puncherFull" | "puncherInterlockClosed" | "puncherInterlockOpen" | "puncherJam" | "puncherLifeAlmostOver" | "puncherLifeOver" | "puncherMemoryExhausted" | "puncherMissing" | "puncherMotorFailure" | "puncherNearLimit" | "puncherOffline" | "puncherOpened" | "puncherOverTemperature" | "puncherPowerSaver" | "puncherRecoverableFailure" | "puncherRecoverableStorage" | "puncherRemoved" | "puncherResourceAdded" | "puncherResourceRemoved" | "puncherThermistorFailure" | "puncherTimingFailure" | "puncherTurnedOff" | "puncherTurnedOn" | "puncherUnderTemperature" | "puncherUnrecoverableFailure" | "puncherUnrecoverableStorageError" | "puncherWarmingUp" | "resuming" | "scanMediaPathFailure" | "scanMediaPathInputEmpty" | "scanMediaPathInputFeedError" | "scanMediaPathInputJam" | "scanMediaPathInputRequest" | "scanMediaPathJam" | "scanMediaPathOutputFeedError" | "scanMediaPathOutputFull" | "scanMediaPathOutputJam" | "scanMediaPathPickRollerFailure" | "scanMediaPathPickRollerLifeOver" | "scanMediaPathPickRollerLifeWarn" | "scanMediaPathPickRollerMissing" | "scanMediaPathTrayAlmostFull" | "scanMediaPathTrayFull" | "scanMediaPathTrayMissing" | "scannerLightFailure" | "scannerLightLifeAlmostOver" | "scannerLightLifeOver" | "scannerLightMissing" | "scannerSensorFailure" | "scannerSensorLifeAlmostOver" | "scannerSensorLifeOver" | "scannerSensorMissing" | "separationCutterAdded" | "separationCutterAlmostEmpty" | "separationCutterAlmostFull" | "separationCutterAtLimit" | "separationCutterClosed" | "separationCutterConfigurationChange" | "separationCutterCoverClosed" | "separationCutterCoverOpen" | "separationCutterEmpty" | "separationCutterFull" | "separationCutterInterlockClosed" | "separationCutterInterlockOpen" | "separationCutterJam" | "separationCutterLifeAlmostOver" | "separationCutterLifeOver" | "separationCutterMemoryExhausted" | "separationCutterMissing" | "separationCutterMotorFailure" | "separationCutterNearLimit" | "separationCutterOffline" | "separationCutterOpened" | "separationCutterOverTemperature" | "separationCutterPowerSaver" | "separationCutterRecoverableFailure" | "separationCutterRecoverableStorage" | "separationCutterRemoved" | "separationCutterResourceAdded" | "separationCutterResourceRemoved" | "separationCutterThermistorFailure" | "separationCutterTimingFailure" | "separationCutterTurnedOff" | "separationCutterTurnedOn" | "separationCutterUnderTemperature" | "separationCutterUnrecoverableFailure" | "separationCutterUnrecoverableStorageError" | "separationCutterWarmingUp" | "sheetRotatorAdded" | "sheetRotatorAlmostEmpty" | "sheetRotatorAlmostFull" | "sheetRotatorAtLimit" | "sheetRotatorClosed" | "sheetRotatorConfigurationChange" | "sheetRotatorCoverClosed" | "sheetRotatorCoverOpen" | "sheetRotatorEmpty" | "sheetRotatorFull" | "sheetRotatorInterlockClosed" | "sheetRotatorInterlockOpen" | "sheetRotatorJam" | "sheetRotatorLifeAlmostOver" | "sheetRotatorLifeOver" | "sheetRotatorMemoryExhausted" | "sheetRotatorMissing" | "sheetRotatorMotorFailure" | "sheetRotatorNearLimit" | "sheetRotatorOffline" | "sheetRotatorOpened" | "sheetRotatorOverTemperature" | "sheetRotatorPowerSaver" | "sheetRotatorRecoverableFailure" | "sheetRotatorRecoverableStorage" | "sheetRotatorRemoved" | "sheetRotatorResourceAdded" | "sheetRotatorResourceRemoved" | "sheetRotatorThermistorFailure" | "sheetRotatorTimingFailure" | "sheetRotatorTurnedOff" | "sheetRotatorTurnedOn" | "sheetRotatorUnderTemperature" | "sheetRotatorUnrecoverableFailure" | "sheetRotatorUnrecoverableStorageError" | "sheetRotatorWarmingUp" | "slitterAdded" | "slitterAlmostEmpty" | "slitterAlmostFull" | "slitterAtLimit" | "slitterClosed" | "slitterConfigurationChange" | "slitterCoverClosed" | "slitterCoverOpen" | "slitterEmpty" | "slitterFull" | "slitterInterlockClosed" | "slitterInterlockOpen" | "slitterJam" | "slitterLifeAlmostOver" | "slitterLifeOver" | "slitterMemoryExhausted" | "slitterMissing" | "slitterMotorFailure" | "slitterNearLimit" | "slitterOffline" | "slitterOpened" | "slitterOverTemperature" | "slitterPowerSaver" | "slitterRecoverableFailure" | "slitterRecoverableStorage" | "slitterRemoved" | "slitterResourceAdded" | "slitterResourceRemoved" | "slitterThermistorFailure" | "slitterTimingFailure" | "slitterTurnedOff" | "slitterTurnedOn" | "slitterUnderTemperature" | "slitterUnrecoverableFailure" | "slitterUnrecoverableStorageError" | "slitterWarmingUp" | "stackerAdded" | "stackerAlmostEmpty" | "stackerAlmostFull" | "stackerAtLimit" | "stackerClosed" | "stackerConfigurationChange" | "stackerCoverClosed" | "stackerCoverOpen" | "stackerEmpty" | "stackerFull" | "stackerInterlockClosed" | "stackerInterlockOpen" | "stackerJam" | "stackerLifeAlmostOver" | "stackerLifeOver" | "stackerMemoryExhausted" | "stackerMissing" | "stackerMotorFailure" | "stackerNearLimit" | "stackerOffline" | "stackerOpened" | "stackerOverTemperature" | "stackerPowerSaver" | "stackerRecoverableFailure" | "stackerRecoverableStorage" | "stackerRemoved" | "stackerResourceAdded" | "stackerResourceRemoved" | "stackerThermistorFailure" | "stackerTimingFailure" | "stackerTurnedOff" | "stackerTurnedOn" | "stackerUnderTemperature" | "stackerUnrecoverableFailure" | "stackerUnrecoverableStorageError" | "stackerWarmingUp" | "standby" | "staplerAdded" | "staplerAlmostEmpty" | "staplerAlmostFull" | "staplerAtLimit" | "staplerClosed" | "staplerConfigurationChange" | "staplerCoverClosed" | "staplerCoverOpen" | "staplerEmpty" | "staplerFull" | "staplerInterlockClosed" | "staplerInterlockOpen" | "staplerJam" | "staplerLifeAlmostOver" | "staplerLifeOver" | "staplerMemoryExhausted" | "staplerMissing" | "staplerMotorFailure" | "staplerNearLimit" | "staplerOffline" | "staplerOpened" | "staplerOverTemperature" | "staplerPowerSaver" | "staplerRecoverableFailure" | "staplerRecoverableStorage" | "staplerRemoved" | "staplerResourceAdded" | "staplerResourceRemoved" | "staplerThermistorFailure" | "staplerTimingFailure" | "staplerTurnedOff" | "staplerTurnedOn" | "staplerUnderTemperature" | "staplerUnrecoverableFailure" | "staplerUnrecoverableStorageError" | "staplerWarmingUp" | "stitcherAdded" | "stitcherAlmostEmpty" | "stitcherAlmostFull" | "stitcherAtLimit" | "stitcherClosed" | "stitcherConfigurationChange" | "stitcherCoverClosed" | "stitcherCoverOpen" | "stitcherEmpty" | "stitcherFull" | "stitcherInterlockClosed" | "stitcherInterlockOpen" | "stitcherJam" | "stitcherLifeAlmostOver" | "stitcherLifeOver" | "stitcherMemoryExhausted" | "stitcherMissing" | "stitcherMotorFailure" | "stitcherNearLimit" | "stitcherOffline" | "stitcherOpened" | "stitcherOverTemperature" | "stitcherPowerSaver" | "stitcherRecoverableFailure" | "stitcherRecoverableStorage" | "stitcherRemoved" | "stitcherResourceAdded" | "stitcherResourceRemoved" | "stitcherThermistorFailure" | "stitcherTimingFailure" | "stitcherTurnedOff" | "stitcherTurnedOn" | "stitcherUnderTemperature" | "stitcherUnrecoverableFailure" | "stitcherUnrecoverableStorageError" | "stitcherWarmingUp" | "subunitAdded" | "subunitAlmostEmpty" | "subunitAlmostFull" | "subunitAtLimit" | "subunitClosed" | "subunitCoolingDown" | "subunitEmpty" | "subunitFull" | "subunitLifeAlmostOver" | "subunitLifeOver" | "subunitMemoryExhausted" | "subunitMissing" | "subunitMotorFailure" | "subunitNearLimit" | "subunitOffline" | "subunitOpened" | "subunitOverTemperature" | "subunitPowerSaver" | "subunitRecoverableFailure" | "subunitRecoverableStorage" | "subunitRemoved" | "subunitResourceAdded" | "subunitResourceRemoved" | "subunitThermistorFailure" | "subunitTimingFailure" | "subunitTurnedOff" | "subunitTurnedOn" | "subunitUnderTemperature" | "subunitUnrecoverableFailure" | "subunitUnrecoverableStorage" | "subunitWarmingUp" | "suspend" | "testing" | "trimmerAdded" | "trimmerAlmostEmpty" | "trimmerAlmostFull" | "trimmerAtLimit" | "trimmerClosed" | "trimmerConfigurationChange" | "trimmerCoverClosed" | "trimmerCoverOpen" | "trimmerEmpty" | "trimmerFull" | "trimmerInterlockClosed" | "trimmerInterlockOpen" | "trimmerJam" | "trimmerLifeAlmostOver" | "trimmerLifeOver" | "trimmerMemoryExhausted" | "trimmerMissing" | "trimmerMotorFailure" | "trimmerNearLimit" | "trimmerOffline" | "trimmerOpened" | "trimmerOverTemperature" | "trimmerPowerSaver" | "trimmerRecoverableFailure" | "trimmerRecoverableStorage" | "trimmerRemoved" | "trimmerResourceAdded" | "trimmerResourceRemoved" | "trimmerThermistorFailure" | "trimmerTimingFailure" | "trimmerTurnedOff" | "trimmerTurnedOn" | "trimmerUnderTemperature" | "trimmerUnrecoverableFailure" | "trimmerUnrecoverableStorageError" | "trimmerWarmingUp" | "unknown" | "wrapperAdded" | "wrapperAlmostEmpty" | "wrapperAlmostFull" | "wrapperAtLimit" | "wrapperClosed" | "wrapperConfigurationChange" | "wrapperCoverClosed" | "wrapperCoverOpen" | "wrapperEmpty" | "wrapperFull" | "wrapperInterlockClosed" | "wrapperInterlockOpen" | "wrapperJam" | "wrapperLifeAlmostOver" | "wrapperLifeOver" | "wrapperMemoryExhausted" | "wrapperMissing" | "wrapperMotorFailure" | "wrapperNearLimit" | "wrapperOffline" | "wrapperOpened" | "wrapperOverTemperature" | "wrapperPowerSaver" | "wrapperRecoverableFailure" | "wrapperRecoverableStorage" | "wrapperRemoved" | "wrapperResourceAdded" | "wrapperResourceRemoved" | "wrapperThermistorFailure" | "wrapperTimingFailure" | "wrapperTurnedOff" | "wrapperTurnedOn" | "wrapperUnderTemperature" | "wrapperUnrecoverableFailure" | "wrapperUnrecoverableStorageError" | "wrapperWarmingUp"; export type PrintEvent = "jobStarted" | "unknownFutureValue"; export type PrintFinishing = | "none" | "staple" | "punch" | "cover" | "bind" | "saddleStitch" | "stitchEdge" | "stapleTopLeft" | "stapleBottomLeft" | "stapleTopRight" | "stapleBottomRight" | "stitchLeftEdge" | "stitchTopEdge" | "stitchRightEdge" | "stitchBottomEdge" | "stapleDualLeft" | "stapleDualTop" | "stapleDualRight" | "stapleDualBottom" | "unknownFutureValue"; export type PrintJobProcessingState = | "unknown" | "pending" | "processing" | "paused" | "stopped" | "completed" | "canceled" | "aborted" | "unknownFutureValue"; export type PrintJobStateDetail = | "uploadPending" | "transforming" | "completedSuccessfully" | "completedWithWarnings" | "completedWithErrors" | "releaseWait" | "interpreting" | "unknownFutureValue"; export type PrintMultipageLayout = | "clockwiseFromTopLeft" | "counterclockwiseFromTopLeft" | "counterclockwiseFromTopRight" | "clockwiseFromTopRight" | "counterclockwiseFromBottomLeft" | "clockwiseFromBottomLeft" | "counterclockwiseFromBottomRight" | "clockwiseFromBottomRight" | "unknownFutureValue"; export type PrintOperationProcessingState = "notStarted" | "running" | "succeeded" | "failed" | "unknownFutureValue"; export type PrintOrientation = "portrait" | "landscape" | "reverseLandscape" | "reversePortrait" | "unknownFutureValue"; export type PrintQuality = "low" | "medium" | "high" | "unknownFutureValue"; export type PrintScaling = "auto" | "shrinkToFit" | "fill" | "fit" | "none" | "unknownFutureValue"; export type PrintTaskProcessingState = "pending" | "processing" | "completed" | "aborted" | "unknownFutureValue"; export type Status = "active" | "updated" | "deleted" | "ignored" | "unknownFutureValue"; export type DataPolicyOperationStatus = "notStarted" | "running" | "complete" | "failed" | "unknownFutureValue"; export type AccountTargetContentType = "unknown" | "includeAll" | "addressBook" | "unknownFutureValue"; export type AttackSimulationOperationType = "createSimualation" | "updateSimulation" | "unknownFutureValue"; export type CoachmarkLocationType = | "unknown" | "fromEmail" | "subject" | "externalTag" | "displayName" | "messageBody" | "unknownFutureValue"; export type EndUserNotificationPreference = "unknown" | "microsoft" | "custom" | "unknownFutureValue"; export type EndUserNotificationSettingType = | "unknown" | "noTraining" | "trainingSelected" | "noNotification" | "unknownFutureValue"; export type EndUserNotificationType = | "unknown" | "positiveReinforcement" | "noTraining" | "trainingAssignment" | "trainingReminder" | "unknownFutureValue"; export type NotificationDeliveryFrequency = "unknown" | "weekly" | "biWeekly" | "unknownFutureValue"; export type NotificationDeliveryPreference = | "unknown" | "deliverImmedietly" | "deliverAfterCampaignEnd" | "unknownFutureValue"; export type OAuthAppScope = | "unknown" | "readCalendar" | "readContact" | "readMail" | "readAllChat" | "readAllFile" | "readAndWriteMail" | "sendMail" | "unknownFutureValue"; export type PayloadBrand = | "unknown" | "other" | "americanExpress" | "capitalOne" | "dhl" | "docuSign" | "dropbox" | "facebook" | "firstAmerican" | "microsoft" | "netflix" | "scotiabank" | "sendGrid" | "stewartTitle" | "tesco" | "wellsFargo" | "syrinxCloud" | "adobe" | "teams" | "zoom" | "unknownFutureValue"; export type PayloadComplexity = "unknown" | "low" | "medium" | "high" | "unknownFutureValue"; export type PayloadDeliveryPlatform = "unknown" | "sms" | "email" | "teams" | "unknownFutureValue"; export type PayloadIndustry = | "unknown" | "other" | "banking" | "businessServices" | "consumerServices" | "education" | "energy" | "construction" | "consulting" | "financialServices" | "government" | "hospitality" | "insurance" | "legal" | "courierServices" | "IT" | "healthcare" | "manufacturing" | "retail" | "telecom" | "realEstate" | "unknownFutureValue"; export type PayloadTheme = | "unknown" | "other" | "accountActivation" | "accountVerification" | "billing" | "cleanUpMail" | "controversial" | "documentReceived" | "expense" | "fax" | "financeReport" | "incomingMessages" | "invoice" | "itemReceived" | "loginAlert" | "mailReceived" | "password" | "payment" | "payroll" | "personalizedOffer" | "quarantine" | "remoteWork" | "reviewMessage" | "securityUpdate" | "serviceSuspended" | "signatureRequired" | "upgradeMailboxStorage" | "verifyMailbox" | "voicemail" | "advertisement" | "employeeEngagement" | "unknownFutureValue"; export type SimulationAttackTechnique = | "unknown" | "credentialHarvesting" | "attachmentMalware" | "driveByUrl" | "linkInAttachment" | "linkToMalwareFile" | "unknownFutureValue"; export type SimulationAttackType = "unknown" | "social" | "cloud" | "endpoint" | "unknownFutureValue"; export type SimulationAutomationRunStatus = | "unknown" | "running" | "succeeded" | "failed" | "skipped" | "unknownFutureValue"; export type SimulationAutomationStatus = | "unknown" | "draft" | "notRunning" | "running" | "completed" | "unknownFutureValue"; export type SimulationContentSource = "unknown" | "global" | "tenant" | "unknownFutureValue"; export type SimulationContentStatus = "unknown" | "draft" | "ready" | "archive" | "delete" | "unknownFutureValue"; export type SimulationStatus = | "unknown" | "draft" | "running" | "scheduled" | "succeeded" | "failed" | "cancelled" | "excluded" | "unknownFutureValue"; export type TargettedUserType = "unknown" | "clicked" | "compromised" | "allUsers" | "unknownFutureValue"; export type TrainingAssignedTo = | "none" | "allUsers" | "clickedPayload" | "compromised" | "reportedPhish" | "readButNotClicked" | "didNothing" | "unknownFutureValue"; export type TrainingAvailabilityStatus = | "unknown" | "notAvailable" | "available" | "archive" | "delete" | "unknownFutureValue"; export type TrainingCompletionDuration = "week" | "fortnite" | "month" | "unknownFutureValue"; export type TrainingSettingType = | "microsoftCustom" | "microsoftManaged" | "noTraining" | "custom" | "unknownFutureValue"; export type TrainingStatus = "unknown" | "assigned" | "inProgress" | "completed" | "overdue" | "unknownFutureValue"; export type TrainingType = "unknown" | "phishing" | "unknownFutureValue"; export type AlertFeedback = "unknown" | "truePositive" | "falsePositive" | "benignPositive" | "unknownFutureValue"; export type AlertSeverity = "unknown" | "informational" | "low" | "medium" | "high" | "unknownFutureValue"; export type AlertStatus = "unknown" | "newAlert" | "inProgress" | "resolved" | "dismissed" | "unknownFutureValue"; export type ConnectionDirection = "unknown" | "inbound" | "outbound" | "unknownFutureValue"; export type ConnectionStatus = "unknown" | "attempted" | "succeeded" | "blocked" | "failed" | "unknownFutureValue"; export type EmailRole = "unknown" | "sender" | "recipient" | "unknownFutureValue"; export type FileHashType = | "unknown" | "sha1" | "sha256" | "md5" | "authenticodeHash256" | "lsHash" | "ctph" | "unknownFutureValue"; export type LogonType = | "unknown" | "interactive" | "remoteInteractive" | "network" | "batch" | "service" | "unknownFutureValue"; export type ProcessIntegrityLevel = | "unknown" | "untrusted" | "low" | "medium" | "high" | "system" | "unknownFutureValue"; export type RegistryHive = | "unknown" | "currentConfig" | "currentUser" | "localMachineSam" | "localMachineSecurity" | "localMachineSoftware" | "localMachineSystem" | "usersDefault" | "unknownFutureValue"; export type RegistryOperation = "unknown" | "create" | "modify" | "delete" | "unknownFutureValue"; export type RegistryValueType = | "unknown" | "binary" | "dword" | "dwordLittleEndian" | "dwordBigEndian" | "expandSz" | "link" | "multiSz" | "none" | "qword" | "qwordlittleEndian" | "sz" | "unknownFutureValue"; export type SecurityNetworkProtocol = | "unknown" | "ip" | "icmp" | "igmp" | "ggp" | "ipv4" | "tcp" | "pup" | "udp" | "idp" | "ipv6" | "ipv6RoutingHeader" | "ipv6FragmentHeader" | "ipSecEncapsulatingSecurityPayload" | "ipSecAuthenticationHeader" | "icmpV6" | "ipv6NoNextHeader" | "ipv6DestinationOptions" | "nd" | "raw" | "ipx" | "spx" | "spxII" | "unknownFutureValue"; export type SecurityResourceType = "unknown" | "attacked" | "related" | "unknownFutureValue"; export type UserAccountSecurityType = "unknown" | "standard" | "power" | "administrator" | "unknownFutureValue"; export type BroadcastMeetingAudience = "roleIsAttendee" | "organization" | "everyone" | "unknownFutureValue"; export type CallDirection = "incoming" | "outgoing"; export type CallState = | "incoming" | "establishing" | "established" | "hold" | "transferring" | "transferAccepted" | "redirecting" | "terminating" | "terminated" | "unknownFutureValue"; export type CallTranscriptionState = "notStarted" | "active" | "inactive" | "unknownFutureValue"; export type ChangeType = "created" | "updated" | "deleted"; export type EndpointType = | "default" | "voicemail" | "skypeForBusiness" | "skypeForBusinessVoipPhone" | "unknownFutureValue"; export type MediaDirection = "inactive" | "sendOnly" | "receiveOnly" | "sendReceive"; export type MediaState = "active" | "inactive" | "unknownFutureValue"; export type MeetingAudience = "everyone" | "organization" | "unknownFutureValue"; export type MeetingChatHistoryDefaultMode = "none" | "all" | "unknownFutureValue"; export type Modality = "audio" | "video" | "videoBasedScreenSharing" | "data" | "unknownFutureValue"; export type OnlineMeetingContentSharingDisabledReason = "watermarkProtection" | "unknownFutureValue"; export type OnlineMeetingRole = "attendee" | "presenter" | "unknownFutureValue" | "producer" | "coorganizer"; export type OnlineMeetingVideoDisabledReason = "watermarkProtection" | "unknownFutureValue"; export type RecordingStatus = "unknown" | "notRecording" | "recording" | "failed" | "unknownFutureValue"; export type RejectReason = "none" | "busy" | "forbidden" | "unknownFutureValue"; export type RoutingMode = "oneToOne" | "multicast" | "unknownFutureValue"; export type RoutingType = "forwarded" | "lookup" | "selfFork" | "unknownFutureValue"; export type ScreenSharingRole = "viewer" | "sharer"; export type Tone = | "tone0" | "tone1" | "tone2" | "tone3" | "tone4" | "tone5" | "tone6" | "tone7" | "tone8" | "tone9" | "star" | "pound" | "a" | "b" | "c" | "d" | "flash"; export type VirtualEventAttendeeRegistrationStatus = | "registered" | "canceled" | "waitlisted" | "pendingApproval" | "rejectedByOrganizer" | "unknownFutureValue"; export type VirtualEventStatus = "draft" | "published" | "canceled" | "unknownFutureValue"; export type AttestationLevel = "attested" | "notAttested" | "unknownFutureValue"; export type AuthenticationMethodKeyStrength = "normal" | "weak" | "unknown"; export type AuthenticationMethodSignInState = | "notSupported" | "notAllowedByPolicy" | "notEnabled" | "phoneNumberNotUnique" | "ready" | "notConfigured" | "unknownFutureValue"; export type AuthenticationPhoneType = "mobile" | "alternateMobile" | "office" | "unknownFutureValue"; export type LifecycleEventType = "missed" | "subscriptionRemoved" | "reauthorizationRequired"; export type BinaryOperator = "or" | "and"; export type CallRecordingStatus = "success" | "failure" | "initial" | "chunkFinished" | "unknownFutureValue"; export type ChannelMembershipType = "standard" | "private" | "unknownFutureValue" | "shared"; export type ChatMessageActions = "reactionAdded" | "reactionRemoved" | "actionUndefined" | "unknownFutureValue"; export type ChatMessageImportance = "normal" | "high" | "urgent" | "unknownFutureValue"; export type ChatMessagePolicyViolationDlpActionTypes = "none" | "notifySender" | "blockAccess" | "blockAccessExternal"; export type ChatMessagePolicyViolationUserActionTypes = "none" | "override" | "reportFalsePositive"; export type ChatMessagePolicyViolationVerdictDetailsTypes = | "none" | "allowFalsePositiveOverride" | "allowOverrideWithoutJustification" | "allowOverrideWithJustification"; export type ChatMessageType = "message" | "chatEvent" | "typing" | "unknownFutureValue" | "systemEventMessage"; export type ChatType = "oneOnOne" | "group" | "meeting" | "unknownFutureValue"; export type ClonableTeamParts = "apps" | "tabs" | "settings" | "channels" | "members"; export type GiphyRatingType = "strict" | "moderate" | "unknownFutureValue"; export type TeamsAppDistributionMethod = "store" | "organization" | "sideloaded" | "unknownFutureValue"; export type TeamsAppPublishingState = "submitted" | "rejected" | "published" | "unknownFutureValue"; export type TeamsAppResourceSpecificPermissionType = "delegated" | "application" | "unknownFutureValue"; export type TeamsAsyncOperationStatus = | "invalid" | "notStarted" | "inProgress" | "succeeded" | "failed" | "unknownFutureValue"; export type TeamsAsyncOperationType = | "invalid" | "cloneTeam" | "archiveTeam" | "unarchiveTeam" | "createTeam" | "unknownFutureValue" | "teamifyGroup" | "createChannel"; export type TeamSpecialization = | "none" | "educationStandard" | "educationClass" | "educationProfessionalLearningCommunity" | "educationStaff" | "healthcareStandard" | "healthcareCareCoordination" | "unknownFutureValue"; export type TeamVisibilityType = "private" | "public" | "hiddenMembership" | "unknownFutureValue"; export type TeamworkActivityTopicSource = "entityUrl" | "text"; export type TeamworkApplicationIdentityType = | "aadApplication" | "bot" | "tenantBot" | "office365Connector" | "outgoingWebhook" | "unknownFutureValue"; export type TeamworkCallEventType = "call" | "meeting" | "screenShare" | "unknownFutureValue"; export type TeamworkConversationIdentityType = "team" | "channel" | "chat" | "unknownFutureValue"; export type TeamworkTagType = "standard" | "unknownFutureValue"; export type TeamworkUserIdentityType = | "aadUser" | "onPremiseAadUser" | "anonymousGuest" | "federatedUser" | "personalMicrosoftAccountUser" | "skypeUser" | "phoneUser" | "unknownFutureValue" | "emailUser"; export type ScheduleChangeRequestActor = "sender" | "recipient" | "manager" | "system" | "unknownFutureValue"; export type ScheduleChangeState = "pending" | "approved" | "declined" | "unknownFutureValue"; export type ScheduleEntityTheme = | "white" | "blue" | "green" | "purple" | "pink" | "yellow" | "gray" | "darkBlue" | "darkGreen" | "darkPurple" | "darkPink" | "darkYellow" | "unknownFutureValue"; export type TimeOffReasonIconType = | "none" | "car" | "calendar" | "running" | "plane" | "firstAid" | "doctor" | "notWorking" | "clock" | "juryDuty" | "globe" | "cup" | "phone" | "weather" | "umbrella" | "piggyBank" | "dog" | "cake" | "trafficCone" | "pin" | "sunny" | "unknownFutureValue"; export type WorkforceIntegrationEncryptionProtocol = "sharedSecret" | "unknownFutureValue"; export type WorkforceIntegrationSupportedEntities = | "none" | "shift" | "swapRequest" | "userShiftPreferences" | "openShift" | "openShiftRequest" | "offerShiftRequest" | "unknownFutureValue"; export type MailDestinationRoutingReason = | "none" | "mailFlowRule" | "safeSender" | "blockedSender" | "advancedSpamFiltering" | "domainAllowList" | "domainBlockList" | "notInAddressBook" | "firstTimeSender" | "autoPurgeToInbox" | "autoPurgeToJunk" | "autoPurgeToDeleted" | "outbound" | "notJunk" | "junk" | "unknownFutureValue"; export type ThreatAssessmentContentType = "mail" | "url" | "file"; export type ThreatAssessmentRequestSource = "undefined" | "user" | "administrator"; export type ThreatAssessmentResultType = "checkPolicy" | "rescan" | "unknownFutureValue"; export type ThreatAssessmentStatus = "pending" | "completed"; export type ThreatCategory = "undefined" | "spam" | "phishing" | "malware" | "unknownFutureValue"; export type ThreatExpectedAssessment = "block" | "unblock"; export type TaskStatus = "notStarted" | "inProgress" | "completed" | "waitingOnOthers" | "deferred"; export type WellknownListName = "none" | "defaultList" | "flaggedEmails" | "unknownFutureValue"; export type AssignmentType = "required" | "recommended" | "unknownFutureValue"; export type CourseStatus = "notStarted" | "inProgress" | "completed" | "unknownFutureValue"; export interface Entity { // The unique identifier for an entity. Read-only. id?: string; } export interface DirectoryObject extends Entity { // Date and time when this object was deleted. Always null when the object hasn't been deleted. deletedDateTime?: NullableOption; } export interface Application extends DirectoryObject { /** * Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications * that can render file streams may set the addIns property for its 'FileHandler' functionality. This will let services * like Office 365 call the application in the context of a document the user is working on. */ addIns?: AddIn[]; // Specifies settings for an application that implements a web API. api?: NullableOption; /** * The unique identifier for the application that is assigned to an application by Microsoft Entra ID. Not nullable. * Read-only. Alternate key. Supports $filter (eq). */ appId?: NullableOption; // Unique identifier of the applicationTemplate. Supports $filter (eq, not, ne). applicationTemplateId?: NullableOption; /** * The collection of roles defined for the application. With app role assignments, these roles can be assigned to users, * groups, or service principals associated with other applications. Not nullable. */ appRoles?: AppRole[]; // Specifies the certification status of the application. certification?: NullableOption; /** * The date and time the application was registered. The DateTimeOffset type represents date and time information using * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. * Supports $filter (eq, ne, not, ge, le, in, and eq on null values) and $orderby. */ createdDateTime?: NullableOption; defaultRedirectUri?: NullableOption; /** * Free text field to provide a description of the application object to end users. The maximum allowed size is 1024 * characters. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. */ description?: NullableOption; /** * Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), * NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons may include suspicious, abusive, or malicious * activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). */ disabledByMicrosoftStatus?: NullableOption; /** * The display name for the application. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), * $search, and $orderby. */ displayName?: NullableOption; /** * Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. To set this * attribute, use one of the following valid string values: None, SecurityGroup (for security groups and Microsoft Entra * roles), All (this gets all of the security groups, distribution groups, and Microsoft Entra directory roles that the * signed-in user is a member of). */ groupMembershipClaims?: NullableOption; /** * Also known as App ID URI, this value is set when an application is used as a resource app. The identifierUris acts as * the prefix for the scopes you'll reference in your API's code, and it must be globally unique. You can use the default * value provided, which is in the form api://<application-client-id>, or specify a more readable URI like * https://contoso.com/api. For more information on valid identifierUris patterns and best practices, see Microsoft Entra * application registration security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). */ identifierUris?: string[]; /** * Basic profile information of the application such as app's marketing, support, terms of service and privacy statement * URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more * info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports $filter (eq, * ne, not, ge, le, and eq on null values). */ info?: NullableOption; // Specifies whether this application supports device authentication without a user. The default is false. isDeviceOnlyAuthSupported?: NullableOption; /** * Specifies the fallback application type as public client, such as an installed application running on a mobile device. * The default value is false which means the fallback application type is confidential client such as a web app. There * are certain scenarios where Microsoft Entra ID cannot determine the client application type. For example, the ROPC flow * where it is configured without specifying a redirect URI. In those cases Microsoft Entra ID interprets the application * type based on the value of this property. */ isFallbackPublicClient?: NullableOption; // The collection of key credentials associated with the application. Not nullable. Supports $filter (eq, not, ge, le). keyCredentials?: KeyCredential[]; // The main logo for the application. Not nullable. logo?: any; // Notes relevant for the management of the application. notes?: NullableOption; oauth2RequirePostResponse?: boolean; /** * Application developers can configure optional claims in their Microsoft Entra applications to specify the claims that * are sent to their application by the Microsoft security token service. For more information, see How to: Provide * optional claims to your app. */ optionalClaims?: NullableOption; // Specifies parental control settings for an application. parentalControlSettings?: NullableOption; // The collection of password credentials associated with the application. Not nullable. passwordCredentials?: PasswordCredential[]; // Specifies settings for installed clients such as desktop or mobile devices. publicClient?: NullableOption; /** * The verified publisher domain for the application. Read-only. For more information, see How to: Configure an * application's publisher domain. Supports $filter (eq, ne, ge, le, startsWith). */ publisherDomain?: NullableOption; // Specifies whether this application requires Microsoft Entra ID to verify the signed authentication requests. requestSignatureVerification?: NullableOption; /** * Specifies the resources that the application needs to access. This property also specifies the set of delegated * permissions and application roles that it needs for each of those resources. This configuration of access to the * required resources drives the consent experience. No more than 50 resource services (APIs) can be configured. Beginning * mid-October 2021, the total number of required permissions must not exceed 400. For more information, see Limits on * requested permissions per app. Not nullable. Supports $filter (eq, not, ge, le). */ requiredResourceAccess?: RequiredResourceAccess[]; /** * The URL where the service exposes SAML metadata for federation. This property is valid only for single-tenant * applications. Nullable. */ samlMetadataUrl?: NullableOption; // References application or service contact information from a Service or Asset Management database. Nullable. serviceManagementReference?: NullableOption; /** * Specifies whether sensitive properties of a multi-tenant application should be locked for editing after the application * is provisioned in a tenant. Nullable. null by default. */ servicePrincipalLockConfiguration?: NullableOption; /** * Specifies the Microsoft accounts that are supported for the current application. The possible values are: AzureADMyOrg, * AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount (default), and PersonalMicrosoftAccount. See more in the table. * The value of this object also limits the number of permissions an app can request. For more information, see Limits on * requested permissions per app. The value for this property has implications on other app object properties. As a * result, if you change this property, you may need to change other properties first. For more information, see * Validation differences for signInAudience.Supports $filter (eq, ne, not). */ signInAudience?: NullableOption; /** * Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and * access tokens. */ spa?: NullableOption; /** * Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here will also * appear in the tags property of any associated service principals.Supports $filter (eq, not, ge, le, startsWith) and * $search. */ tags?: string[]; /** * Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID encrypts * all the tokens it emits by using the key this property points to. The application code that receives the encrypted * token must use the matching private key to decrypt the token before it can be used for the signed-in user. */ tokenEncryptionKeyId?: NullableOption; /** * Specifies the verified publisher of the application. For more information about how publisher verification helps * support application security, trustworthiness, and compliance, see Publisher verification. */ verifiedPublisher?: NullableOption; // Specifies settings for a web application. web?: NullableOption; // The appManagementPolicy applied to this application. appManagementPolicies?: NullableOption; // Supports $filter (/$count eq 0, /$count ne 0). Read-only. createdOnBehalfOf?: NullableOption; // Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0). extensionProperties?: NullableOption; // Federated identities for applications. Supports $expand and $filter (startsWith, /$count eq 0, /$count ne 0). federatedIdentityCredentials?: NullableOption; homeRealmDiscoveryPolicies?: NullableOption; /** * Directory objects that are owners of the application. Read-only. Nullable. Supports $expand, $filter (/$count eq 0, * /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. */ owners?: NullableOption; tokenIssuancePolicies?: NullableOption; tokenLifetimePolicies?: NullableOption; // Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. synchronization?: NullableOption; } export interface PolicyBase extends DirectoryObject { // Description for this policy. Required. description?: NullableOption; // Display name for this policy. Required. displayName?: NullableOption; } export interface AppManagementPolicy extends PolicyBase { // Denotes whether the policy is enabled. isEnabled?: boolean; // Restrictions that apply to an application or service principal object. restrictions?: NullableOption; // Collection of applications and service principals to which the policy is applied. appliesTo?: NullableOption; } export interface ExtensionProperty extends DirectoryObject { // Display name of the application object on which this extension property is defined. Read-only. appDisplayName?: NullableOption; /** * Specifies the data type of the value the extension property can hold. Following values are supported. Not nullable. * Binary - 256 bytes maximumBooleanDateTime - Must be specified in ISO 8601 format. Will be stored in UTC.Integer - * 32-bit value.LargeInteger - 64-bit value.String - 256 characters maximum */ dataType?: string; /** * Defines the directory extension as a multi-valued property. When true, the directory extension property can store a * collection of objects of the dataType; for example, a collection of integers. The default value is false. Supports * $filter (eq). */ isMultiValued?: boolean; /** * Indicates if this extension property was synced from on-premises active directory using Microsoft Entra Connect. * Read-only. */ isSyncedFromOnPremises?: NullableOption; // Name of the extension property. Not nullable. Supports $filter (eq). name?: string; // Following values are supported. Not nullable. UserGroupAdministrativeUnitApplicationDeviceOrganization targetObjects?: string[]; } export interface FederatedIdentityCredential extends Entity { /** * The audience that can appear in the external token. This field is mandatory and should be set to * api://AzureADTokenExchange for Microsoft Entra ID. It says what Microsoft identity platform should accept in the aud * claim in the incoming token. This value represents Microsoft Entra ID in your external identity provider and has no * fixed value across identity providers - you might need to create a new application registration in your identity * provider to serve as the audience of this token. This field can only accept a single value and has a limit of 600 * characters. Required. */ audiences?: string[]; /** * The unvalidated description of the federated identity credential, provided by the user. It has a limit of 600 * characters. Optional. */ description?: NullableOption; /** * The URL of the external identity provider, which must match the issuer claim of the external token being exchanged. The * combination of the values of issuer and subject must be unique within the app. It has a limit of 600 characters. * Required. */ issuer?: string; /** * The unique identifier for the federated identity credential, which has a limit of 120 characters and must be URL * friendly. The string is immutable after it's created. Required. Not nullable. Supports $filter (eq). */ name?: string; /** * Required. The identifier of the external software workload within the external identity provider. Like the audience * value, it has no fixed format; each identity provider uses their own - sometimes a GUID, sometimes a colon delimited * identifier, sometimes arbitrary strings. The value here must match the sub claim within the token presented to * Microsoft Entra ID. The combination of issuer and subject must be unique within the app. It has a limit of 600 * characters. Supports $filter (eq). */ subject?: string; } export interface StsPolicy extends PolicyBase { /** * A string collection containing a JSON string that defines the rules and settings for a policy. The syntax for the * definition differs for each derived policy type. Required. */ definition?: string[]; /** * If set to true, activates this policy. There can be many policies for the same policy type, but only one can be * activated as the organization default. Optional, default value is false. */ isOrganizationDefault?: NullableOption; appliesTo?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface HomeRealmDiscoveryPolicy extends StsPolicy {} // tslint:disable-next-line: no-empty-interface export interface TokenIssuancePolicy extends StsPolicy {} // tslint:disable-next-line: no-empty-interface export interface TokenLifetimePolicy extends StsPolicy {} export interface Synchronization extends Entity { // Represents a collection of credentials to access provisioned cloud applications. secrets?: NullableOption; /** * Performs synchronization by periodically running in the background, polling for changes in one directory, and pushing * them to another directory. */ jobs?: NullableOption; // Preconfigured synchronization settings for a particular application. templates?: NullableOption; } export interface CustomCalloutExtension extends Entity { // Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. authenticationConfiguration?: NullableOption; /** * HTTP connection settings that define how long Microsoft Entra ID can wait for a connection to a logic app, how many * times you can retry a timed-out connection and the exception scenarios when retries are allowed. */ clientConfiguration?: NullableOption; // Description for the customCalloutExtension object. description?: NullableOption; // Display name for the customCalloutExtension object. displayName?: NullableOption; // The type and details for configuring the endpoint to call the logic app's workflow. endpointConfiguration?: NullableOption; } export interface DeletedItemContainer extends Entity { // Deleted workflows that end up in the deletedItemsContainer. workflows?: NullableOption; } // tslint:disable-next-line: interface-name export interface IdentityGovernance { lifecycleWorkflows?: NullableOption; accessReviews?: NullableOption; appConsent?: NullableOption; termsOfUse?: NullableOption; entitlementManagement?: NullableOption; privilegedAccess?: NullableOption; } export interface AccessReviewSet extends Entity { // Represents the template and scheduling for an access review. definitions?: NullableOption; // Represents a collection of access review history data and the scopes used to collect that data. historyDefinitions?: NullableOption; } export interface AppConsentApprovalRoute extends Entity { /** * A collection of appConsentRequest objects representing apps for which admin consent has been requested by one or more * users. */ appConsentRequests?: NullableOption; } export interface TermsOfUseContainer extends Entity { // Represents the current status of a user's response to a company's customizable terms of use agreement. agreementAcceptances?: NullableOption; /** * Represents a tenant's customizable terms of use agreement that's created and managed with Microsoft Entra ID * Governance. */ agreements?: NullableOption; } export interface EntitlementManagement extends Entity { // Approval stages for decisions associated with access package assignment requests. accessPackageAssignmentApprovals?: NullableOption; /** * Access packages define the collection of resource roles and the policies for which subjects can request or be assigned * access to those resources. */ accessPackages?: NullableOption; /** * Access package assignment policies govern which subjects can request or be assigned an access package via an access * package assignment. */ assignmentPolicies?: NullableOption; // Access package assignment requests created by or on behalf of a subject. assignmentRequests?: NullableOption; // The assignment of an access package to a subject for a period of time. assignments?: NullableOption; // A container for access packages. catalogs?: NullableOption; // References to a directory or domain of another organization whose users can request access. connectedOrganizations?: NullableOption; // A reference to the geolocation environments in which a resource is located. resourceEnvironments?: NullableOption; // Represents a request to add or remove a resource to or from a catalog respectively. resourceRequests?: NullableOption; resourceRoleScopes?: NullableOption; // The resources associated with the catalogs. resources?: NullableOption; // The settings that control the behavior of Microsoft Entra entitlement management. settings?: NullableOption; } export interface PrivilegedAccessRoot extends Entity { // A group that's governed through Privileged Identity Management (PIM). group?: NullableOption; } export interface User extends DirectoryObject { /** * Get the last signed-in date and request ID of the sign-in for a given user. Read-only.Returned only on $select. * Supports $filter (eq, ne, not, ge, le) but not with any other filterable properties. Note: Details for this property * require a Microsoft Entra ID P1 or P2 license and the AuditLog.Read.All permission.This property is not returned for a * user who has never signed in or last signed in before April 2020. */ signInActivity?: NullableOption; /** * true if the account is enabled; otherwise, false. This property is required when a user is created. Returned only on * $select. Supports $filter (eq, ne, not, and in). */ accountEnabled?: NullableOption; /** * Sets the age group of the user. Allowed values: null, Minor, NotAdult and Adult. For more information, see legal age * group property definitions. Returned only on $select. Supports $filter (eq, ne, not, and in). */ ageGroup?: NullableOption; /** * The licenses that are assigned to the user, including inherited (group-based) licenses. This property doesn't * differentiate directly assigned and inherited licenses. Use the licenseAssignmentStates property to identify the * directly assigned and inherited licenses. Not nullable. Returned only on $select. Supports $filter (eq, not, /$count eq * 0, /$count ne 0). */ assignedLicenses?: AssignedLicense[]; /** * The plans that are assigned to the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq and * not). */ assignedPlans?: AssignedPlan[]; authorizationInfo?: NullableOption; /** * The telephone numbers for the user. NOTE: Although this is a string collection, only one number can be set for this * property. Read-only for users synced from on-premises directory. Returned by default. Supports $filter (eq, not, ge, * le, startsWith). */ businessPhones?: string[]; /** * The city where the user is located. Maximum length is 128 characters. Returned only on $select. Supports $filter (eq, * ne, not, ge, le, in, startsWith, and eq on null values). */ city?: NullableOption; /** * The name of the company that the user is associated with. This property can be useful for describing the company that * an external user comes from. The maximum length is 64 characters.Returned only on $select. Supports $filter (eq, ne, * not, ge, le, in, startsWith, and eq on null values). */ companyName?: NullableOption; /** * Sets whether consent has been obtained for minors. Allowed values: null, Granted, Denied and NotRequired. Refer to the * legal age group property definitions for further information. Returned only on $select. Supports $filter (eq, ne, not, * and in). */ consentProvidedForMinor?: NullableOption; /** * The country or region where the user is located; for example, US or UK. Maximum length is 128 characters. Returned only * on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ country?: NullableOption; /** * The date and time the user was created, in ISO 8601 format and in UTC time. The value cannot be modified and is * automatically populated when the entity is created. Nullable. For on-premises users, the value represents when they * were first created in Microsoft Entra ID. Property is null for some users created before June 2018 and on-premises * users that were synced to Microsoft Entra ID before June 2018. Read-only. Returned only on $select. Supports $filter * (eq, ne, not , ge, le, in). */ createdDateTime?: NullableOption; /** * Indicates whether the user account was created through one of the following methods: As a regular school or work * account (null). As an external account (Invitation). As a local account for an Azure Active Directory B2C tenant * (LocalAccount). Through self-service sign-up by an internal user using email verification (EmailVerified). Through * self-service sign-up by an external user signing up through a link that is part of a user flow (SelfServiceSignUp). * Read-only.Returned only on $select. Supports $filter (eq, ne, not, in). */ creationType?: NullableOption; /** * An open complex type that holds the value of a custom security attribute that is assigned to a directory object. * Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. */ customSecurityAttributes?: NullableOption; /** * The name for the department in which the user works. Maximum length is 64 characters. Returned only on $select. * Supports $filter (eq, ne, not , ge, le, in, and eq on null values). */ department?: NullableOption; /** * The name displayed in the address book for the user. This is usually the combination of the user's first name, middle * initial and last name. This property is required when a user is created and it cannot be cleared during updates. * Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq * on null values), $orderby, and $search. */ displayName?: NullableOption; /** * The date and time when the user was hired or will start work in case of a future hire. Returned only on $select. * Supports $filter (eq, ne, not , ge, le, in). */ employeeHireDate?: NullableOption; /** * The employee identifier assigned to the user by the organization. The maximum length is 16 characters. Returned only on * $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). */ employeeId?: NullableOption; /** * The date and time when the user left or will leave the organization. To read this property, the calling app must be * assigned the User-LifeCycleInfo.Read.All permission. To write this property, the calling app must be assigned the * User.Read.All and User-LifeCycleInfo.ReadWrite.All permissions. To read this property in delegated scenarios, the admin * needs one of the following Microsoft Entra roles: Lifecycle Workflows Administrator, Global Reader, or Global * Administrator. To write this property in delegated scenarios, the admin needs the Global Administrator role. Supports * $filter (eq, ne, not , ge, le, in). For more information, see Configure the employeeLeaveDateTime property for a user. */ employeeLeaveDateTime?: NullableOption; /** * Represents organization data (for example, division and costCenter) associated with a user. Returned only on $select. * Supports $filter (eq, ne, not , ge, le, in). */ employeeOrgData?: NullableOption; /** * Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. Returned only on $select. * Supports $filter (eq, ne, not , ge, le, in, startsWith). */ employeeType?: NullableOption; /** * For an external user invited to the tenant using the invitation API, this property represents the invited user's * invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. * Returned only on $select. Supports $filter (eq, ne, not , in). */ externalUserState?: NullableOption; /** * Shows the timestamp for the latest change to the externalUserState property. Returned only on $select. Supports $filter * (eq, ne, not , in). */ externalUserStateChangeDateTime?: NullableOption; /** * The fax number of the user. Returned only on $select. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on * null values). */ faxNumber?: NullableOption; /** * The given name (first name) of the user. Maximum length is 64 characters. Returned by default. Supports $filter (eq, * ne, not , ge, le, in, startsWith, and eq on null values). */ givenName?: NullableOption; /** * Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft * (also known as a local account), by organizations, or by social identity providers such as Facebook, Google, and * Microsoft, and tied to a user account. May contain multiple items with the same signInType value. Returned only on * $select. Supports $filter (eq) including on null values, only where the signInType is not userPrincipalName. */ identities?: NullableOption; /** * The instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only. Returned * only on $select. Supports $filter (eq, not, ge, le, startsWith). */ imAddresses?: NullableOption; // Do not use – reserved for future use. isResourceAccount?: NullableOption; /** * The user's job title. Maximum length is 128 characters. Returned by default. Supports $filter (eq, ne, not , ge, le, * in, startsWith, and eq on null values). */ jobTitle?: NullableOption; /** * The time when this Microsoft Entra user last changed their password or when their password was created, whichever date * the latest action was performed. The date and time information uses ISO 8601 format and is always in UTC time. For * example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. */ lastPasswordChangeDateTime?: NullableOption; /** * Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated * based on ageGroup and consentProvidedForMinor properties. Allowed values: null, MinorWithOutParentalConsent, * MinorWithParentalConsent, MinorNoParentalConsentRequired, NotAdult and Adult. Refer to the legal age group property * definitions for further information. Returned only on $select. */ legalAgeGroupClassification?: NullableOption; /** * State of license assignments for this user. Also indicates licenses that are directly assigned or the user has * inherited through group memberships. Read-only. Returned only on $select. */ licenseAssignmentStates?: NullableOption; /** * The SMTP address for the user, for example, jeff@contoso.onmicrosoft.com. Changes to this property will also update the * user's proxyAddresses collection to include the value as an SMTP address. This property can't contain accent * characters. NOTE: We don't recommend updating this property for Azure AD B2C user profiles. Use the otherMails property * instead. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, endsWith, and eq on null values). */ mail?: NullableOption; /** * The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. * Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ mailNickname?: NullableOption; /** * The primary cellular telephone number for the user. Read-only for users synced from on-premises directory. Maximum * length is 64 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null * values) and $search. */ mobilePhone?: NullableOption; /** * The office location in the user's place of business. Returned by default. Supports $filter (eq, ne, not, ge, le, in, * startsWith, and eq on null values). */ officeLocation?: NullableOption; /** * Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers who * are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. Returned * only on $select. */ onPremisesDistinguishedName?: NullableOption; /** * Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. The * property is only populated for customers who are synchronizing their on-premises directory to Microsoft Entra ID via * Microsoft Entra Connect. Read-only. Returned only on $select. */ onPremisesDomainName?: NullableOption; /** * Contains extensionAttributes1-15 for the user. These extension attributes are also known as Exchange custom attributes * 1-15. For an onPremisesSyncEnabled user, the source of authority for this set of properties is the on-premises and is * read-only. For a cloud-only user (where onPremisesSyncEnabled is false), these properties can be set during creation or * update of a user object. For a cloud-only user previously synced from on-premises Active Directory, these properties * are read-only in Microsoft Graph but can be fully managed through the Exchange Admin Center or the Exchange Online V2 * module in PowerShell. Returned only on $select. Supports $filter (eq, ne, not, in). */ onPremisesExtensionAttributes?: NullableOption; /** * This property is used to associate an on-premises Active Directory user account to their Microsoft Entra user object. * This property must be specified when creating a new user account in the Graph if you're using a federated domain for * the user's userPrincipalName (UPN) property. NOTE: The $ and _ characters can't be used when specifying this property. * Returned only on $select. Supports $filter (eq, ne, not, ge, le, in).. */ onPremisesImmutableId?: NullableOption; /** * Indicates the last time at which the object was synced with the on-premises directory; for example: * 2013-02-16T03:04:54Z. The Timestamp type represents date and time information using ISO 8601 format and is always in * UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Returned only on $select. * Supports $filter (eq, ne, not, ge, le, in). */ onPremisesLastSyncDateTime?: NullableOption; /** * Errors when using Microsoft synchronization product during provisioning. Returned only on $select. Supports $filter * (eq, not, ge, le). */ onPremisesProvisioningErrors?: NullableOption; /** * Contains the on-premises samAccountName synchronized from the on-premises directory. The property is only populated for * customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. * Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). */ onPremisesSamAccountName?: NullableOption; /** * Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. * Read-only. Returned only on $select. Supports $filter (eq including on null values). */ onPremisesSecurityIdentifier?: NullableOption; /** * true if this user object is currently being synced from an on-premises Active Directory (AD); otherwise the user isn't * being synced and can be managed in Microsoft Entra ID. Read-only. Returned only on $select. Supports $filter (eq, ne, * not, in, and eq on null values). */ onPremisesSyncEnabled?: NullableOption; /** * Contains the on-premises userPrincipalName synchronized from the on-premises directory. The property is only populated * for customers who are synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. * Read-only. Returned only on $select. Supports $filter (eq, ne, not, ge, le, in, startsWith). */ onPremisesUserPrincipalName?: NullableOption; /** * A list of additional email addresses for the user; for example: ['bob@contoso.com', 'Robert@fabrikam.com']. NOTE: This * property can't contain accent characters. Returned only on $select. Supports $filter (eq, not, ge, le, in, startsWith, * endsWith, /$count eq 0, /$count ne 0). */ otherMails?: string[]; /** * Specifies password policies for the user. This value is an enumeration with one possible value being * DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration * can also be specified. The two may be specified together; for example: DisablePasswordExpiration, * DisableStrongPassword. Returned only on $select. For more information on the default password policies, see Microsoft * Entra password policies. Supports $filter (ne, not, and eq on null values). */ passwordPolicies?: NullableOption; /** * Specifies the password profile for the user. The profile contains the user's password. This property is required when a * user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies * property. By default, a strong password is required. Returned only on $select. Supports $filter (eq, ne, not, in, and * eq on null values). */ passwordProfile?: NullableOption; /** * The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United * States of America, this attribute contains the ZIP code. Maximum length is 40 characters. Returned only on $select. * Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ postalCode?: NullableOption; // The preferred data location for the user. For more information, see OneDrive Online Multi-Geo. preferredDataLocation?: NullableOption; /** * The preferred language for the user. The preferred language format is based on RFC 4646. The name is a combination of * an ISO 639 two-letter lowercase culture code associated with the language, and an ISO 3166 two-letter uppercase * subculture code associated with the country or region. Example: 'en-US', or 'es-ES'. Returned by default. Supports * $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) */ preferredLanguage?: NullableOption; /** * The plans that are provisioned for the user. Read-only. Not nullable. Returned only on $select. Supports $filter (eq, * not, ge, le). */ provisionedPlans?: ProvisionedPlan[]; /** * For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. Changes to the mail property will also update * this collection to include the value as an SMTP address. For more information, see mail and proxyAddresses properties. * The proxy address prefixed with SMTP (capitalized) is the primary proxy address while those prefixed with smtp are the * secondary proxy addresses. For Azure AD B2C accounts, this property has a limit of 10 unique addresses. Read-only in * Microsoft Graph; you can update this property only through the Microsoft 365 admin center. Not nullable. Returned only * on $select. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). */ proxyAddresses?: string[]; /** * Security identifier (SID) of the user, used in Windows scenarios. Read-only. Returned by default. Supports $select and * $filter (eq, not, ge, le, startsWith). */ securityIdentifier?: NullableOption; serviceProvisioningErrors?: NullableOption; /** * Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead. Represents whether * the user should be included in the Outlook global address list. See Known issue. */ showInAddressList?: NullableOption; /** * Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications get an * error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as * Microsoft Graph). If this happens, the application needs to acquire a new refresh token by making a request to the * authorize endpoint. Read-only. Use revokeSignInSessions to reset. Returned only on $select. */ signInSessionsValidFromDateTime?: NullableOption; /** * The state or province in the user's address. Maximum length is 128 characters. Returned only on $select. Supports * $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ state?: NullableOption; /** * The street address of the user's place of business. Maximum length is 1024 characters. Returned only on $select. * Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ streetAddress?: NullableOption; /** * The user's surname (family name or last name). Maximum length is 64 characters. Returned by default. Supports $filter * (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ surname?: NullableOption; /** * A two letter country code (ISO standard 3166). Required for users that are assigned licenses due to legal requirement * to check for availability of services in countries. Examples include: US, JP, and GB. Not nullable. Returned only on * $select. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ usageLocation?: NullableOption; /** * The user principal name (UPN) of the user. The UPN is an Internet-style sign-in name for the user based on the Internet * standard RFC 822. By convention, this should map to the user's email name. The general format is alias@domain, where * domain must be present in the tenant's collection of verified domains. This property is required when a user is * created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization.NOTE: * This property can't contain accent characters. Only the following characters are allowed A - Z, a - z, 0 - 9, ' . - _ ! * # ^ ~. For the complete list of allowed characters, see username policies. Returned by default. Supports $filter (eq, * ne, not, ge, le, in, startsWith, endsWith) and $orderby. */ userPrincipalName?: NullableOption; /** * A string value that can be used to classify user types in your directory, such as Member and Guest. Returned only on * $select. Supports $filter (eq, ne, not, in, and eq on null values). NOTE: For more information about the permissions * for member and guest users, see What are the default user permissions in Microsoft Entra ID? */ userType?: NullableOption; /** * Settings for the primary mailbox of the signed-in user. You can get or update settings for sending automatic replies to * incoming messages, locale and time zone. Returned only on $select. */ mailboxSettings?: NullableOption; // The limit on the maximum number of devices that the user is permitted to enroll. Allowed values are 5 or 1000. deviceEnrollmentLimit?: number; print?: NullableOption; // A freeform text entry field for the user to describe themselves. Returned only on $select. aboutMe?: NullableOption; /** * The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always * in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. */ birthday?: string; /** * The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always * in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. Note: This * property is specific to SharePoint Online. We recommend using the native employeeHireDate property to set and update * hire date values using Microsoft Graph APIs. */ hireDate?: string; // A list for the user to describe their interests. Returned only on $select. interests?: NullableOption; // The URL for the user's personal site. Returned only on $select. mySite?: NullableOption; // A list for the user to enumerate their past projects. Returned only on $select. pastProjects?: NullableOption; // The preferred name for the user. Not Supported. This attribute returns an empty string.Returned only on $select. preferredName?: NullableOption; // A list for the user to enumerate their responsibilities. Returned only on $select. responsibilities?: NullableOption; // A list for the user to enumerate the schools they have attended. Returned only on $select. schools?: NullableOption; // A list for the user to enumerate their skills. Returned only on $select. skills?: NullableOption; // Represents the app roles a user has been granted for an application. Supports $expand. appRoleAssignments?: NullableOption; // Directory objects that the user created. Read-only. Nullable. createdObjects?: NullableOption; /** * The users and contacts that report to the user. (The users and contacts that have their manager property set to this * user.) Read-only. Nullable. Supports $expand. */ directReports?: NullableOption; // A collection of this user's license details. Read-only. licenseDetails?: NullableOption; // The user or contact that is this user's manager. Read-only. (HTTP Methods: GET, PUT, DELETE.). Supports $expand. manager?: NullableOption; // The groups and directory roles that the user is a member of. Read-only. Nullable. Supports $expand. memberOf?: NullableOption; oauth2PermissionGrants?: NullableOption; /** * Devices that are owned by the user. Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0, * /$count eq 1, /$count ne 1). */ ownedDevices?: NullableOption; /** * Directory objects that are owned by the user. Read-only. Nullable. Supports $expand, $select nested in $expand, and * $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). */ ownedObjects?: NullableOption; // Devices that are registered for the user. Read-only. Nullable. Supports $expand and returns up to 100 objects. registeredDevices?: NullableOption; scopedRoleMemberOf?: NullableOption; // The groups, including nested groups, and directory roles that a user is a member of. Nullable. transitiveMemberOf?: NullableOption; // The user's primary calendar. Read-only. calendar?: NullableOption; // The user's calendar groups. Read-only. Nullable. calendarGroups?: NullableOption; // The user's calendars. Read-only. Nullable. calendars?: NullableOption; // The calendar view for the calendar. Read-only. Nullable. calendarView?: NullableOption; // The user's contacts folders. Read-only. Nullable. contactFolders?: NullableOption; // The user's contacts. Read-only. Nullable. contacts?: NullableOption; // The user's events. Default is to show Events under the Default Calendar. Read-only. Nullable. events?: NullableOption; /** * Relevance classification of the user's messages based on explicit designations that override inferred relevance or * importance. */ inferenceClassification?: NullableOption; // The user's mail folders. Read-only. Nullable. mailFolders?: NullableOption; // The messages in a mailbox or folder. Read-only. Nullable. messages?: NullableOption; outlook?: NullableOption; // People that are relevant to the user. Read-only. Nullable. people?: NullableOption; // The user's OneDrive. Read-only. drive?: NullableOption; // A collection of drives available for this user. Read-only. drives?: NullableOption; followedSites?: NullableOption; // The collection of open extensions defined for the user. Read-only. Supports $expand. Nullable. extensions?: NullableOption; // The user's terms of use acceptance statuses. Read-only. Nullable. agreementAcceptances?: NullableOption; // The managed devices associated with the user. managedDevices?: NullableOption; // Zero or more managed app registrations that belong to the user. managedAppRegistrations?: NullableOption; // The list of troubleshooting events for this user. deviceManagementTroubleshootingEvents?: NullableOption; // Entry-point to the Planner resource that might exist for a user. Read-only. planner?: NullableOption; insights?: NullableOption; settings?: NullableOption; onenote?: NullableOption; // The user's profile photo. Read-only. photo?: NullableOption; // The collection of the user's profile photos in different sizes. Read-only. photos?: NullableOption; // The user's activities across devices. Read-only. Nullable. activities?: NullableOption; // Information about a meeting, including the URL used to join a meeting, the attendees' list, and the description. onlineMeetings?: NullableOption; presence?: NullableOption; // The authentication methods that are supported for the user. authentication?: NullableOption; chats?: NullableOption; joinedTeams?: NullableOption; // A container for Microsoft Teams features available for the user. Read-only. Nullable. teamwork?: NullableOption; // Represents the To Do services available to a user. todo?: NullableOption; employeeExperience?: NullableOption; } export interface AppRoleAssignment extends DirectoryObject { /** * The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles * property on the resource application's service principal (resourceId). If the resource application has not declared any * app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal * is assigned to the resource app without any specific app roles. Required on create. */ appRoleId?: string; /** * The time when the app role assignment was created. The Timestamp type represents date and time information using ISO * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ createdDateTime?: NullableOption; /** * The display name of the user, group, or service principal that was granted the app role assignment. Read-only. Supports * $filter (eq and startswith). */ principalDisplayName?: NullableOption; /** * The unique identifier (id) for the user, security group, or service principal being granted the app role. Security * groups with dynamic memberships are supported. Required on create. */ principalId?: NullableOption; // The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only. principalType?: NullableOption; // The display name of the resource app's service principal to which the assignment is made. resourceDisplayName?: NullableOption; /** * The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. * Supports $filter (eq only). */ resourceId?: NullableOption; } export interface LicenseDetails extends Entity { // Information about the service plans assigned with the license. Read-only, Not nullable servicePlans?: ServicePlanInfo[]; /** * Unique identifier (GUID) for the service SKU. Equal to the skuId property on the related SubscribedSku object. * Read-only */ skuId?: NullableOption; /** * Unique SKU display name. Equal to the skuPartNumber on the related SubscribedSku object; for example: 'AAD_Premium'. * Read-only */ skuPartNumber?: NullableOption; } export interface OAuth2PermissionGrant extends Entity { /** * The object id (not appId) of the client service principal for the application which is authorized to act on behalf of a * signed-in user when accessing an API. Required. Supports $filter (eq only). */ clientId?: string; /** * Indicates if authorization is granted for the client application to impersonate all users or only a specific user. * AllPrincipals indicates authorization to impersonate all users. Principal indicates authorization to impersonate a * specific user. Consent on behalf of all users can be granted by an administrator. Non-admin users may be authorized to * consent on behalf of themselves in some cases, for some delegated permissions. Required. Supports $filter (eq only). */ consentType?: NullableOption; /** * The id of the user on behalf of whom the client is authorized to access the resource, when consentType is Principal. If * consentType is AllPrincipals this value is null. Required when consentType is Principal. Supports $filter (eq only). */ principalId?: NullableOption; /** * The id of the resource service principal to which access is authorized. This identifies the API which the client is * authorized to attempt to call on behalf of a signed-in user. Supports $filter (eq only). */ resourceId?: string; /** * A space-separated list of the claim values for delegated permissions which should be included in access tokens for the * resource application (the API). For example, openid User.Read GroupMember.Read.All. Each claim value should match the * value field of one of the delegated permissions defined by the API, listed in the oauth2PermissionScopes property of * the resource service principal. Must not exceed 3850 characters in length. */ scope?: NullableOption; } export interface ScopedRoleMembership extends Entity { // Unique identifier for the administrative unit that the directory role is scoped to administrativeUnitId?: string; // Unique identifier for the directory role that the member is in. roleId?: string; // Role member identity information. Represents the user that is a member of this scoped-role. roleMemberInfo?: Identity; } export interface Calendar extends Entity { /** * Represent the online meeting service providers that can be used to create online meetings in this calendar. Possible * values are: unknown, skypeForBusiness, skypeForConsumer, teamsForBusiness. */ allowedOnlineMeetingProviders?: NullableOption; /** * true if the user can write to the calendar, false otherwise. This property is true for the user who created the * calendar. This property is also true for a user who has been shared a calendar and granted write access. */ canEdit?: NullableOption; /** * true if the user has the permission to share the calendar, false otherwise. Only the user who created the calendar can * share it. */ canShare?: NullableOption; // true if the user can read calendar items that have been marked private, false otherwise. canViewPrivateItems?: NullableOption; /** * Identifies the version of the calendar object. Every time the calendar is changed, changeKey changes as well. This * allows Exchange to apply changes to the correct version of the object. Read-only. */ changeKey?: NullableOption; /** * Specifies the color theme to distinguish the calendar from other calendars in a UI. The property values are: auto, * lightBlue, lightGreen, lightOrange, lightGray, lightYellow, lightTeal, lightPink, lightBrown, lightRed, maxColor. */ color?: NullableOption; /** * The default online meeting provider for meetings sent from this calendar. Possible values are: unknown, * skypeForBusiness, skypeForConsumer, teamsForBusiness. */ defaultOnlineMeetingProvider?: NullableOption; /** * The calendar color, expressed in a hex color code of three hexadecimal values, each ranging from 00 to FF and * representing the red, green, or blue components of the color in the RGB color space. If the user has never explicitly * set a color for the calendar, this property is empty. Read-only. */ hexColor?: NullableOption; // true if this is the default calendar where new events are created by default, false otherwise. isDefaultCalendar?: NullableOption; // Indicates whether this user calendar can be deleted from the user mailbox. isRemovable?: NullableOption; /** * Indicates whether this user calendar supports tracking of meeting responses. Only meeting invites sent from users' * primary calendars support tracking of meeting responses. */ isTallyingResponses?: NullableOption; // The calendar name. name?: NullableOption; /** * If set, this represents the user who created or added the calendar. For a calendar that the user created or added, the * owner property is set to the user. For a calendar shared with the user, the owner property is set to the person who * shared that calendar with the user. */ owner?: NullableOption; // The permissions of the users with whom the calendar is shared. calendarPermissions?: NullableOption; // The calendar view for the calendar. Navigation property. Read-only. calendarView?: NullableOption; // The events in the calendar. Navigation property. Read-only. events?: NullableOption; // The collection of multi-value extended properties defined for the calendar. Read-only. Nullable. multiValueExtendedProperties?: NullableOption; // The collection of single-value extended properties defined for the calendar. Read-only. Nullable. singleValueExtendedProperties?: NullableOption; } export interface CalendarGroup extends Entity { /** * Identifies the version of the calendar group. Every time the calendar group is changed, ChangeKey changes as well. This * allows Exchange to apply changes to the correct version of the object. Read-only. */ changeKey?: NullableOption; // The class identifier. Read-only. classId?: NullableOption; // The group name. name?: NullableOption; // The calendars in the calendar group. Navigation property. Read-only. Nullable. calendars?: NullableOption; } export interface OutlookItem extends Entity { // The categories associated with the item categories?: NullableOption; /** * Identifies the version of the item. Every time the item is changed, changeKey changes as well. This allows Exchange to * apply changes to the correct version of the object. Read-only. */ changeKey?: NullableOption; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ createdDateTime?: NullableOption; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ lastModifiedDateTime?: NullableOption; } export interface Event extends OutlookItem { /** * true if the meeting organizer allows invitees to propose a new time when responding; otherwise, false. Optional. * Default is true. */ allowNewTimeProposals?: NullableOption; // The collection of attendees for the event. attendees?: NullableOption; // The body of the message associated with the event. It can be in HTML or text format. body?: NullableOption; // The preview of the message associated with the event. It is in text format. bodyPreview?: NullableOption; // The date, time, and time zone that the event ends. By default, the end time is in UTC. end?: NullableOption; // Set to true if the event has attachments. hasAttachments?: NullableOption; /** * When set to true, each attendee only sees themselves in the meeting request and meeting Tracking list. Default is * false. */ hideAttendees?: NullableOption; /** * A unique identifier for an event across calendars. This ID is different for each occurrence in a recurring series. * Read-only. */ iCalUId?: NullableOption; importance?: NullableOption; isAllDay?: NullableOption; isCancelled?: NullableOption; isDraft?: NullableOption; isOnlineMeeting?: NullableOption; isOrganizer?: NullableOption; isReminderOn?: NullableOption; location?: NullableOption; locations?: NullableOption; onlineMeeting?: NullableOption; onlineMeetingProvider?: NullableOption; onlineMeetingUrl?: NullableOption; organizer?: NullableOption; originalEndTimeZone?: NullableOption; originalStart?: NullableOption; originalStartTimeZone?: NullableOption; recurrence?: NullableOption; reminderMinutesBeforeStart?: NullableOption; responseRequested?: NullableOption; responseStatus?: NullableOption; sensitivity?: NullableOption; seriesMasterId?: NullableOption; showAs?: NullableOption; start?: NullableOption; subject?: NullableOption; transactionId?: NullableOption; type?: NullableOption; webLink?: NullableOption; /** * The collection of FileAttachment, ItemAttachment, and referenceAttachment attachments for the event. Navigation * property. Read-only. Nullable. */ attachments?: NullableOption; // The calendar that contains the event. Navigation property. Read-only. calendar?: NullableOption; // The collection of open extensions defined for the event. Nullable. extensions?: NullableOption; /** * The occurrences of a recurring series, if the event is a series master. This property includes occurrences that are * part of the recurrence pattern, and exceptions that have been modified, but does not include occurrences that have been * cancelled from the series. Navigation property. Read-only. Nullable. */ instances?: NullableOption; // The collection of multi-value extended properties defined for the event. Read-only. Nullable. multiValueExtendedProperties?: NullableOption; // The collection of single-value extended properties defined for the event. Read-only. Nullable. singleValueExtendedProperties?: NullableOption; } export interface ContactFolder extends Entity { // The folder's display name. displayName?: NullableOption; // The ID of the folder's parent folder. parentFolderId?: NullableOption; // The collection of child folders in the folder. Navigation property. Read-only. Nullable. childFolders?: NullableOption; // The contacts in the folder. Navigation property. Read-only. Nullable. contacts?: NullableOption; // The collection of multi-value extended properties defined for the contactFolder. Read-only. Nullable. multiValueExtendedProperties?: NullableOption; // The collection of single-value extended properties defined for the contactFolder. Read-only. Nullable. singleValueExtendedProperties?: NullableOption; } export interface Contact extends OutlookItem { // The name of the contact's assistant. assistantName?: NullableOption; /** * The contact's birthday. The Timestamp type represents date and time information using ISO 8601 format and is always in * UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ birthday?: NullableOption; // The contact's business address. businessAddress?: NullableOption; // The business home page of the contact. businessHomePage?: NullableOption; // The contact's business phone numbers. businessPhones?: NullableOption; // The names of the contact's children. children?: NullableOption; // The name of the contact's company. companyName?: NullableOption; // The contact's department. department?: NullableOption; /** * The contact's display name. You can specify the display name in a create or update operation. Note that later updates * to other properties may cause an automatically generated value to overwrite the displayName value you have specified. * To preserve a pre-existing value, always include it as displayName in an update operation. */ displayName?: NullableOption; // The contact's email addresses. emailAddresses?: NullableOption; // The name the contact is filed under. fileAs?: NullableOption; // The contact's generation. generation?: NullableOption; // The contact's given name. givenName?: NullableOption; // The contact's home address. homeAddress?: NullableOption; // The contact's home phone numbers. homePhones?: NullableOption; imAddresses?: NullableOption; initials?: NullableOption; jobTitle?: NullableOption; manager?: NullableOption; middleName?: NullableOption; mobilePhone?: NullableOption; nickName?: NullableOption; officeLocation?: NullableOption; otherAddress?: NullableOption; parentFolderId?: NullableOption; personalNotes?: NullableOption; profession?: NullableOption; spouseName?: NullableOption; surname?: NullableOption; title?: NullableOption; yomiCompanyName?: NullableOption; yomiGivenName?: NullableOption; yomiSurname?: NullableOption; // The collection of open extensions defined for the contact. Read-only. Nullable. extensions?: NullableOption; // The collection of multi-value extended properties defined for the contact. Read-only. Nullable. multiValueExtendedProperties?: NullableOption; // Optional contact picture. You can get or set a photo for a contact. photo?: NullableOption; // The collection of single-value extended properties defined for the contact. Read-only. Nullable. singleValueExtendedProperties?: NullableOption; } // tslint:disable-next-line: interface-name export interface InferenceClassification extends Entity { /** * A set of overrides for a user to always classify messages from specific senders in certain ways: focused, or other. * Read-only. Nullable. */ overrides?: NullableOption; } export interface MailFolder extends Entity { // The number of immediate child mailFolders in the current mailFolder. childFolderCount?: NullableOption; // The mailFolder's display name. displayName?: NullableOption; /** * Indicates whether the mailFolder is hidden. This property can be set only when creating the folder. Find more * information in Hidden mail folders. */ isHidden?: NullableOption; // The unique identifier for the mailFolder's parent mailFolder. parentFolderId?: NullableOption; // The number of items in the mailFolder. totalItemCount?: NullableOption; // The number of items in the mailFolder marked as unread. unreadItemCount?: NullableOption; // The collection of child folders in the mailFolder. childFolders?: NullableOption; // The collection of rules that apply to the user's Inbox folder. messageRules?: NullableOption; // The collection of messages in the mailFolder. messages?: NullableOption; // The collection of multi-value extended properties defined for the mailFolder. Read-only. Nullable. multiValueExtendedProperties?: NullableOption; // The collection of single-value extended properties defined for the mailFolder. Read-only. Nullable. singleValueExtendedProperties?: NullableOption; } export interface Message extends OutlookItem { // The Bcc: recipients for the message. bccRecipients?: NullableOption; // The body of the message. It can be in HTML or text format. Find out about safe HTML in a message body. body?: NullableOption; // The first 255 characters of the message body. It is in text format. bodyPreview?: NullableOption; // The Cc: recipients for the message. ccRecipients?: NullableOption; // The ID of the conversation the email belongs to. conversationId?: NullableOption; // Indicates the position of the message within the conversation. conversationIndex?: NullableOption; // The flag value that indicates the status, start date, due date, or completion date for the message. flag?: NullableOption; /** * The owner of the mailbox from which the message is sent. In most cases, this value is the same as the sender property, * except for sharing or delegation scenarios. The value must correspond to the actual mailbox used. Find out more about * setting the from and sender properties of a message. */ from?: NullableOption; /** * Indicates whether the message has attachments. This property doesn't include inline attachments, so if a message * contains only inline attachments, this property is false. To verify the existence of inline attachments, parse the body * property to look for a src attribute, such as <IMG src='cid:image001.jpg@01D26CD8.6C05F070'>. */ hasAttachments?: NullableOption; importance?: NullableOption; inferenceClassification?: NullableOption; internetMessageHeaders?: NullableOption; internetMessageId?: NullableOption; isDeliveryReceiptRequested?: NullableOption; isDraft?: NullableOption; isRead?: NullableOption; isReadReceiptRequested?: NullableOption; parentFolderId?: NullableOption; receivedDateTime?: NullableOption; replyTo?: NullableOption; sender?: NullableOption; sentDateTime?: NullableOption; subject?: NullableOption; toRecipients?: NullableOption; uniqueBody?: NullableOption; webLink?: NullableOption; // The fileAttachment and itemAttachment attachments for the message. attachments?: NullableOption; // The collection of open extensions defined for the message. Nullable. extensions?: NullableOption; // The collection of multi-value extended properties defined for the message. Nullable. multiValueExtendedProperties?: NullableOption; // The collection of single-value extended properties defined for the message. Nullable. singleValueExtendedProperties?: NullableOption; } export interface OutlookUser extends Entity { // A list of categories defined for the user. masterCategories?: NullableOption; } export interface Person extends Entity { // The person's birthday. birthday?: NullableOption; // The name of the person's company. companyName?: NullableOption; // The person's department. department?: NullableOption; // The person's display name. displayName?: NullableOption; // The person's given name. givenName?: NullableOption; // The instant message voice over IP (VOIP) session initiation protocol (SIP) address for the user. Read-only. imAddress?: NullableOption; // True if the user has flagged this person as a favorite. isFavorite?: NullableOption; // The person's job title. jobTitle?: NullableOption; // The location of the person's office. officeLocation?: NullableOption; // Free-form notes that the user has taken about this person. personNotes?: NullableOption; // The type of person. personType?: NullableOption; // The person's phone numbers. phones?: NullableOption; // The person's addresses. postalAddresses?: NullableOption; // The person's profession. profession?: NullableOption; // The person's email addresses. scoredEmailAddresses?: NullableOption; // The person's surname. surname?: NullableOption; /** * The user principal name (UPN) of the person. The UPN is an Internet-style login name for the person based on the * Internet standard RFC 822. By convention, this should map to the person's email name. The general format is * alias@domain. */ userPrincipalName?: NullableOption; // The person's websites. websites?: NullableOption; // The phonetic Japanese name of the person's company. yomiCompany?: NullableOption; } export interface BaseItem extends Entity { // Identity of the user, device, or application that created the item. Read-only. createdBy?: NullableOption; // Date and time of item creation. Read-only. createdDateTime?: string; // Provides a user-visible description of the item. Optional. description?: NullableOption; // ETag for the item. Read-only. eTag?: NullableOption; // Identity of the user, device, and application that last modified the item. Read-only. lastModifiedBy?: NullableOption; // Date and time the item was last modified. Read-only. lastModifiedDateTime?: string; // The name of the item. Read-write. name?: NullableOption; // Parent information, if the item has a parent. Read-write. parentReference?: NullableOption; /** * URL that either displays the resource in the browser (for Office file formats), or is a direct link to the file (for * other formats). Read-only. */ webUrl?: NullableOption; // Identity of the user who created the item. Read-only. createdByUser?: NullableOption; // Identity of the user who last modified the item. Read-only. lastModifiedByUser?: NullableOption; } export interface Drive extends BaseItem { /** * Describes the type of drive represented by this resource. OneDrive personal drives will return personal. OneDrive for * Business will return business. SharePoint document libraries will return documentLibrary. Read-only. */ driveType?: NullableOption; // Optional. The user account that owns the drive. Read-only. owner?: NullableOption; // Optional. Information about the drive's storage space quota. Read-only. quota?: NullableOption; sharePointIds?: NullableOption; // If present, indicates that this is a system-managed drive. Read-only. system?: NullableOption; // Collection of [bundles][bundle] (albums and multi-select-shared sets of items). Only in personal OneDrive. bundles?: NullableOption; // The list of items the user is following. Only in OneDrive for Business. following?: NullableOption; // All items contained in the drive. Read-only. Nullable. items?: NullableOption; // For drives in SharePoint, the underlying document library list. Read-only. Nullable. list?: NullableOption; // The root folder of the drive. Read-only. root?: NullableOption; // Collection of common folders available in OneDrive. Read-only. Nullable. special?: NullableOption; } export interface Site extends BaseItem { // The full title for the site. Read-only. displayName?: NullableOption; error?: NullableOption; isPersonalSite?: NullableOption; // If present, indicates that this is the root site in the site collection. Read-only. root?: NullableOption; // Returns identifiers useful for SharePoint REST compatibility. Read-only. sharepointIds?: NullableOption; // Provides details about the site's site collection. Available only on the root site. Read-only. siteCollection?: NullableOption; // Analytics about the view activities that took place in this site. analytics?: NullableOption; // The collection of column definitions reusable across lists under this site. columns?: NullableOption; // The collection of content types defined for this site. contentTypes?: NullableOption; // The default drive (document library) for this site. drive?: NullableOption; // The collection of drives (document libraries) under this site. drives?: NullableOption; externalColumns?: NullableOption; // Used to address any item contained in this site. This collection can't be enumerated. items?: NullableOption; // The collection of lists under this site. lists?: NullableOption; // The collection of long-running operations on the site. operations?: NullableOption; // The permissions associated with the site. Nullable. permissions?: NullableOption; // The collection of the sub-sites under this site. sites?: NullableOption; // The default termStore under this site. termStore?: NullableOption; // The collection of termStores under this site. termStores?: NullableOption; // Calls the OneNote service for notebook related operations. onenote?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface Extension extends Entity {} export interface AgreementAcceptance extends Entity { // The identifier of the agreement file accepted by the user. agreementFileId?: NullableOption; // The identifier of the agreement. agreementId?: NullableOption; // The display name of the device used for accepting the agreement. deviceDisplayName?: NullableOption; // The unique identifier of the device used for accepting the agreement. Supports $filter (eq) and eq for null values. deviceId?: NullableOption; // The operating system used to accept the agreement. deviceOSType?: NullableOption; // The operating system version of the device used to accept the agreement. deviceOSVersion?: NullableOption; /** * The expiration date time of the acceptance. The Timestamp type represents date and time information using ISO 8601 * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter * (eq, ge, le) and eq for null values. */ expirationDateTime?: NullableOption; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ recordedDateTime?: NullableOption; // The state of the agreement acceptance. Possible values are: accepted, declined. Supports $filter (eq). state?: NullableOption; // Display name of the user when the acceptance was recorded. userDisplayName?: NullableOption; // Email of the user when the acceptance was recorded. userEmail?: NullableOption; // The identifier of the user who accepted the agreement. Supports $filter (eq). userId?: NullableOption; // UPN of the user when the acceptance was recorded. userPrincipalName?: NullableOption; } export interface ManagedDevice extends Entity { /** * The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for * this property when returned as part of managedDevice entity in LIST call. To retrieve actual values GET call needs to * be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This * property is read-only. */ activationLockBypassCode?: NullableOption; // Android security patch level. This property is read-only. androidSecurityPatchLevel?: NullableOption; // The unique identifier for the Azure Active Directory device. Read only. This property is read-only. azureADDeviceId?: NullableOption; // Whether the device is Azure Active Directory registered. This property is read-only. azureADRegistered?: NullableOption; // The DateTime when device compliance grace period expires. This property is read-only. complianceGracePeriodExpirationDateTime?: string; /** * Compliance state of the device. Examples: Compliant, Conflict, Error, etc. Default is unknown. Supports $filter * operator 'eq' and 'or'. This property is read-only. Possible values are: unknown, compliant, noncompliant, conflict, * error, inGracePeriod, configManager. */ complianceState?: ComplianceState; // ConfigrMgr client enabled features. This property is read-only. configurationManagerClientEnabledFeatures?: NullableOption; // List of ComplexType deviceActionResult objects. This property is read-only. deviceActionResults?: NullableOption; /** * Device category display name. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is * read-only. */ deviceCategoryDisplayName?: NullableOption; /** * Enrollment type of the device. This property is read-only. Possible values are: unknown, userEnrollment, * deviceEnrollmentManager, appleBulkWithUser, appleBulkWithoutUser, windowsAzureADJoin, windowsBulkUserless, * windowsAutoEnrollment, windowsBulkAzureDomainJoin, windowsCoManagement, windowsAzureADJoinUsingDeviceAuth, * appleUserEnrollment, appleUserEnrollmentWithServiceAccount. */ deviceEnrollmentType?: DeviceEnrollmentType; // The device health attestation state. This property is read-only. deviceHealthAttestationState?: NullableOption; // Name of the device. This property is read-only. deviceName?: NullableOption; /** * Device registration state. This property is read-only. Possible values are: notRegistered, registered, revoked, * keyConflict, approvalPending, certificateReset, notRegisteredPendingEnrollment, unknown. */ deviceRegistrationState?: DeviceRegistrationState; // Whether the device is Exchange ActiveSync activated. This property is read-only. easActivated?: boolean; // Exchange ActivationSync activation time of the device. This property is read-only. easActivationDateTime?: string; // Exchange ActiveSync Id of the device. This property is read-only. easDeviceId?: NullableOption; // Email(s) for the user associated with the device. This property is read-only. emailAddress?: NullableOption; // Enrollment time of the device. Supports $filter operator 'lt' and 'gt'. This property is read-only. enrolledDateTime?: string; /** * Indicates Ethernet MAC Address of the device. Default, is Null (Non-Default property) for this property when returned * as part of managedDevice entity. Individual get call with select query options is needed to retrieve actual values. * Example: deviceManagement/managedDevices({managedDeviceId})?$select=ethernetMacAddress Supports: $select. $Search is * not supported. Read-only. This property is read-only. */ ethernetMacAddress?: NullableOption; /** * The Access State of the device in Exchange. This property is read-only. Possible values are: none, unknown, allowed, * blocked, quarantined. */ exchangeAccessState?: DeviceManagementExchangeAccessState; /** * The reason for the device's access state in Exchange. This property is read-only. Possible values are: none, unknown, * exchangeGlobalRule, exchangeIndividualRule, exchangeDeviceRule, exchangeUpgrade, exchangeMailboxPolicy, other, * compliant, notCompliant, notEnrolled, unknownLocation, mfaRequired, azureADBlockDueToAccessPolicy, compromisedPassword, * deviceNotKnownWithManagedApp. */ exchangeAccessStateReason?: DeviceManagementExchangeAccessStateReason; // Last time the device contacted Exchange. This property is read-only. exchangeLastSuccessfulSyncDateTime?: string; // Free Storage in Bytes. Default value is 0. Read-only. This property is read-only. freeStorageSpaceInBytes?: number; /** * Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Default is an empty string. To * retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. * $Search is not supported. Read-only. This property is read-only. */ iccid?: NullableOption; // IMEI. This property is read-only. imei?: NullableOption; // Device encryption status. This property is read-only. isEncrypted?: boolean; // Device supervised status. This property is read-only. isSupervised?: boolean; /** * Whether the device is jail broken or rooted. Default is an empty string. Supports $filter operator 'eq' and 'or'. This * property is read-only. */ jailBroken?: NullableOption; /** * The date and time that the device last completed a successful sync with Intune. Supports $filter operator 'lt' and * 'gt'. This property is read-only. */ lastSyncDateTime?: string; // Automatically generated name to identify a device. Can be overwritten to a user friendly name. managedDeviceName?: NullableOption; // Ownership of the device. Can be 'company' or 'personal'. Possible values are: unknown, company, personal. managedDeviceOwnerType?: ManagedDeviceOwnerType; /** * Management channel of the device. Examples: Intune, EAS, etc. Default is unknown. Supports $filter operator 'eq' and * 'or'. This property is read-only. Possible values are: eas, mdm, easMdm, intuneClient, easIntuneClient, * configurationManagerClient, configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, jamf, * googleCloudDevicePolicyController. */ managementAgent?: ManagementAgentType; // Reports device management certificate expiration date. This property is read-only. managementCertificateExpirationDate?: string; // Manufacturer of the device. This property is read-only. manufacturer?: NullableOption; // MEID. This property is read-only. meid?: NullableOption; // Model of the device. This property is read-only. model?: NullableOption; /** * Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with * device id and included in select parameter. Supports: $select. $Search is not supported. */ notes?: NullableOption; // Operating system of the device. Windows, iOS, etc. This property is read-only. operatingSystem?: NullableOption; // Operating system version of the device. This property is read-only. osVersion?: NullableOption; /** * Indicates the threat state of a device when a Mobile Threat Defense partner is in use by the account and device. Read * Only. This property is read-only. Possible values are: unknown, activated, deactivated, secured, lowSeverity, * mediumSeverity, highSeverity, unresponsive, compromised, misconfigured. */ partnerReportedThreatState?: ManagedDevicePartnerReportedHealthState; // Phone number of the device. This property is read-only. phoneNumber?: NullableOption; /** * Total Memory in Bytes. Default is 0. To retrieve actual values GET call needs to be made, with device id and included * in select parameter. Supports: $select. Read-only. This property is read-only. */ physicalMemoryInBytes?: number; // An error string that identifies issues when creating Remote Assistance session objects. This property is read-only. remoteAssistanceSessionErrorDetails?: NullableOption; /** * Url that allows a Remote Assistance session to be established with the device. Default is an empty string. To retrieve * actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. */ remoteAssistanceSessionUrl?: NullableOption; // Reports if the managed iOS device is user approval enrollment. This property is read-only. requireUserEnrollmentApproval?: NullableOption; // SerialNumber. This property is read-only. serialNumber?: NullableOption; // Subscriber Carrier. This property is read-only. subscriberCarrier?: NullableOption; // Total Storage in Bytes. This property is read-only. totalStorageSpaceInBytes?: number; /** * Unique Device Identifier for iOS and macOS devices. Default is an empty string. To retrieve actual values GET call * needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. * Read-only. This property is read-only. */ udid?: NullableOption; // User display name. This property is read-only. userDisplayName?: NullableOption; // Unique Identifier for the user associated with the device. This property is read-only. userId?: NullableOption; // Device user principal name. This property is read-only. userPrincipalName?: NullableOption; // Wi-Fi MAC. This property is read-only. wiFiMacAddress?: NullableOption; // Device compliance policy states for this device. deviceCompliancePolicyStates?: NullableOption; // Device configuration states for this device. deviceConfigurationStates?: NullableOption; // Device category deviceCategory?: NullableOption; // List of log collection requests logCollectionRequests?: NullableOption; // The primary users associated with the managed device. users?: NullableOption; // The device protection status. This property is read-only. windowsProtectionState?: NullableOption; } export interface ManagedAppRegistration extends Entity { // The app package Identifier appIdentifier?: NullableOption; // App version applicationVersion?: NullableOption; // Date and time of creation createdDateTime?: string; // Host device name deviceName?: NullableOption; /** * App management SDK generated tag, which helps relate apps hosted on the same device. Not guaranteed to relate apps in * all conditions. */ deviceTag?: NullableOption; // Host device type deviceType?: NullableOption; // Zero or more reasons an app registration is flagged. E.g. app running on rooted device flaggedReasons?: ManagedAppFlaggedReason[]; // Date and time of last the app synced with management service. lastSyncDateTime?: string; // App management SDK version managementSdkVersion?: NullableOption; // Operating System version platformVersion?: NullableOption; // The user Id to who this app registration belongs. userId?: NullableOption; // Version of the entity. version?: NullableOption; // Zero or more policys already applied on the registered app when it last synchronized with managment service. appliedPolicies?: NullableOption; // Zero or more policies admin intended for the app as of now. intendedPolicies?: NullableOption; // Zero or more long running operations triggered on the app registration. operations?: NullableOption; } export interface DeviceManagementTroubleshootingEvent extends Entity { // Id used for tracing the failure in the service. correlationId?: NullableOption; // Time when the event occurred . eventDateTime?: string; } export interface PlannerUser extends Entity { // Read-only. Nullable. Returns the plannerTasks assigned to the user. plans?: NullableOption; // Read-only. Nullable. Returns the plannerPlans shared with the user. tasks?: NullableOption; } export interface OfficeGraphInsights extends Entity { /** * Calculated relationship identifying documents shared with or by the user. This includes URLs, file attachments, and * reference attachments to OneDrive for Business and SharePoint files found in Outlook messages and meetings. This also * includes URLs and reference attachments to Teams conversations. Ordered by recency of share. */ shared?: NullableOption; /** * Calculated relationship identifying documents trending around a user. Trending documents are calculated based on * activity of the user's closest network of people and include files stored in OneDrive for Business and SharePoint. * Trending insights help the user to discover potentially useful content that the user has access to, but has never * viewed before. */ trending?: NullableOption; /** * Calculated relationship identifying the latest documents viewed or modified by a user, including OneDrive for Business * and SharePoint documents, ranked by recency of use. */ used?: NullableOption; } export interface UserSettings extends Entity { /** * Reflects the organization level setting controlling delegate access to the trending API. When set to true, the * organization doesn't have access to Office Delve. The relevancy of the content displayed in Microsoft 365, for example * in Suggested sites in SharePoint Home and the Discover view in OneDrive for Business is affected for the whole * organization. This setting is read-only and can only be changed by administrators in the SharePoint admin center. */ contributionToContentDiscoveryAsOrganizationDisabled?: boolean; /** * When set to true, the delegate access to the user's trending API is disabled. When set to true, documents in the user's * Office Delve are disabled. When set to true, the relevancy of the content displayed in Microsoft 365, for example in * Suggested sites in SharePoint Home and the Discover view in OneDrive for Business is affected. Users can control this * setting in Office Delve. */ contributionToContentDiscoveryDisabled?: boolean; shiftPreferences?: NullableOption; } export interface Onenote extends Entity { // The collection of OneNote notebooks that are owned by the user or group. Read-only. Nullable. notebooks?: NullableOption; /** * The status of OneNote operations. Getting an operations collection isn't supported, but you can get the status of * long-running operations if the Operation-Location header is returned in the response. Read-only. Nullable. */ operations?: NullableOption; // The pages in all OneNote notebooks that are owned by the user or group. Read-only. Nullable. pages?: NullableOption; /** * The image and other file resources in OneNote pages. Getting a resources collection isn't supported, but you can get * the binary content of a specific resource. Read-only. Nullable. */ resources?: NullableOption; // The section groups in all OneNote notebooks that are owned by the user or group. Read-only. Nullable. sectionGroups?: NullableOption; // The sections in all OneNote notebooks that are owned by the user or group. Read-only. Nullable. sections?: NullableOption; } export interface ProfilePhoto extends Entity { // The height of the photo. Read-only. height?: NullableOption; // The width of the photo. Read-only. width?: NullableOption; } export interface UserActivity extends Entity { /** * Required. URL used to launch the activity in the best native experience represented by the appId. Might launch a * web-based app if no native app exists. */ activationUrl?: string; /** * Required. URL for the domain representing the cross-platform identity mapping for the app. Mapping is stored either as * a JSON file hosted on the domain or configurable via Windows Dev Center. The JSON file is named * cross-platform-app-identifiers and is hosted at root of your HTTPS domain, either at the top level domain or include a * sub domain. For example: https://contoso.com or https://myapp.contoso.com but NOT https://myapp.contoso.com/somepath. * You must have a unique file and domain (or sub domain) per cross-platform app identity. For example, a separate file * and domain is needed for Word vs. PowerPoint. */ activitySourceHost?: string; // Required. The unique activity ID in the context of the app - supplied by caller and immutable thereafter. appActivityId?: string; /** * Optional. Short text description of the app used to generate the activity for use in cases when the app is not * installed on the user’s local device. */ appDisplayName?: NullableOption; // Optional. A custom piece of data - JSON-LD extensible description of content according to schema.org syntax. contentInfo?: NullableOption; /** * Optional. Used in the event the content can be rendered outside of a native or web-based app experience (for example, a * pointer to an item in an RSS feed). */ contentUrl?: NullableOption; // Set by the server. DateTime in UTC when the object was created on the server. createdDateTime?: NullableOption; // Set by the server. DateTime in UTC when the object expired on the server. expirationDateTime?: NullableOption; // Optional. URL used to launch the activity in a web-based app, if available. fallbackUrl?: NullableOption; // Set by the server. DateTime in UTC when the object was modified on the server. lastModifiedDateTime?: NullableOption; // Set by the server. A status code used to identify valid objects. Values: active, updated, deleted, ignored. status?: NullableOption; /** * Optional. The timezone in which the user's device used to generate the activity was located at activity creation time; * values supplied as Olson IDs in order to support cross-platform representation. */ userTimezone?: NullableOption; // Required. The object containing information to render the activity in the UX. visualElements?: VisualInfo; // Optional. NavigationProperty/Containment; navigation property to the activity's historyItems. historyItems?: NullableOption; } export interface OnlineMeetingBase extends Entity { allowAttendeeToEnableCamera?: NullableOption; allowAttendeeToEnableMic?: NullableOption; allowedPresenters?: NullableOption; allowMeetingChat?: NullableOption; allowParticipantsToChangeName?: NullableOption; allowTeamworkReactions?: NullableOption; audioConferencing?: NullableOption; chatInfo?: NullableOption; isEntryExitAnnounced?: NullableOption; joinInformation?: NullableOption; joinMeetingIdSettings?: NullableOption; joinWebUrl?: NullableOption; lobbyBypassSettings?: NullableOption; recordAutomatically?: NullableOption; shareMeetingChatHistoryDefault?: NullableOption; subject?: NullableOption; videoTeleconferenceId?: NullableOption; watermarkProtection?: NullableOption; attendanceReports?: NullableOption; } export interface OnlineMeeting extends OnlineMeetingBase { attendeeReport?: NullableOption; broadcastSettings?: NullableOption; // The meeting creation time in UTC. Read-only. creationDateTime?: NullableOption; // The meeting end time in UTC. endDateTime?: NullableOption; externalId?: NullableOption; isBroadcast?: NullableOption; // The participants associated with the online meeting. This includes the organizer and the attendees. participants?: NullableOption; // The meeting start time in UTC. startDateTime?: NullableOption; // The recordings of an online meeting. Read-only. recordings?: NullableOption; // The transcripts of an online meeting. Read-only. transcripts?: NullableOption; } export interface Presence extends Entity { /** * The supplemental information to a user's availability. Possible values are Available, Away, BeRightBack, Busy, * DoNotDisturb, InACall, InAConferenceCall, Inactive, InAMeeting, Offline, OffWork, OutOfOffice, PresenceUnknown, * Presenting, UrgentInterruptionsOnly. */ activity?: NullableOption; /** * The base presence information for a user. Possible values are Available, AvailableIdle, Away, BeRightBack, Busy, * BusyIdle, DoNotDisturb, Offline, PresenceUnknown */ availability?: NullableOption; // The presence status message of a user. statusMessage?: NullableOption; } export interface Authentication extends Entity { // The email address registered to a user for authentication. emailMethods?: NullableOption; // Represents the FIDO2 security keys registered to a user for authentication. fido2Methods?: NullableOption; // Represents all authentication methods registered to a user. methods?: NullableOption; // The details of the Microsoft Authenticator app registered to a user for authentication. microsoftAuthenticatorMethods?: NullableOption; // Represents the status of a long-running operation. operations?: NullableOption; /** * Represents the password that's registered to a user for authentication. For security, the password itself will never be * returned in the object, but action can be taken to reset a password. */ passwordMethods?: NullableOption; // The phone numbers registered to a user for authentication. phoneMethods?: NullableOption; // The software OATH TOTP applications registered to a user for authentication. softwareOathMethods?: NullableOption; // Represents a Temporary Access Pass registered to a user for authentication through time-limited passcodes. temporaryAccessPassMethods?: NullableOption; // Represents the Windows Hello for Business authentication method registered to a user for authentication. windowsHelloForBusinessMethods?: NullableOption; } export interface Chat extends Entity { // Specifies the type of chat. Possible values are: group, oneOnOne, meeting, unknownFutureValue. chatType?: ChatType; // Date and time at which the chat was created. Read-only. createdDateTime?: NullableOption; // Date and time at which the chat was renamed or list of members were last changed. Read-only. lastUpdatedDateTime?: NullableOption; /** * Represents details about an online meeting. If the chat isn't associated with an online meeting, the property is empty. * Read-only. */ onlineMeetingInfo?: NullableOption; // The identifier of the tenant in which the chat was created. Read-only. tenantId?: NullableOption; // (Optional) Subject or topic for the chat. Only available for group chats. topic?: NullableOption; /** * Represents caller-specific information about the chat, such as last message read date and time. This property is * populated only when the request is made in a delegated context. */ viewpoint?: NullableOption; // The URL for the chat in Microsoft Teams. The URL should be treated as an opaque blob, and not parsed. Read-only. webUrl?: NullableOption; // A collection of all the apps in the chat. Nullable. installedApps?: NullableOption; /** * Preview of the last message sent in the chat. Null if no messages have been sent in the chat. Currently, only the list * chats operation supports this property. */ lastMessagePreview?: NullableOption; // A collection of all the members in the chat. Nullable. members?: NullableOption; // A collection of all the messages in the chat. Nullable. messages?: NullableOption; // A collection of permissions granted to apps for the chat. permissionGrants?: NullableOption; // A collection of all the pinned messages in the chat. Nullable. pinnedMessages?: NullableOption; // A collection of all the tabs in the chat. Nullable. tabs?: NullableOption; } export interface Team extends Entity { /** * An optional label. Typically describes the data or business sensitivity of the team. Must match one of a pre-configured * set in the tenant's directory. */ classification?: NullableOption; // Timestamp at which the team was created. createdDateTime?: NullableOption; // An optional description for the team. Maximum length: 1024 characters. description?: NullableOption; // The name of the team. displayName?: NullableOption; // Settings to configure use of Giphy, memes, and stickers in the team. funSettings?: NullableOption; // Settings to configure whether guests can create, update, or delete channels in the team. guestSettings?: NullableOption; // A unique ID for the team that has been used in a few places such as the audit log/Office 365 Management Activity API. internalId?: NullableOption; // Whether this team is in read-only mode. isArchived?: NullableOption; /** * Settings to configure whether members can perform certain actions, for example, create channels and add bots, in the * team. */ memberSettings?: NullableOption; // Settings to configure messaging and mentions in the team. messagingSettings?: NullableOption; /** * Optional. Indicates whether the team is intended for a particular use case. Each team specialization has access to * unique behaviors and experiences targeted to its use case. */ specialization?: NullableOption; // Contains summary information about the team, including number of owners, members, and guests. summary?: NullableOption; // The ID of the Microsoft Entra tenant. tenantId?: NullableOption; // The visibility of the group and team. Defaults to Public. visibility?: NullableOption; /** * A hyperlink that will go to the team in the Microsoft Teams client. This is the URL that you get when you right-click a * team in the Microsoft Teams client and select Get link to team. This URL should be treated as an opaque blob, and not * parsed. */ webUrl?: NullableOption; // List of channels either hosted in or shared with the team (incoming channels). allChannels?: NullableOption; // The collection of channels and messages associated with the team. channels?: NullableOption; group?: NullableOption; // List of channels shared with the team. incomingChannels?: NullableOption; // The apps installed in this team. installedApps?: NullableOption; // Members and owners of the team. members?: NullableOption; // The async operations that ran or are running on this team. operations?: NullableOption; // A collection of permissions granted to apps to access the team. permissionGrants?: NullableOption; // The profile photo for the team. photo?: NullableOption; // The general channel for the team. primaryChannel?: NullableOption; // The tags associated with the team. tags?: NullableOption; // The template this team was created from. See available templates. template?: NullableOption; // The schedule of shifts for this team. schedule?: NullableOption; } export interface UserTeamwork extends Entity { // The list of associatedTeamInfo objects that a user is associated with. associatedTeams?: NullableOption; // The apps installed in the personal scope of this user. installedApps?: NullableOption; } export interface Todo extends Entity { // The task lists in the users mailbox. lists?: NullableOption; } export interface EmployeeExperienceUser extends Entity { learningCourseActivities?: NullableOption; } export interface AuditLogRoot extends Entity { directoryAudits?: NullableOption; provisioning?: NullableOption; signIns?: NullableOption; } export interface DirectoryAudit extends Entity { /** * Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight * UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ge, le) and $orderby. */ activityDateTime?: string; /** * Indicates the activity name or the operation name (examples: 'Create User' and 'Add member to group'). For a list of * activities logged, refer to Microsoft Entra audit log categories and activities. Supports $filter (eq, startswith). */ activityDisplayName?: string; // Indicates additional details on the activity. additionalDetails?: NullableOption; /** * Indicates which resource category that's targeted by the activity. For example: UserManagement, GroupManagement, * ApplicationManagement, RoleManagement. For a list of categories for activities logged, refer to Microsoft Entra audit * log categories and activities. */ category?: string; /** * Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs * across services. Supports $filter (eq). */ correlationId?: NullableOption; /** * Indicates information about the user or app initiated the activity. Supports $filter (eq) for user/id, * user/displayName, user/userPrincipalName, app/appId, app/displayName; and $filter (startswith) for * user/userPrincipalName. */ initiatedBy?: AuditActivityInitiator; /** * Indicates information on which service initiated the activity (For example: Self-service Password Management, Core * Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. Supports $filter (eq). */ loggedByService?: NullableOption; /** * Indicates the type of operation that was performed. The possible values include but are not limited to the following: * Add, Assign, Update, Unassign, and Delete. */ operationType?: NullableOption; // Indicates the result of the activity. Possible values are: success, failure, timeout, unknownFutureValue. result?: NullableOption; // Indicates the reason for failure if the result is failure or timeout. resultReason?: NullableOption; /** * Indicates information on which resource was changed due to the activity. Target Resource Type can be User, Device, * Directory, App, Role, Group, Policy or Other. Supports $filter (eq) for id and displayName; and $filter (startswith) * for displayName. */ targetResources?: NullableOption; } export interface ProvisioningObjectSummary extends Entity { /** * Represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan * 1, 2014 is 2014-01-01T00:00:00Z. SUpports $filter (eq, gt, lt) and orderby. */ activityDateTime?: string; // Unique ID of this change in this cycle. Supports $filter (eq, contains). changeId?: NullableOption; // Unique ID per job iteration. Supports $filter (eq, contains). cycleId?: NullableOption; // Indicates how long this provisioning action took to finish. Measured in milliseconds. durationInMilliseconds?: NullableOption; // Details of who initiated this provisioning. Supports $filter (eq, contains). initiatedBy?: NullableOption; // The unique ID for the whole provisioning job. Supports $filter (eq, contains). jobId?: NullableOption; // Details of each property that was modified in this provisioning action on this object. modifiedProperties?: NullableOption; /** * Indicates the activity name or the operation name. Possible values are: create, update, delete, stageddelete, disable, * other and unknownFutureValue. For a list of activities logged, refer to Microsoft Entra activity list. Supports $filter * (eq, contains). */ provisioningAction?: NullableOption; // Details of provisioning status. provisioningStatusInfo?: NullableOption; // Details of each step in provisioning. provisioningSteps?: NullableOption; // Represents the service principal used for provisioning. Supports $filter (eq) for id and name. servicePrincipal?: NullableOption; // Details of source object being provisioned. Supports $filter (eq, contains) for identityType, id, and displayName. sourceIdentity?: NullableOption; // Details of source system of the object being provisioned. Supports $filter (eq, contains) for displayName. sourceSystem?: NullableOption; // Details of target object being provisioned. Supports $filter (eq, contains) for identityType, id, and displayName. targetIdentity?: NullableOption; // Details of target system of the object being provisioned. Supports $filter (eq, contains) for displayName. targetSystem?: NullableOption; // Unique Microsoft Entra tenant ID. Supports $filter (eq, contains). tenantId?: NullableOption; } export interface SignIn extends Entity { // App name displayed in the Microsoft Entra admin center. Supports $filter (eq, startsWith). appDisplayName?: NullableOption; // Unique GUID representing the app ID in the Microsoft Entra ID. Supports $filter (eq). appId?: NullableOption; /** * Provides a list of conditional access policies that are triggered by the corresponding sign-in activity. Apps need * additional Conditional Access-related privileges to read the details of this property. For more information, see * Viewing applied conditional access (CA) policies in sign-ins. */ appliedConditionalAccessPolicies?: NullableOption; /** * Identifies the client used for the sign-in activity. Modern authentication clients include Browser, modern clients. * Legacy authentication clients include Exchange ActiveSync, IMAP, MAPI, SMTP, POP, and other clients. Supports $filter * (eq). */ clientAppUsed?: NullableOption; /** * Reports status of an activated conditional access policy. Possible values are: success, failure, notApplied, and * unknownFutureValue. Supports $filter (eq). */ conditionalAccessStatus?: NullableOption; /** * The request ID sent from the client when the sign-in is initiated; used to troubleshoot sign-in activity. Supports * $filter (eq). */ correlationId?: NullableOption; /** * Date and time (UTC) the sign-in was initiated. Example: midnight on Jan 1, 2014 is reported as 2014-01-01T00:00:00Z. * Supports $orderby, $filter (eq, le, and ge). */ createdDateTime?: string; /** * Device information from where the sign-in occurred; includes device ID, operating system, and browser. Supports $filter * (eq, startsWith) on browser and operatingSytem properties. */ deviceDetail?: NullableOption; // IP address of the client used to sign in. Supports $filter (eq, startsWith). ipAddress?: NullableOption; // Indicates if a sign-in is interactive or not. isInteractive?: NullableOption; /** * Provides the city, state, and country code where the sign-in originated. Supports $filter (eq, startsWith) on city, * state, and countryOrRegion properties. */ location?: NullableOption; // Name of the resource the user signed into. Supports $filter (eq). resourceDisplayName?: NullableOption; // ID of the resource that the user signed into. Supports $filter (eq). resourceId?: NullableOption; /** * Provides the 'reason' behind a specific state of a risky user, sign-in or a risk event. The possible values are: none, * adminGeneratedTemporaryPassword, userPerformedSecuredPasswordChange, userPerformedSecuredPasswordReset, * adminConfirmedSigninSafe, aiConfirmedSigninSafe, userPassedMFADrivenByRiskBasedPolicy, adminDismissedAllRiskForUser, * adminConfirmedSigninCompromised, unknownFutureValue. The value none means that no action has been performed on the user * or sign-in so far. Supports $filter (eq).Note: Details for this property require a Microsoft Entra ID P2 license. Other * licenses return the value hidden. */ riskDetail?: NullableOption; /** * Risk event types associated with the sign-in. The possible values are: unlikelyTravel, anonymizedIPAddress, * maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, * investigationsThreatIntelligence, generic, and unknownFutureValue. Supports $filter (eq). */ riskEventTypes?: NullableOption; /** * The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, * maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, * investigationsThreatIntelligence, generic, or unknownFutureValue. Supports $filter (eq, startsWith). */ riskEventTypes_v2?: NullableOption; /** * Aggregated risk level. The possible values are: none, low, medium, high, hidden, and unknownFutureValue. The value * hidden means the user or sign-in wasn't enabled for Microsoft Entra ID Protection. Supports $filter (eq). Note: Details * for this property are only available for Microsoft Entra ID P2 customers. All other customers are returned hidden. */ riskLevelAggregated?: NullableOption; /** * Risk level during sign-in. The possible values are: none, low, medium, high, hidden, and unknownFutureValue. The value * hidden means the user or sign-in wasn't enabled for Microsoft Entra ID Protection. Supports $filter (eq). Note: Details * for this property are only available for Microsoft Entra ID P2 customers. All other customers are returned hidden. */ riskLevelDuringSignIn?: NullableOption; /** * Reports status of the risky user, sign-in, or a risk event. The possible values are: none, confirmedSafe, remediated, * dismissed, atRisk, confirmedCompromised, unknownFutureValue. Supports $filter (eq). */ riskState?: NullableOption; /** * Sign-in status. Includes the error code and description of the error (if there's a sign-in failure). Supports $filter * (eq) on errorCode property. */ status?: NullableOption; // Display name of the user that initiated the sign-in. Supports $filter (eq, startsWith). userDisplayName?: NullableOption; // ID of the user that initiated the sign-in. Supports $filter (eq). userId?: string; // User principal name of the user that initiated the sign-in. Supports $filter (eq, startsWith). userPrincipalName?: NullableOption; } export interface AuthenticationMethodsRoot extends Entity { /** * Represents the state of a user's authentication methods, including which methods are registered and which features the * user is registered and capable of (such as multifactor authentication, self-service password reset, and passwordless * authentication). */ userRegistrationDetails?: NullableOption; } export interface UserRegistrationDetails extends Entity { /** * Indicates whether the user has an admin role in the tenant. This value can be used to check the authentication methods * that privileged accounts are registered for and capable of. */ isAdmin?: NullableOption; /** * Indicates whether the user has registered a strong authentication method for multifactor authentication. The method * must be allowed by the authentication methods policy. Supports $filter (eq). */ isMfaCapable?: boolean; /** * Indicates whether the user has registered a strong authentication method for multifactor authentication. The method may * not necessarily be allowed by the authentication methods policy. Supports $filter (eq). */ isMfaRegistered?: boolean; /** * Indicates whether the user has registered a passwordless strong authentication method (including FIDO2, Windows Hello * for Business, and Microsoft Authenticator (Passwordless)) that is allowed by the authentication methods policy. * Supports $filter (eq). */ isPasswordlessCapable?: boolean; /** * Indicates whether the user has registered the required number of authentication methods for self-service password reset * and the user is allowed to perform self-service password reset by policy. Supports $filter (eq). */ isSsprCapable?: boolean; /** * Indicates whether the user is allowed to perform self-service password reset by policy. The user may not necessarily * have registered the required number of authentication methods for self-service password reset. Supports $filter (eq). */ isSsprEnabled?: boolean; /** * Indicates whether the user has registered the required number of authentication methods for self-service password * reset. The user may not necessarily be allowed to perform self-service password reset by policy. Supports $filter (eq). */ isSsprRegistered?: boolean; /** * Indicates whether system preferred authentication method is enabled. If enabled, the system dynamically determines the * most secure authentication method among the methods registered by the user. Supports $filter (eq). */ isSystemPreferredAuthenticationMethodEnabled?: NullableOption; /** * The date and time (UTC) when the record was last updated. The DateTimeOffset type represents date and time information * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ lastUpdatedDateTime?: string; // Collection of authentication methods registered, such as mobilePhone, email, fido2. Supports $filter (any with eq). methodsRegistered?: NullableOption; /** * Collection of authentication methods that the system determined to be the most secure authentication methods among the * registered methods for second factor authentication. Possible values are: push, oath, voiceMobile, * voiceAlternateMobile, voiceOffice, sms, none, unknownFutureValue. Supports $filter (any with eq). */ systemPreferredAuthenticationMethods?: NullableOption; // The user display name, such as Adele Vance. Supports $filter (eq, startsWith) and $orderby. userDisplayName?: string; /** * The method the user selected as the default second-factor for performing multifactor authentication. Possible values * are: push, oath, voiceMobile, voiceAlternateMobile, voiceOffice, sms, none, unknownFutureValue. This property is used * as preferred MFA method when isSystemPreferredAuthenticationMethodEnabled is false. Supports $filter (any with eq). */ userPreferredMethodForSecondaryAuthentication?: NullableOption; // The user principal name, such as AdeleV@contoso.com. Supports $filter (eq, startsWith) and $orderby. userPrincipalName?: string; /** * Identifies whether the user is a member or guest in the tenant. The possible values are: member, guest, * unknownFutureValue. */ userType?: NullableOption; } export interface GovernanceInsight extends Entity { // Indicates when the insight was created. insightCreatedDateTime?: NullableOption; } export interface MembershipOutlierInsight extends GovernanceInsight { // Indicates the identifier of the container, for example, a group ID. containerId?: string; // Indicates the identifier of the user. memberId?: string; // Indicates the type of container. The possible values are: group, unknownFutureValue. outlierContainerType?: OutlierContainerType; // Indicates the type of outlier member. The possible values are: user, unknownFutureValue. outlierMemberType?: OutlierMemberType; // Navigation link to the container directory object. For example, to a group. container?: NullableOption; // Navigation link to a member object who modified the record. For example, to a user. lastModifiedBy?: NullableOption; // Navigation link to a member object. For example, to a user. member?: NullableOption; } export interface ReportRoot { // Container for navigation properties for Microsoft Entra authentication methods resources. authenticationMethods?: NullableOption; // Retrieve a list of daily print usage summaries, grouped by printer. dailyPrintUsageByPrinter?: NullableOption; // Retrieve a list of daily print usage summaries, grouped by user. dailyPrintUsageByUser?: NullableOption; // Retrieve a list of monthly print usage summaries, grouped by printer. monthlyPrintUsageByPrinter?: NullableOption; // Retrieve a list of monthly print usage summaries, grouped by user. monthlyPrintUsageByUser?: NullableOption; // Represents an abstract type that contains resources for attack simulation and training reports. security?: NullableOption; } export interface PrintUsage extends Entity { blackAndWhitePageCount?: NullableOption; colorPageCount?: NullableOption; completedBlackAndWhiteJobCount?: number; completedColorJobCount?: number; completedJobCount?: NullableOption; doubleSidedSheetCount?: NullableOption; incompleteJobCount?: number; mediaSheetCount?: NullableOption; pageCount?: NullableOption; singleSidedSheetCount?: NullableOption; usageDate?: string; } export interface PrintUsageByPrinter extends PrintUsage { printerId?: string; // The name of the printer represented by these statistics. printerName?: NullableOption; } export interface PrintUsageByUser extends PrintUsage { // The UPN of the user represented by these statistics. userPrincipalName?: string; } // tslint:disable-next-line: no-empty-interface export interface SecurityReportsRoot extends Entity {} // tslint:disable-next-line: interface-name export interface Invitation extends Entity { // The display name of the user being invited. invitedUserDisplayName?: NullableOption; /** * The email address of the user being invited. Required. The following special characters aren't permitted in the email * address:Tilde (~)Exclamation point (!)Number sign (#)Dollar sign ($)Percent (%)Circumflex (^)Ampersand (&)Asterisk * (*)Parentheses (( ))Plus sign (+)Equal sign (=)Brackets ([ ])Braces ({ })Backslash (/)Slash mark (/)Pipe (/|)Semicolon * (;)Colon (:)Quotation marks (')Angle brackets (< >)Question mark (?)Comma (,)However, the following * exceptions apply:A period (.) or a hyphen (-) is permitted anywhere in the user name, except at the beginning or end of * the name.An underscore (_) is permitted anywhere in the user name. This includes at the beginning or end of the name. */ invitedUserEmailAddress?: string; /** * Additional configuration for the message being sent to the invited user, including customizing message text, language * and cc recipient list. */ invitedUserMessageInfo?: NullableOption; /** * The userType of the user being invited. By default, this is Guest. You can invite as Member if you're a company * administrator. */ invitedUserType?: NullableOption; // The URL the user can use to redeem their invitation. Read-only. inviteRedeemUrl?: NullableOption; // The URL the user should be redirected to once the invitation is redeemed. Required. inviteRedirectUrl?: string; /** * Reset the user's redemption status and reinvite a user while retaining their user identifier, group memberships, and * app assignments. This property allows you to enable a user to sign-in using a different email address from the one in * the previous invitation. For more information about using this property, see Reset redemption status for a guest user. */ resetRedemption?: NullableOption; // Indicates whether an email should be sent to the user being invited. The default is false. sendInvitationMessage?: NullableOption; // The status of the invitation. Possible values are: PendingAcceptance, Completed, InProgress, and Error. status?: NullableOption; // The user created as part of the invitation creation. Read-Only invitedUser?: NullableOption; } export interface ServicePrincipal extends DirectoryObject { /** * true if the service principal account is enabled; otherwise, false. If set to false, then no users will be able to sign * in to this app, even if they are assigned to it. Supports $filter (eq, ne, not, in). */ accountEnabled?: NullableOption; /** * Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications * that can render file streams may set the addIns property for its 'FileHandler' functionality. This will let services * like Microsoft 365 call the application in the context of a document the user is working on. */ addIns?: AddIn[]; /** * Used to retrieve service principals by subscription, identify resource group and full resource ids for managed * identities. Supports $filter (eq, not, ge, le, startsWith). */ alternativeNames?: string[]; // The description exposed by the associated application. appDescription?: NullableOption; // The display name exposed by the associated application. appDisplayName?: NullableOption; /** * The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, * not, in, startsWith). */ appId?: NullableOption; /** * Unique identifier of the applicationTemplate that the servicePrincipal was created from. Read-only. Supports $filter * (eq, ne, NOT, startsWith). */ applicationTemplateId?: NullableOption; /** * Contains the tenant id where the application is registered. This is applicable only to service principals backed by * applications. Supports $filter (eq, ne, NOT, ge, le). */ appOwnerOrganizationId?: NullableOption; /** * Specifies whether users or other service principals need to be granted an app role assignment for this service * principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter * (eq, ne, NOT). */ appRoleAssignmentRequired?: boolean; /** * The roles exposed by the application which this service principal represents. For more information see the appRoles * property definition on the application entity. Not nullable. */ appRoles?: AppRole[]; /** * An open complex type that holds the value of a custom security attribute that is assigned to a directory object. * Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. */ customSecurityAttributes?: NullableOption; /** * Free text field to provide an internal end-user facing description of the service principal. End-user portals such * MyApps will display the application description in this field. The maximum allowed size is 1024 characters. Supports * $filter (eq, ne, not, ge, le, startsWith) and $search. */ description?: NullableOption; /** * Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), * NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons may include suspicious, abusive, or malicious * activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). */ disabledByMicrosoftStatus?: NullableOption; /** * The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null * values), $search, and $orderby. */ displayName?: NullableOption; // Home page or landing page of the application. homepage?: NullableOption; /** * Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy * statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. * For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports * $filter (eq, ne, not, ge, le, and eq on null values). */ info?: NullableOption; /** * The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, * le). */ keyCredentials?: KeyCredential[]; /** * Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra * ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft * Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches * the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL. */ loginUrl?: NullableOption; /** * Specifies the URL that will be used by Microsoft's authorization service to logout an user using OpenId Connect * front-channel, back-channel or SAML logout protocols. */ logoutUrl?: NullableOption; /** * Free text field to capture information about the service principal, typically used for operational purposes. Maximum * allowed size is 1024 characters. */ notes?: NullableOption; /** * Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near * the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery * applications. */ notificationEmailAddresses?: string[]; /** * The delegated permissions exposed by the application. For more information see the oauth2PermissionScopes property on * the application entity's api property. Not nullable. */ oauth2PermissionScopes?: PermissionScope[]; // The collection of password credentials associated with the application. Not nullable. passwordCredentials?: PasswordCredential[]; /** * Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on * mode to launch the application from Microsoft 365 or the My Apps portal. The supported values are password, saml, * notSupported, and oidc. */ preferredSingleSignOnMode?: NullableOption; /** * This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which * certificate is used to sign the SAML responses. For applications that are not SAML, do not write or otherwise rely on * this property. */ preferredTokenSigningKeyThumbprint?: NullableOption; /** * The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 * authorization codes and access tokens are sent to for the associated application. Not nullable. */ replyUrls?: string[]; /** * The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are * only supported for Teams apps accessing to specific chats and teams using Microsoft Graph. Read-only. */ resourceSpecificApplicationPermissions?: ResourceSpecificPermission[]; // The collection for settings related to saml single sign-on. samlSingleSignOnSettings?: NullableOption; /** * Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to * hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra * ID. For example,Client apps can specify a resource URI which is based on the values of this property to acquire an * access token, which is the URI returned in the 'aud' claim.The any operator is required for filter expressions on * multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith). */ servicePrincipalNames?: string[]; /** * Identifies whether the service principal represents an application, a managed identity, or a legacy application. This * is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: * Application - A service principal that represents an application or service. The appId property identifies the * associated app registration, and matches the appId of an application, possibly from a different tenant. If the * associated app registration is missing, tokens are not issued for the service principal.ManagedIdentity - A service * principal that represents a managed identity. Service principals representing managed identities can be granted access * and permissions, but cannot be updated or modified directly.Legacy - A service principal that represents an app created * before app registrations, or through legacy experiences. Legacy service principal can have credentials, service * principal names, reply URLs, and other properties which are editable by an authorized user, but does not have an * associated app registration. The appId value does not associate the service principal with an app registration. The * service principal can only be used in the tenant where it was created.SocialIdp - For internal use. */ servicePrincipalType?: NullableOption; /** * Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values * are:AzureADMyOrg: Users with a Microsoft work or school account in my organization's Microsoft Entra tenant * (single-tenant).AzureADMultipleOrgs: Users with a Microsoft work or school account in any organization's Microsoft * Entra tenant (multi-tenant).AzureADandPersonalMicrosoftAccount: Users with a personal Microsoft account, or a work or * school account in any organization's Microsoft Entra tenant.PersonalMicrosoftAccount: Users with a personal Microsoft * account only. */ signInAudience?: NullableOption; /** * Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union * of strings set here and on the associated application entity's tags property.Supports $filter (eq, not, ge, le, * startsWith). */ tags?: string[]; /** * Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues * tokens for this application encrypted using the key specified by this property. The application code that receives the * encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. */ tokenEncryptionKeyId?: NullableOption; // Specifies the verified publisher of the application which this service principal represents. verifiedPublisher?: NullableOption; // The appManagementPolicy applied to this application. appManagementPolicies?: NullableOption; // App role assignments for this app or service, granted to users, groups, and other service principals. Supports $expand. appRoleAssignedTo?: NullableOption; // App role assignment for another app or service, granted to this service principal. Supports $expand. appRoleAssignments?: NullableOption; // The claimsMappingPolicies assigned to this service principal. Supports $expand. claimsMappingPolicies?: NullableOption; // Directory objects created by this service principal. Read-only. Nullable. createdObjects?: NullableOption; delegatedPermissionClassifications?: NullableOption; endpoints?: NullableOption; /** * Federated identities for a specific type of service principal - managed identity. Supports $expand and $filter (/$count * eq 0, /$count ne 0). */ federatedIdentityCredentials?: NullableOption; // The homeRealmDiscoveryPolicies assigned to this service principal. Supports $expand. homeRealmDiscoveryPolicies?: NullableOption; // Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand. memberOf?: NullableOption; /** * Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. * Read-only. Nullable. */ oauth2PermissionGrants?: NullableOption; /** * Directory objects that are owned by this service principal. Read-only. Nullable. Supports $expand, $select nested in * $expand, and $filter (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). */ ownedObjects?: NullableOption; /** * Directory objects that are owners of this servicePrincipal. The owners are a set of non-admin users or * servicePrincipals who are allowed to modify this object. Read-only. Nullable. Supports $expand, $filter (/$count eq 0, * /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. */ owners?: NullableOption; /** * The remoteDesktopSecurityConfiguration object applied to this service principal. Supports $filter (eq) for * isRemoteDesktopProtocolEnabled property. */ remoteDesktopSecurityConfiguration?: NullableOption; // The tokenIssuancePolicies assigned to this service principal. tokenIssuancePolicies?: NullableOption; // The tokenLifetimePolicies assigned to this service principal. tokenLifetimePolicies?: NullableOption; transitiveMemberOf?: NullableOption; // Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. synchronization?: NullableOption; } export interface ApplicationTemplate extends Entity { /** * The list of categories for the application. Supported values can be: Collaboration, Business Management, Consumer, * Content management, CRM, Data services, Developer services, E-commerce, Education, ERP, Finance, Health, Human * resources, IT infrastructure, Mail, Management, Marketing, Media, Productivity, Project management, Telecommunications, * Tools, Travel, and Web design & hosting. */ categories?: NullableOption; // A description of the application. description?: NullableOption; // The name of the application. displayName?: NullableOption; // The home page URL of the application. homePageUrl?: NullableOption; // The URL to get the logo for this application. logoUrl?: NullableOption; // The name of the publisher for this application. publisher?: NullableOption; // The list of provisioning modes supported by this application. The only valid value is sync. supportedProvisioningTypes?: NullableOption; /** * The list of single sign-on modes supported by this application. The supported values are oidc, password, saml, and * notSupported. */ supportedSingleSignOnModes?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface ClaimsMappingPolicy extends StsPolicy {} export interface DelegatedPermissionClassification extends Entity { // The classification value being given. Possible value: low. Doesn't support $filter. classification?: NullableOption; /** * The unique identifier (id) for the delegated permission listed in the oauth2PermissionScopes collection of the * servicePrincipal. Required on create. Doesn't support $filter. */ permissionId?: NullableOption; /** * The claim value (value) for the delegated permission listed in the oauth2PermissionScopes collection of the * servicePrincipal. Doesn't support $filter. */ permissionName?: NullableOption; } export interface Endpoint extends DirectoryObject { capability?: string; providerId?: NullableOption; providerName?: NullableOption; providerResourceId?: NullableOption; uri?: string; } export interface RemoteDesktopSecurityConfiguration extends Entity { // Determines if Microsoft Entra ID RDS authentication protocol for RDP is enabled. isRemoteDesktopProtocolEnabled?: boolean; /** * The collection of target device groups that are associated with the RDS security configuration that will be enabled for * SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol. */ targetDeviceGroups?: NullableOption; } export interface AuthenticationCombinationConfiguration extends Entity { /** * Which authentication method combinations this configuration applies to. Must be an allowedCombinations object that's * defined for the authenticationStrengthPolicy. The only possible value for fido2combinationConfigurations is 'fido2'. */ appliesToCombinations?: AuthenticationMethodModes[]; } export interface AuthenticationMethodConfiguration extends Entity { // Groups of users that are excluded from a policy. excludeTargets?: NullableOption; // The state of the policy. Possible values are: enabled, disabled. state?: NullableOption; } export interface AuthenticationMethodModeDetail extends Entity { /** * The authentication method that this mode modifies. The possible values are: password, voice, hardwareOath, * softwareOath, sms, fido2, windowsHelloForBusiness, microsoftAuthenticator, temporaryAccessPass, email, x509Certificate, * federation, unknownFutureValue. */ authenticationMethod?: BaseAuthenticationMethod; // The display name of this mode displayName?: string; } export interface AuthenticationMethodsPolicy extends Entity { // A description of the policy. Read-only. description?: NullableOption; // The name of the policy. Read-only. displayName?: NullableOption; // The date and time of the last update to the policy. Read-only. lastModifiedDateTime?: NullableOption; /** * The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service * password reset (SSPR) policies. The possible values are: premigration - means the authentication methods policy is used * for authentication only, legacy policies are respected. migrationInProgress - means the authentication methods policy * is used for both authentication and SSPR, legacy policies are respected. migrationComplete - means the authentication * methods policy is used for authentication and SSPR, legacy policies are ignored. unknownFutureValue - Evolvable * enumeration sentinel value. Do not use. */ policyMigrationState?: NullableOption; // The version of the policy in use. Read-only. policyVersion?: NullableOption; reconfirmationInDays?: NullableOption; /** * Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication * methods. */ registrationEnforcement?: NullableOption; /** * Represents the settings for each authentication method. Automatically expanded on GET * /policies/authenticationMethodsPolicy. */ authenticationMethodConfigurations?: NullableOption; } export interface AuthenticationMethodTarget extends Entity { // Determines if the user is enforced to register the authentication method. isRegistrationRequired?: boolean; // Possible values are: user, group. targetType?: AuthenticationMethodTargetType; } export interface AuthenticationStrengthPolicy extends Entity { // A collection of authentication method modes that are required be used to satify this authentication strength. allowedCombinations?: AuthenticationMethodModes[]; // The datetime when this policy was created. createdDateTime?: string; // The human-readable description of this policy. description?: NullableOption; // The human-readable display name of this policy. Supports $filter (eq, ne, not , and in). displayName?: string; // The datetime when this policy was last modified. modifiedDateTime?: string; /** * A descriptor of whether this policy is built into Microsoft Entra ID or created by an admin for the tenant. The * possible values are: builtIn, custom, unknownFutureValue. Supports $filter (eq, ne, not , and in). */ policyType?: AuthenticationStrengthPolicyType; /** * A descriptor of whether this authentication strength grants the MFA claim upon successful satisfaction. The possible * values are: none, mfa, unknownFutureValue. */ requirementsSatisfied?: AuthenticationStrengthRequirements; /** * Settings that may be used to require specific types or instances of an authentication method to be used when * authenticating with a specified combination of authentication methods. */ combinationConfigurations?: NullableOption; } export interface AuthenticationStrengthRoot extends Entity { combinations?: AuthenticationMethodModes[]; // Names and descriptions of all valid authentication method modes in the system. authenticationMethodModes?: NullableOption; /** * A collection of authentication strength policies that exist for this tenant, including both built-in and custom * policies. */ policies?: NullableOption; } export interface ConditionalAccessRoot extends Entity { authenticationStrength?: NullableOption; // Read-only. Nullable. Returns a collection of the specified authentication context class references. authenticationContextClassReferences?: NullableOption; // Read-only. Nullable. Returns a collection of the specified named locations. namedLocations?: NullableOption; // Read-only. Nullable. Returns a collection of the specified Conditional Access (CA) policies. policies?: NullableOption; // Read-only. Nullable. Returns a collection of the specified Conditional Access templates. templates?: NullableOption; } export interface AuthenticationContextClassReference extends Entity { /** * A short explanation of the policies that are enforced by authenticationContextClassReference. This value should be used * to provide secondary text to describe the authentication context class reference when building user-facing admin * experiences. For example, a selection UX. */ description?: NullableOption; /** * The display name is the friendly name of the authenticationContextClassReference object. This value should be used to * identify the authentication context class reference when building user-facing admin experiences. For example, a * selection UX. */ displayName?: NullableOption; /** * Indicates whether the authenticationContextClassReference has been published by the security admin and is ready for use * by apps. When it's set to false, it shouldn't be shown in authentication context selection UX, or used to protect app * resources. It's shown and available for Conditional Access policy authoring. The default value is false. Supports * $filter (eq). */ isAvailable?: NullableOption; } export interface NamedLocation extends Entity { /** * The Timestamp type represents creation date and time of the location using ISO 8601 format and is always in UTC time. * For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ createdDateTime?: NullableOption; // Human-readable name of the location. displayName?: string; /** * The Timestamp type represents last modified date and time of the location using ISO 8601 format and is always in UTC * time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ modifiedDateTime?: NullableOption; } export interface ConditionalAccessPolicy extends Entity { // Specifies the rules that must be met for the policy to apply. Required. conditions?: ConditionalAccessConditionSet; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. */ createdDateTime?: NullableOption; description?: NullableOption; // Specifies a display name for the conditionalAccessPolicy object. displayName?: string; // Specifies the grant controls that must be fulfilled to pass the policy. grantControls?: NullableOption; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. */ modifiedDateTime?: NullableOption; // Specifies the session controls that are enforced after sign-in. sessionControls?: NullableOption; /** * Specifies the state of the conditionalAccessPolicy object. Possible values are: enabled, disabled, * enabledForReportingButNotEnforced. Required. */ state?: ConditionalAccessPolicyState; templateId?: NullableOption; } export interface ConditionalAccessTemplate extends Entity { // The user-friendly name of the template. description?: string; /** * Complete list of policy details specific to the template. This property contains the JSON of policy settings for * configuring a Conditional Access policy. */ details?: ConditionalAccessPolicyDetail; // The user-friendly name of the template. name?: string; /** * List of conditional access scenarios that the template is recommended for. The possible values are: new, * secureFoundation, zeroTrust, remoteWork, protectAdmins, emergingThreats, unknownFutureValue. This is a multi-valued * enum. Supports $filter (has). */ scenarios?: TemplateScenarios; } export interface EmailAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { /** * Determines whether email OTP is usable by external users for authentication. Possible values are: default, enabled, * disabled, unknownFutureValue. Tenants in the default state who didn't use public preview have email OTP enabled * beginning in October 2021. */ allowExternalIdToUseEmailOtp?: NullableOption; // A collection of groups that are enabled to use the authentication method. includeTargets?: NullableOption; } export interface Fido2AuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { // Determines whether attestation must be enforced for FIDO2 security key registration. isAttestationEnforced?: NullableOption; // Determines if users can register new FIDO2 security keys. isSelfServiceRegistrationAllowed?: NullableOption; /** * Controls whether key restrictions are enforced on FIDO2 security keys, either allowing or disallowing certain key types * as defined by Authenticator Attestation GUID (AAGUID), an identifier that indicates the type (e.g. make and model) of * the authenticator. */ keyRestrictions?: NullableOption; // A collection of groups that are enabled to use the authentication method. includeTargets?: NullableOption; } export interface Fido2CombinationConfiguration extends AuthenticationCombinationConfiguration { // A list of AAGUIDs allowed to be used as part of the specified authentication method combinations. allowedAAGUIDs?: string[]; } export interface MicrosoftAuthenticatorAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { /** * A collection of Microsoft Authenticator settings such as application context and location context, and whether they are * enabled for all users or specific users only. */ featureSettings?: NullableOption; isSoftwareOathEnabled?: NullableOption; // A collection of groups that are enabled to use the authentication method. Expanded by default. includeTargets?: NullableOption; } export interface MicrosoftAuthenticatorAuthenticationMethodTarget extends AuthenticationMethodTarget { /** * Determines which types of notifications can be used for sign-in. Possible values are: any, deviceBasedPush * (passwordless only), push. */ authenticationMode?: MicrosoftAuthenticatorAuthenticationMode; } export interface PolicyRoot extends Entity { /** * The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication * (MFA) in Microsoft Entra ID. */ authenticationMethodsPolicy?: NullableOption; // The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access. authenticationStrengthPolicies?: NullableOption; // The policy configuration of the self-service sign-up experience of external users. authenticationFlowsPolicy?: NullableOption; // The policy that controls the idle time out for web sessions for applications. activityBasedTimeoutPolicies?: NullableOption; /** * The policies that enforce app management restrictions for specific applications and service principals, overriding the * defaultAppManagementPolicy. */ appManagementPolicies?: NullableOption; // The policy that controls Microsoft Entra authorization settings. authorizationPolicy?: NullableOption; /** * The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific * application. */ claimsMappingPolicies?: NullableOption; // The custom rules that define an access scenario when interacting with external Microsoft Entra tenants. crossTenantAccessPolicy?: NullableOption; // The tenant-wide policy that enforces app management restrictions for all applications and service principals. defaultAppManagementPolicy?: NullableOption; // The policy to control Microsoft Entra authentication behavior for federated users. homeRealmDiscoveryPolicies?: NullableOption; // The policy that specifies the conditions under which consent can be granted. permissionGrantPolicies?: NullableOption; // The policy that specifies the characteristics of SAML tokens issued by Microsoft Entra ID. tokenIssuancePolicies?: NullableOption; /** * The policy that controls the lifetime of a JWT access token, an ID token, or a SAML 1.1/2.0 token issued by Microsoft * Entra ID. */ tokenLifetimePolicies?: NullableOption; // The feature rollout policy associated with a directory object. featureRolloutPolicies?: NullableOption; // The policy by which consent requests are created and managed for the entire tenant. adminConsentRequestPolicy?: NullableOption; // The custom rules that define an access scenario. conditionalAccessPolicies?: NullableOption; // The policy that represents the security defaults that protect against common attacks. identitySecurityDefaultsEnforcementPolicy?: NullableOption; // Specifies the various policies associated with scopes and roles. roleManagementPolicies?: NullableOption; // The assignment of a role management policy to a role definition object. roleManagementPolicyAssignments?: NullableOption; } export interface AuthenticationFlowsPolicy extends Entity { // Inherited property. A description of the policy. Optional. Read-only. description?: NullableOption; // Inherited property. The human-readable name of the policy. Optional. Read-only. displayName?: NullableOption; /** * Contains selfServiceSignUpAuthenticationFlowConfiguration settings that convey whether self-service sign-up is enabled * or disabled. Optional. Read-only. */ selfServiceSignUp?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface ActivityBasedTimeoutPolicy extends StsPolicy {} export interface AuthorizationPolicy extends PolicyBase { // Indicates whether users can sign up for email based subscriptions. allowedToSignUpEmailBasedSubscriptions?: boolean; // Indicates whether users can use the Self-Service Password Reset feature on the tenant. allowedToUseSSPR?: boolean; // Indicates whether a user can join the tenant by email validation. allowEmailVerifiedUsersToJoinOrganization?: boolean; /** * Indicates who can invite external users to the organization. Possible values are: none, adminsAndGuestInviters, * adminsGuestInvitersAndAllMembers, everyone. everyone is the default setting for all cloud environments except US * Government. For more information, see allowInvitesFrom values. */ allowInvitesFrom?: NullableOption; /** * Indicates whether user consent for risky apps is allowed. We recommend keeping allowUserConsentForRiskyApps as false. * Default value is false. */ allowUserConsentForRiskyApps?: NullableOption; /** * To disable the use of MSOL PowerShell, set this property to true. This also disables user-based access to the legacy * service endpoint used by MSOL PowerShell. This doesn't affect Microsoft Entra Connect or Microsoft Graph. */ blockMsolPowerShell?: NullableOption; // Specifies certain customizable permissions for default user role. defaultUserRolePermissions?: DefaultUserRolePermissions; /** * Represents role templateId for the role that should be granted to guest user. Currently following roles are supported: * User (a0b1b346-4d3e-4e8b-98f8-753987be4970), Guest User (10dae51f-b6af-4016-8d66-8c2a99b929b3), and Restricted Guest * User (2af84b1e-32c8-42b7-82bc-daa82404023b). */ guestUserRoleId?: NullableOption; } export interface CrossTenantAccessPolicy extends PolicyBase { /** * Used to specify which Microsoft clouds an organization would like to collaborate with. By default, this value is empty. * Supported values for this field are: microsoftonline.com, microsoftonline.us, and partner.microsoftonline.cn. */ allowedCloudEndpoints?: string[]; // Defines the default configuration for how your organization interacts with external Microsoft Entra organizations. default?: NullableOption; // Defines partner-specific configurations for external Microsoft Entra organizations. partners?: NullableOption; } export interface TenantAppManagementPolicy extends PolicyBase { // Restrictions that apply as default to all application objects in the tenant. applicationRestrictions?: NullableOption; // Denotes whether the policy is enabled. Default value is false. isEnabled?: boolean; // Restrictions that apply as default to all service principal objects in the tenant. servicePrincipalRestrictions?: NullableOption; } export interface PermissionGrantPolicy extends PolicyBase { // Condition sets which are excluded in this permission grant policy. Automatically expanded on GET. excludes?: NullableOption; // Condition sets which are included in this permission grant policy. Automatically expanded on GET. includes?: NullableOption; } export interface FeatureRolloutPolicy extends Entity { // A description for this feature rollout policy. description?: NullableOption; // The display name for this feature rollout policy. displayName?: string; // Possible values are: passthroughAuthentication, seamlessSso, passwordHashSync, emailAsAlternateId, unknownFutureValue. feature?: StagedFeatureName; // Indicates whether this feature rollout policy should be applied to the entire organization. isAppliedToOrganization?: boolean; // Indicates whether the feature rollout is enabled. isEnabled?: boolean; // Nullable. Specifies a list of directoryObjects that feature is enabled for. appliesTo?: NullableOption; } export interface AdminConsentRequestPolicy extends Entity { // Specifies whether the admin consent request feature is enabled or disabled. Required. isEnabled?: boolean; // Specifies whether reviewers will receive notifications. Required. notifyReviewers?: boolean; // Specifies whether reviewers will receive reminder emails. Required. remindersEnabled?: boolean; // Specifies the duration the request is active before it automatically expires if no decision is applied. requestDurationInDays?: number; // The list of reviewers for the admin consent. Required. reviewers?: NullableOption; // Specifies the version of this policy. When the policy is updated, this version is updated. Read-only. version?: number; } // tslint:disable-next-line: interface-name export interface IdentitySecurityDefaultsEnforcementPolicy extends PolicyBase { // If set to true, Microsoft Entra security defaults are enabled for the tenant. isEnabled?: boolean; } export interface UnifiedRoleManagementPolicy extends Entity { // Description for the policy. description?: string; // Display name for the policy. displayName?: string; /** * This can only be set to true for a single tenant-wide policy which will apply to all scopes and roles. Set the scopeId * to / and scopeType to Directory. Supports $filter (eq, ne). */ isOrganizationDefault?: NullableOption; // The identity who last modified the role setting. lastModifiedBy?: NullableOption; // The time when the role setting was last modified. lastModifiedDateTime?: NullableOption; // The identifier of the scope where the policy is created. Can be / for the tenant or a group ID. Required. scopeId?: string; // The type of the scope where the policy is created. One of Directory, DirectoryRole, Group. Required. scopeType?: string; /** * The list of effective rules like approval rules and expiration rules evaluated based on inherited referenced rules. For * example, if there is a tenant-wide policy to enforce enabling an approval rule, the effective rule will be to enable * approval even if the policy has a rule to disable approval. Supports $expand. */ effectiveRules?: NullableOption; // The collection of rules like approval rules and expiration rules. Supports $expand. rules?: NullableOption; } export interface UnifiedRoleManagementPolicyAssignment extends Entity { // The id of the policy. Inherited from entity. policyId?: string; /** * For Microsoft Entra roles policy, it's the identifier of the role definition object where the policy applies. For PIM * for groups membership and ownership, it's either member or owner. Supports $filter (eq). */ roleDefinitionId?: NullableOption; // The identifier of the scope where the policy is assigned. Can be / for the tenant or a group ID. Required. scopeId?: string; // The type of the scope where the policy is assigned. One of Directory, DirectoryRole, Group. Required. scopeType?: string; /** * The policy that's associated with a policy assignment. Supports $expand and a nested $expand of the rules and * effectiveRules relationships for the policy. */ policy?: NullableOption; } export interface SmsAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { // A collection of groups that are enabled to use the authentication method. includeTargets?: NullableOption; } export interface SmsAuthenticationMethodTarget extends AuthenticationMethodTarget { /** * Determines if users can use this authentication method to sign in to Microsoft Entra ID. true if users can use this * method for primary authentication, otherwise false. */ isUsableForSignIn?: boolean; } export interface SoftwareOathAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { // A collection of groups that are enabled to use the authentication method. Expanded by default. includeTargets?: NullableOption; } export interface TemporaryAccessPassAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { // Default length in characters of a Temporary Access Pass object. Must be between 8 and 48 characters. defaultLength?: NullableOption; /** * Default lifetime in minutes for a Temporary Access Pass. Value can be any integer between the minimumLifetimeInMinutes * and maximumLifetimeInMinutes. */ defaultLifetimeInMinutes?: NullableOption; /** * If true, all the passes in the tenant will be restricted to one-time use. If false, passes in the tenant can be created * to be either one-time use or reusable. */ isUsableOnce?: NullableOption; /** * Maximum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 * minutes (equivalent to 30 days). */ maximumLifetimeInMinutes?: NullableOption; /** * Minimum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 * minutes (equivalent to 30 days). */ minimumLifetimeInMinutes?: NullableOption; // A collection of groups that are enabled to use the authentication method. includeTargets?: NullableOption; } export interface VoiceAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { // true if users can register office phones, otherwise, false. isOfficePhoneAllowed?: NullableOption; // A collection of groups that are enabled to use the authentication method. Expanded by default. includeTargets?: NullableOption; } export interface X509CertificateAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { /** * Defines strong authentication configurations. This configuration includes the default authentication mode and the * different rules for strong authentication bindings. */ authenticationModeConfiguration?: NullableOption; /** * Defines fields in the X.509 certificate that map to attributes of the Microsoft Entra user object in order to bind the * certificate to the user. The priority of the object determines the order in which the binding is carried out. The first * binding that matches will be used and the rest ignored. */ certificateUserBindings?: NullableOption; // A collection of groups that are enabled to use the authentication method. includeTargets?: NullableOption; } export interface Bitlocker extends Entity { // The recovery keys associated with the bitlocker entity. recoveryKeys?: NullableOption; } export interface BitlockerRecoveryKey extends Entity { // The date and time when the key was originally backed up to Microsoft Entra ID. Not nullable. createdDateTime?: string; // Identifier of the device the BitLocker key is originally backed up from. Supports $filter (eq). deviceId?: NullableOption; // The BitLocker recovery key. Returned only on $select. Not nullable. key?: string; /** * Indicates the type of volume the BitLocker key is associated with. The possible values are: 1 (for * operatingSystemVolume), 2 (for fixedDataVolume), 3 (for removableDataVolume), and 4 (for unknownFutureValue). */ volumeType?: NullableOption; } // tslint:disable-next-line: interface-name export interface InformationProtection { bitlocker?: NullableOption; threatAssessmentRequests?: NullableOption; } export interface ThreatAssessmentRequest extends Entity { // The threat category. Possible values are: spam, phishing, malware. category?: ThreatCategory; // The content type of threat assessment. Possible values are: mail, url, file. contentType?: NullableOption; // The threat assessment request creator. createdBy?: NullableOption; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ createdDateTime?: NullableOption; // The expected assessment from submitter. Possible values are: block, unblock. expectedAssessment?: ThreatExpectedAssessment; // The source of the threat assessment request. Possible values are: administrator. requestSource?: NullableOption; // The assessment process status. Possible values are: pending, completed. status?: NullableOption; /** * A collection of threat assessment results. Read-only. By default, a GET /threatAssessmentRequests/{id} does not return * this property unless you apply $expand on it. */ results?: NullableOption; } export interface BookingAppointment extends Entity { // Additional information that is sent to the customer when an appointment is confirmed. additionalInformation?: NullableOption; // The URL of the meeting to join anonymously. anonymousJoinWebUrl?: NullableOption; /** * A collection of customer properties for an appointment. An appointment contains a list of customer information and each * unit will indicate the properties of a customer who is part of that appointment. Optional. */ customers?: BookingCustomerInformationBase[]; // The time zone of the customer. For a list of possible values, see dateTimeTimeZone. customerTimeZone?: NullableOption; // The length of the appointment, denoted in ISO8601 format. duration?: string; // The date, time, and time zone that the appointment ends. endDateTime?: DateTimeTimeZone; // The current number of customers in the appointment filledAttendeesCount?: number; // If true, indicates that the appointment will be held online. Default value is false. isLocationOnline?: boolean; // The URL of the online meeting for the appointment. joinWebUrl?: NullableOption; /** * The maximum number of customers allowed in an appointment. If maximumAttendeesCount of the service is greater than 1, * pass valid customer IDs while creating or updating an appointment. To create a customer, use the Create bookingCustomer * operation. */ maximumAttendeesCount?: number; /** * If true indicates that the bookingCustomer for this appointment doesn't wish to receive a confirmation for this * appointment. */ optOutOfCustomerEmail?: boolean; /** * The amount of time to reserve after the appointment ends, for cleaning up, as an example. The value is expressed in * ISO8601 format. */ postBuffer?: string; /** * The amount of time to reserve before the appointment begins, for preparation, as an example. The value is expressed in * ISO8601 format. */ preBuffer?: string; // The regular price for an appointment for the specified bookingService. price?: number; /** * A setting to provide flexibility for the pricing structure of services. Possible values are: undefined, fixedPrice, * startingAt, hourly, free, priceVaries, callUs, notSet, unknownFutureValue. */ priceType?: BookingPriceType; // The value of this property is only available when reading an individual booking appointment by id. reminders?: NullableOption; /** * An additional tracking ID for the appointment, if the appointment has been created directly by the customer on the * scheduling page, as opposed to by a staff member on the behalf of the customer. Only supported for appointment if * maxAttendeeCount is 1. */ selfServiceAppointmentId?: NullableOption; // The ID of the bookingService associated with this appointment. serviceId?: NullableOption; // The location where the service is delivered. serviceLocation?: NullableOption; /** * This property is optional when creating a new appointment. If not specified, it is computed from the service associated * with the appointment by the service id. */ serviceName?: string; // The value of this property is only available when reading an individual booking appointment by id. serviceNotes?: NullableOption; // If true, indicates SMS notifications will be sent to the customers for the appointment. Default value is false. smsNotificationsEnabled?: boolean; // The ID of each bookingStaffMember who is scheduled in this appointment. staffMemberIds?: NullableOption; // The date, time, and time zone that the appointment begins. startDateTime?: DateTimeTimeZone; } export interface BookingBusiness extends Entity { /** * The street address of the business. The address property, together with phone and webSiteUrl, appear in the footer of a * business scheduling page. The attribute type of physicalAddress is not supported in v1.0. Internally we map the * addresses to the type others. */ address?: NullableOption; // The hours of operation for the business. businessHours?: NullableOption; // The type of business. businessType?: NullableOption; // The code for the currency that the business operates in on Microsoft Bookings. defaultCurrencyIso?: NullableOption; // The display name is suitable for human-readable interfaces. displayName?: string; // The email address for the business. email?: NullableOption; /** * The scheduling page has been made available to external customers. Use the publish and unpublish actions to set this * property. Read-only. */ isPublished?: NullableOption; // The language of the self-service booking page. languageTag?: NullableOption; /** * The telephone number for the business. The phone property, together with address and webSiteUrl, appear in the footer * of a business scheduling page. */ phone?: NullableOption; // The URL for the scheduling page, which is set after you publish or unpublish the page. Read-only. publicUrl?: NullableOption; // Specifies how bookings can be created for this business. schedulingPolicy?: NullableOption; // Example: https://www.contoso.com webSiteUrl?: NullableOption; // All the appointments of this business. Read-only. Nullable. appointments?: NullableOption; // The set of appointments of this business in a specified date range. Read-only. Nullable. calendarView?: NullableOption; // All the customers of this business. Read-only. Nullable. customers?: NullableOption; // All the custom questions of this business. Read-only. Nullable. customQuestions?: NullableOption; // All the services offered by this business. Read-only. Nullable. services?: NullableOption; // All the staff members that provide services in this business. Read-only. Nullable. staffMembers?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface BookingCustomerBase extends Entity {} export interface BookingCustomQuestion extends Entity { // The expected answer type. The possible values are: text, radioButton, unknownFutureValue. answerInputType?: NullableOption; // List of possible answer values. answerOptions?: NullableOption; // The display name is suitable for human-readable interfaces. displayName?: string; } export interface BookingService extends Entity { // Additional information that is sent to the customer when an appointment is confirmed. additionalInformation?: NullableOption; // Contains the set of custom questions associated with a particular service. customQuestions?: NullableOption; /** * The default length of the service, represented in numbers of days, hours, minutes, and seconds. For example, * P11D23H59M59.999999999999S. */ defaultDuration?: string; // The default physical location for the service. defaultLocation?: NullableOption; // The default monetary price for the service. defaultPrice?: number; /** * The default way the service is charged. Possible values are: undefined, fixedPrice, startingAt, hourly, free, * priceVaries, callUs, notSet, unknownFutureValue. */ defaultPriceType?: BookingPriceType; // The value of this property is only available when reading an individual booking service by id. defaultReminders?: NullableOption; // A text description for the service. description?: NullableOption; // The display name is suitable for human-readable interfaces. displayName?: string; /** * True if the URL to join the appointment anonymously (anonymousJoinWebUrl) will be generated for the appointment booked * for this service. */ isAnonymousJoinEnabled?: boolean; // True means this service is not available to customers for booking. isHiddenFromCustomers?: boolean; // True indicates that the appointments for the service will be held online. Default value is false. isLocationOnline?: boolean; // The language of the self-service booking page. languageTag?: string; /** * The maximum number of customers allowed in a service. If maximumAttendeesCount of the service is greater than 1, pass * valid customer IDs while creating or updating an appointment. To create a customer, use the Create bookingCustomer * operation. */ maximumAttendeesCount?: number; // Additional information about this service. notes?: NullableOption; // The time to buffer after an appointment for this service ends, and before the next customer appointment can be booked. postBuffer?: string; // The time to buffer before an appointment for this service can start. preBuffer?: string; // The set of policies that determine how appointments for this type of service should be created and managed. schedulingPolicy?: NullableOption; /** * True indicates SMS notifications can be sent to the customers for the appointment of the service. Default value is * false. */ smsNotificationsEnabled?: boolean; // Represents those staff members who provide this service. staffMemberIds?: NullableOption; // The URL a customer uses to access the service. webUrl?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface BookingStaffMemberBase extends Entity {} export interface BookingCurrency extends Entity { // The currency symbol. For example, the currency symbol for the US dollar and for the Australian dollar is $. symbol?: string; } export interface BookingCustomer extends BookingCustomerBase { /** * Addresses associated with the customer. The attribute type of physicalAddress is not supported in v1.0. Internally we * map the addresses to the type others. */ addresses?: NullableOption; // The display name is suitable for human-readable interfaces. displayName?: string; // The SMTP address of the customer. emailAddress?: NullableOption; // Phone numbers associated with the customer, including home, business and mobile numbers. phones?: NullableOption; } export interface BookingStaffMember extends BookingStaffMemberBase { /** * True means that if the staff member is a Microsoft 365 user, the Bookings API would verify the staff member's * availability in their personal calendar in Microsoft 365, before making a booking. */ availabilityIsAffectedByPersonalCalendar?: boolean; // The display name is suitable for human-readable interfaces. displayName?: string; /** * The email address of the staff member. This can be in the same Microsoft 365 tenant as the business, or in a different * email domain. This email address can be used if the sendConfirmationsToOwner property is set to true in the scheduling * policy of the business. Required. */ emailAddress?: NullableOption; // True indicates that a staff member will be notified via email when a booking assigned to them is created or changed. isEmailNotificationEnabled?: boolean; /** * The role of the staff member in the business. Possible values are: guest, administrator, viewer, externalGuest, * unknownFutureValue, scheduler, teamMember. Note that you must use the Prefer: include-unknown-enum-members request * header to get the following values from this evolvable enum: scheduler, teamMember. Required. */ role?: BookingStaffRole; // The time zone of the staff member. For a list of possible values, see dateTimeTimeZone. timeZone?: NullableOption; /** * True means the staff member's availability is as specified in the businessHours property of the business. False means * the availability is determined by the staff member's workingHours property setting. */ useBusinessHours?: boolean; /** * The range of hours each day of the week that the staff member is available for booking. By default, they are * initialized to be the same as the businessHours property of the business. */ workingHours?: NullableOption; } export interface SolutionsRoot { bookingBusinesses?: NullableOption; bookingCurrencies?: NullableOption; virtualEvents?: NullableOption; } export interface VirtualEventsRoot extends Entity { events?: NullableOption; webinars?: NullableOption; } export interface AuthoredNote extends Entity { // Identity information about the note's author. author?: NullableOption; // The content of the note. content?: NullableOption; /** * The date and time when the entity was created. The Timestamp type represents date and time information using ISO 8601 * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ createdDateTime?: NullableOption; } export interface Privacy { subjectRightsRequests?: NullableOption; } export interface SubjectRightsRequest extends Entity { // Identity that the request is assigned to. assignedTo?: NullableOption; /** * The date and time when the request was closed. The timestamp type represents date and time information using ISO 8601 * format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ closedDateTime?: NullableOption; /** * KQL based content query that should be used for search. This property is defined only for APIs accessed using the * /security query path and not the /privacy query path. */ contentQuery?: NullableOption; // Identity information for the entity that created the request. createdBy?: NullableOption; /** * The date and time when the request was created. The timestamp type represents date and time information using ISO 8601 * format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ createdDateTime?: NullableOption; // Information about the data subject. dataSubject?: NullableOption; /** * The type of the data subject. Possible values are: customer, currentEmployee, formerEmployee, prospectiveEmployee, * student, teacher, faculty, other, unknownFutureValue. */ dataSubjectType?: NullableOption; // Description for the request. description?: NullableOption; // The name of the request. displayName?: NullableOption; /** * The external ID for the request that is immutable after creation and is used for tracking the request for the external * system. This property is defined only for APIs accessed using the /security query path and not the /privacy query path. */ externalId?: NullableOption; // Collection of history change events. history?: NullableOption; /** * Include all versions of the documents. By default, the current copies of the documents are returned. If SharePoint * sites have versioning enabled, including all versions includes the historical copies of the documents. This property is * defined only for APIs accessed using the /security query path and not the /privacy query path. */ includeAllVersions?: NullableOption; /** * Include content authored by the data subject. This property is defined only for APIs accessed using the /security query * path and not the /privacy query path. */ includeAuthoredContent?: NullableOption; // Insight about the request. insight?: NullableOption; /** * The date and time when the request is internally due. The timestamp type represents date and time information using ISO * 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ internalDueDateTime?: NullableOption; // Identity information for the entity that last modified the request. lastModifiedBy?: NullableOption; /** * The date and time when the request was last modified. The timestamp type represents date and time information using ISO * 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ lastModifiedDateTime?: NullableOption; /** * The mailbox locations that should be searched. This property is defined only for APIs accessed using the /security * query path and not the /privacy query path. */ mailboxLocations?: NullableOption; /** * Pause the request after estimate has finished. By default, the data estimate runs and then pauses, allowing you to * preview results and then select the option to retrieve data in the UI. You can set this property to false if you want * it to perform the estimate and then automatically begin with the retrieval of the content. This property is defined * only for APIs accessed using the /security query path and not the /privacy query path. */ pauseAfterEstimate?: NullableOption; // List of regulations that this request fulfill. regulations?: NullableOption; /** * The SharePoint and OneDrive site locations that should be searched. This property is defined only for APIs accessed * using the /security query path and not the /privacy query path. */ siteLocations?: NullableOption; // Information about the different stages for the request. stages?: NullableOption; // The status of the request. Possible values are: active, closed, unknownFutureValue. status?: NullableOption; // The type of the request. Possible values are: export, delete, access, tagForAction, unknownFutureValue. type?: NullableOption; // Collection of users who can approve the request. Currently only supported for requests of type delete. approvers?: NullableOption; // Collection of users who can collaborate on the request. collaborators?: NullableOption; // List of notes associated with the request. notes?: NullableOption; // Information about the Microsoft Teams team that was created for the request. team?: NullableOption; } export interface Security extends Entity { subjectRightsRequests?: NullableOption; cases?: NullableOption; // A collection of alerts in Microsoft 365 Defender. alerts_v2?: NullableOption; /** * A collection of incidents in Microsoft 365 Defender, each of which is a set of correlated alerts and associated * metadata that reflects the story of an attack. */ incidents?: NullableOption; attackSimulation?: NullableOption; triggers?: NullableOption; triggerTypes?: NullableOption; alerts?: NullableOption; secureScoreControlProfiles?: NullableOption; secureScores?: NullableOption; threatIntelligence?: NullableOption; } export interface AttackSimulationRoot extends Entity { // Represents an end user's notification for an attack simulation training. endUserNotifications?: NullableOption; // Represents an attack simulation training landing page. landingPages?: NullableOption; // Represents an attack simulation training login page. loginPages?: NullableOption; // Represents an attack simulation training operation. operations?: NullableOption; // Represents an attack simulation training campaign payload in a tenant. payloads?: NullableOption; // Represents simulation automation created to run on a tenant. simulationAutomations?: NullableOption; // Represents an attack simulation training campaign in a tenant. simulations?: NullableOption; // Represents details about attack simulation trainings. trainings?: NullableOption; } export interface Alert extends Entity { // Name or alias of the activity group (attacker) this alert is attributed to. activityGroupName?: NullableOption; alertDetections?: NullableOption; // Name of the analyst the alert is assigned to for triage, investigation, or remediation (supports update). assignedTo?: NullableOption; // Azure subscription ID, present if this alert is related to an Azure resource. azureSubscriptionId?: NullableOption; // Microsoft Entra tenant ID. Required. azureTenantId?: string; // Category of the alert (for example, credentialTheft, ransomware, etc.). category?: NullableOption; /** * Time at which the alert was closed. The Timestamp type represents date and time information using ISO 8601 format and * is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z (supports update). */ closedDateTime?: NullableOption; // Security-related stateful information generated by the provider about the cloud application/s related to this alert. cloudAppStates?: NullableOption; // Customer-provided comments on alert (for customer alert management) (supports update). comments?: NullableOption; // Confidence of the detection logic (percentage between 1-100). confidence?: NullableOption; /** * Time at which the alert was created by the alert provider. The Timestamp type represents date and time information * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. * Required. */ createdDateTime?: NullableOption; // Alert description. description?: NullableOption; // Set of alerts related to this alert entity (each alert is pushed to the SIEM as a separate record). detectionIds?: NullableOption; /** * Time at which the event(s) that served as the trigger(s) to generate the alert occurred. The Timestamp type represents * date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z. Required. */ eventDateTime?: NullableOption; /** * Analyst feedback on the alert. Possible values are: unknown, truePositive, falsePositive, benignPositive. (supports * update) */ feedback?: NullableOption; // Security-related stateful information generated by the provider about the file(s) related to this alert. fileStates?: NullableOption; historyStates?: NullableOption; // Security-related stateful information generated by the provider about the host(s) related to this alert. hostStates?: NullableOption; // IDs of incidents related to current alert. incidentIds?: NullableOption; investigationSecurityStates?: NullableOption; lastEventDateTime?: NullableOption; /** * Time at which the alert entity was last modified. The Timestamp type represents date and time information using ISO * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ lastModifiedDateTime?: NullableOption; // Threat Intelligence pertaining to malware related to this alert. malwareStates?: NullableOption; messageSecurityStates?: NullableOption; // Security-related stateful information generated by the provider about the network connection(s) related to this alert. networkConnections?: NullableOption; // Security-related stateful information generated by the provider about the process or processes related to this alert. processes?: NullableOption; /** * Vendor/provider recommended action(s) to take as a result of the alert (for example, isolate machine, enforce2FA, * reimage host). */ recommendedActions?: NullableOption; // Security-related stateful information generated by the provider about the registry keys related to this alert. registryKeyStates?: NullableOption; // Resources related to current alert. For example, for some alerts this can have the Azure Resource value. securityResources?: NullableOption; // Alert severity - set by vendor/provider. Possible values are: unknown, informational, low, medium, high. Required. severity?: AlertSeverity; /** * Hyperlinks (URIs) to the source material related to the alert, for example, provider's user interface for alerts or log * search, etc. */ sourceMaterials?: NullableOption; /** * Alert lifecycle status (stage). Possible values are: unknown, newAlert, inProgress, resolved. (supports update). * Required. */ status?: AlertStatus; /** * User-definable labels that can be applied to an alert and can serve as filter conditions (for example 'HVA', 'SAW', * etc.) (supports update). */ tags?: NullableOption; // Alert title. Required. title?: NullableOption; /** * Security-related information about the specific properties that triggered the alert (properties appearing in the * alert). Alerts might contain information about multiple users, hosts, files, ip addresses. This field indicates which * properties triggered the alert generation. */ triggers?: NullableOption; uriClickSecurityStates?: NullableOption; // Security-related stateful information generated by the provider about the user accounts related to this alert. userStates?: NullableOption; /** * Complex type containing details about the security product/service vendor, provider, and subprovider (for example, * vendor=Microsoft; provider=Windows Defender ATP; subProvider=AppLocker). Required. */ vendorInformation?: NullableOption; // Threat intelligence pertaining to one or more vulnerabilities related to this alert. vulnerabilityStates?: NullableOption; } export interface SecureScoreControlProfile extends Entity { // Control action type (Config, Review, Behavior). actionType?: NullableOption; // URL to where the control can be actioned. actionUrl?: NullableOption; // GUID string for tenant ID. azureTenantId?: string; // The collection of compliance information associated with secure score control complianceInformation?: NullableOption; // Control action category (Identity, Data, Device, Apps, Infrastructure). controlCategory?: NullableOption; // Flag to indicate where the tenant has marked a control (ignored, thirdParty, reviewed) (supports update). controlStateUpdates?: NullableOption; // Flag to indicate if a control is depreciated. deprecated?: NullableOption; // Resource cost of implemmentating control (low, moderate, high). implementationCost?: NullableOption; // Time at which the control profile entity was last modified. The Timestamp type represents date and time lastModifiedDateTime?: NullableOption; // max attainable score for the control. maxScore?: NullableOption; // Microsoft's stack ranking of control. rank?: NullableOption; // Description of what the control will help remediate. remediation?: NullableOption; // Description of the impact on users of the remediation. remediationImpact?: NullableOption; // Service that owns the control (Exchange, Sharepoint, Microsoft Entra ID). service?: NullableOption; // List of threats the control mitigates (accountBreach, dataDeletion, dataExfiltration, dataSpillage, threats?: NullableOption; tier?: NullableOption; title?: NullableOption; userImpact?: NullableOption; vendorInformation?: NullableOption; } export interface SecureScore extends Entity { // Active user count of the given tenant. activeUserCount?: NullableOption; /** * Average score by different scopes (for example, average by industry, average by seating) and control category * (Identity, Data, Device, Apps, Infrastructure) within the scope. */ averageComparativeScores?: NullableOption; // GUID string for tenant ID. azureTenantId?: string; // Contains tenant scores for a set of controls. controlScores?: NullableOption; // The date when the entity is created. createdDateTime?: NullableOption; // Tenant current attained score on specified date. currentScore?: NullableOption; // Microsoft-provided services for the tenant (for example, Exchange online, Skype, Sharepoint). enabledServices?: NullableOption; // Licensed user count of the given tenant. licensedUserCount?: NullableOption; // Tenant maximum possible score on specified date. maxScore?: NullableOption; /** * Complex type containing details about the security product/service vendor, provider, and subprovider (for example, * vendor=Microsoft; provider=SecureScore). Required. */ vendorInformation?: NullableOption; } export interface Channel extends Entity { // Read only. Timestamp at which the channel was created. createdDateTime?: NullableOption; // Optional textual description for the channel. description?: NullableOption; // Channel name as it will appear to the user in Microsoft Teams. The maximum length is 50 characters. displayName?: string; // The email address for sending messages to the channel. Read-only. email?: NullableOption; /** * Indicates whether the channel should automatically be marked 'favorite' for all members of the team. Can only be set * programmatically with Create team. Default: false. */ isFavoriteByDefault?: NullableOption; /** * The type of the channel. Can be set during creation and can't be changed. The possible values are: standard, private, * unknownFutureValue, shared. The default value is standard. Note that you must use the Prefer: * include-unknown-enum-members request header to get the following value in this evolvable enum: shared. */ membershipType?: NullableOption; /** * Contains summary information about the channel, including number of owners, members, guests, and an indicator for * members from other tenants. The summary property will only be returned if it is specified in the $select clause of the * Get channel method. */ summary?: NullableOption; // The ID of the Microsoft Entra tenant. tenantId?: NullableOption; /** * A hyperlink that will go to the channel in Microsoft Teams. This is the URL that you get when you right-click a channel * in Microsoft Teams and select Get link to channel. This URL should be treated as an opaque blob, and not parsed. * Read-only. */ webUrl?: NullableOption; // Metadata for the location where the channel's files are stored. filesFolder?: NullableOption; // A collection of membership records associated with the channel. members?: NullableOption; // A collection of all the messages in the channel. A navigation property. Nullable. messages?: NullableOption; // A collection of teams with which a channel is shared. sharedWithTeams?: NullableOption; // A collection of all the tabs in the channel. A navigation property. tabs?: NullableOption; } export interface Group extends DirectoryObject { /** * The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. Returned only on * $select. */ assignedLabels?: NullableOption; // The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq).Read-only. assignedLicenses?: NullableOption; /** * Describes a classification for the group (such as low, medium or high business impact). Valid values for this property * are defined by creating a ClassificationList setting value, based on the template definition.Returned by default. * Supports $filter (eq, ne, not, ge, le, startsWith). */ classification?: NullableOption; /** * Timestamp of when the group was created. The value cannot be modified and is automatically populated when the group is * created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For * example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. */ createdDateTime?: NullableOption; /** * An optional description for the group. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and * $search. */ description?: NullableOption; /** * The display name for the group. This property is required when a group is created and cannot be cleared during updates. * Maximum length is 256 characters. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on * null values), $search, and $orderby. */ displayName?: NullableOption; /** * Timestamp of when the group is set to expire. It is null for security groups, but for Microsoft 365 groups, it * represents when the group is set to expire as defined in the groupLifecyclePolicy. The Timestamp type represents date * and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. */ expirationDateTime?: NullableOption; /** * Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; * otherwise, it's either a security group or a distribution group. For details, see groups overview.If the collection * includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. * Supports $filter (eq, not). */ groupTypes?: string[]; /** * Indicates whether there are members in this group that have license errors from its group-based license assignment. * This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have * members with license errors (that is, filter for this property being true). See an example. Supports $filter (eq). */ hasMembersWithLicenseErrors?: NullableOption; /** * Indicates whether this group can be assigned to a Microsoft Entra role. Optional. This property can only be set while * creating the group and is immutable. If set to true, the securityEnabled property must also be set to true, visibility * must be Hidden, and the group cannot be a dynamic group (that is, groupTypes cannot contain DynamicMembership). Only * callers in Global Administrator and Privileged Role Administrator roles can set this property. The caller must also be * assigned the RoleManagement.ReadWrite.Directory permission to set this property or update the membership of such * groups. For more, see Using a group to manage Microsoft Entra role assignmentsUsing this feature requires a Microsoft * Entra ID P1 license. Returned by default. Supports $filter (eq, ne, not). */ isAssignableToRole?: NullableOption; /** * Indicates the status of the group license assignment to all group members. The default value is false. Read-only. * Possible values: QueuedForProcessing, ProcessingInProgress, and ProcessingComplete.Returned only on $select. Read-only. */ licenseProcessingState?: NullableOption; /** * The SMTP address for the group, for example, 'serviceadmins@contoso.onmicrosoft.com'. Returned by default. Read-only. * Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ mail?: NullableOption; // Specifies whether the group is mail-enabled. Required. Returned by default. Supports $filter (eq, ne, not). mailEnabled?: NullableOption; /** * The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. * This property can contain only characters in the ASCII character set 0 - 127 except the following: @ () / [] ' ; : * <> , SPACE. Required. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq * on null values). */ mailNickname?: NullableOption; /** * The rule that determines members for this group if the group is a dynamic group (groupTypes contains * DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned * by default. Supports $filter (eq, ne, not, ge, le, startsWith). */ membershipRule?: NullableOption; /** * Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by * default. Supports $filter (eq, ne, not, in). */ membershipRuleProcessingState?: NullableOption; onPremisesDomainName?: NullableOption; /** * Indicates the last time at which the group was synced with the on-premises directory.The Timestamp type represents date * and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in). */ onPremisesLastSyncDateTime?: NullableOption; onPremisesNetBiosName?: NullableOption; /** * Errors when using Microsoft synchronization product during provisioning. Returned by default. Supports $filter (eq, * not). */ onPremisesProvisioningErrors?: NullableOption; /** * Contains the on-premises SAM account name synchronized from the on-premises directory. The property is only populated * for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by * default. Supports $filter (eq, ne, not, ge, le, in, startsWith). Read-only. */ onPremisesSamAccountName?: NullableOption; /** * Contains the on-premises security identifier (SID) for the group synchronized from on-premises to the cloud. Returned * by default. Supports $filter (eq including on null values). Read-only. */ onPremisesSecurityIdentifier?: NullableOption; /** * true if this group is synced from an on-premises directory; false if this group was originally synced from an * on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory * (default). Returned by default. Read-only. Supports $filter (eq, ne, not, in, and eq on null values). */ onPremisesSyncEnabled?: NullableOption; /** * The preferred data location for the Microsoft 365 group. By default, the group inherits the group creator's preferred * data location. To set this property, the calling app must be granted the Directory.ReadWrite.All permission and the * user be assigned one of the following Microsoft Entra roles: Global Administrator User Account Administrator Directory * Writer Exchange Administrator SharePoint Administrator For more information about this property, see OneDrive Online * Multi-Geo. Nullable. Returned by default. */ preferredDataLocation?: NullableOption; /** * The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example, en-US. Returned by * default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). */ preferredLanguage?: NullableOption; /** * Email addresses for the group that direct to the same group mailbox. For example: ['SMTP: bob@contoso.com', 'smtp: * bob@sales.contoso.com']. The any operator is required to filter expressions on multi-valued properties. Returned by * default. Read-only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). */ proxyAddresses?: string[]; /** * Timestamp of when the group was last renewed. This cannot be modified directly and is only updated via the renew * service action. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For * example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, * le, in). Read-only. */ renewedDateTime?: NullableOption; // Specifies whether the group is a security group. Required. Returned by default. Supports $filter (eq, ne, not, in). securityEnabled?: NullableOption; // Security identifier of the group, used in Windows scenarios. Returned by default. securityIdentifier?: NullableOption; serviceProvisioningErrors?: NullableOption; /** * Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange or Red. * Returned by default. */ theme?: NullableOption; /** * Specifies the group join policy and group content visibility for groups. Possible values are: Private, Public, or * HiddenMembership. HiddenMembership can be set only for Microsoft 365 groups when the groups are created. It can't be * updated later. Other values of visibility can be updated after group creation. If visibility value is not specified * during group creation on Microsoft Graph, a security group is created as Private by default, and the Microsoft 365 * group is Public. Groups assignable to roles are always Private. To learn more, see group visibility options. Returned * by default. Nullable. */ visibility?: NullableOption; /** * Indicates if people external to the organization can send messages to the group. The default value is false. Returned * only on $select. Supported only on the Get group API (GET /groups/{ID}). */ allowExternalSenders?: NullableOption; /** * Indicates if new members added to the group will be auto-subscribed to receive email notifications. You can set this * property in a PATCH request for the group; do not set it in the initial POST request that creates the group. Default * value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). */ autoSubscribeNewMembers?: NullableOption; /** * True if the group is not displayed in certain parts of the Outlook UI: the Address Book, address lists for selecting * message recipients, and the Browse Groups dialog for searching groups; otherwise, false. Default value is false. * Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). */ hideFromAddressLists?: NullableOption; /** * True if the group is not displayed in Outlook clients, such as Outlook for Windows and Outlook on the web; otherwise, * false. The default value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). */ hideFromOutlookClients?: NullableOption; /** * Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned * only on $select. Supported only on the Get group API (GET /groups/{ID}). */ isSubscribedByMail?: NullableOption; /** * Count of conversations that have received new posts since the signed-in user last visited the group. Returned only on * $select. Supported only on the Get group API (GET /groups/{ID}). */ unseenCount?: NullableOption; /** * When a group is associated with a team, this property determines whether the team is in read-only mode.To read this * property, use the /group/{groupId}/team endpoint or the Get team API. To update this property, use the archiveTeam and * unarchiveTeam APIs. */ isArchived?: NullableOption; // Represents the app roles a group has been granted for an application. Supports $expand. appRoleAssignments?: NullableOption; // The user (or application) that created the group. NOTE: This is not set if the user is an administrator. Read-only. createdOnBehalfOf?: NullableOption; /** * Groups that this group is a member of. HTTP Methods: GET (supported for all groups). Read-only. Nullable. Supports * $expand. */ memberOf?: NullableOption; /** * The members of this group, who can be users, devices, other groups, or service principals. Supports the List members, * Add member, and Remove member operations. Nullable. Supports $expand including nested $select. For example, * /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=members($select=id,userPrincipalName,displayName). */ members?: NullableOption; // A list of group members with license errors from this group-based license assignment. Read-only. membersWithLicenseErrors?: NullableOption; /** * The owners of the group. Limited to 100 owners. Nullable. If this property is not specified when creating a Microsoft * 365 group, the calling user is automatically assigned as the group owner. Supports $filter (/$count eq 0, /$count ne 0, * /$count eq 1, /$count ne 1). Supports $expand including nested $select. For example, * /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=owners($select=id,userPrincipalName,displayName). */ owners?: NullableOption; permissionGrants?: NullableOption; // Settings that can govern this group's behavior, like whether members can invite guest users to the group. Nullable. settings?: NullableOption; // The groups that a group is a member of, either directly or through nested membership. Nullable. transitiveMemberOf?: NullableOption; // The direct and transitive members of a group. Nullable. transitiveMembers?: NullableOption; /** * The list of users or groups allowed to create posts or calendar events in this group. If this list is non-empty, then * only users or groups listed here are allowed to post. */ acceptedSenders?: NullableOption; // The group's calendar. Read-only. calendar?: NullableOption; // The calendar view for the calendar. Read-only. calendarView?: NullableOption; // The group's conversations. conversations?: NullableOption; // The group's calendar events. events?: NullableOption; // The list of users or groups not allowed to create posts or calendar events in this group. Nullable rejectedSenders?: NullableOption; // The group's conversation threads. Nullable. threads?: NullableOption; // The group's default drive. Read-only. drive?: NullableOption; // The group's drives. Read-only. drives?: NullableOption; // The list of SharePoint sites in this group. Access the default site with /sites/root. sites?: NullableOption; // The collection of open extensions defined for the group. Read-only. Nullable. extensions?: NullableOption; // The collection of lifecycle policies for this group. Read-only. Nullable. groupLifecyclePolicies?: NullableOption; // Entry-point to Planner resource that might exist for a Unified Group. planner?: NullableOption; onenote?: NullableOption; // The group's profile photo photo?: NullableOption; // The profile photos owned by the group. Read-only. Nullable. photos?: NullableOption; // The team associated with this group. team?: NullableOption; } export interface TeamsAppInstallation extends Entity { // The set of resource-specific permissions consented to while installing or upgrading the teamsApp. consentedPermissionSet?: NullableOption; // The app that is installed. teamsApp?: NullableOption; // The details of this version of the app. teamsAppDefinition?: NullableOption; } export interface ConversationMember extends Entity { // The display name of the user. displayName?: NullableOption; /** * The roles for that user. This property contains additional qualifiers only when relevant - for example, if the member * has owner privileges, the roles property contains owner as one of the values. Similarly, if the member is an in-tenant * guest, the roles property contains guest as one of the values. A basic member should not have any values specified in * the roles property. An Out-of-tenant external member is assigned the owner role. */ roles?: NullableOption; /** * The timestamp denoting how far back a conversation's history is shared with the conversation member. This property is * settable only for members of a chat. */ visibleHistoryStartDateTime?: NullableOption; } export interface TeamsAsyncOperation extends Entity { // Number of times the operation was attempted before being marked successful or failed. attemptsCount?: number; // Time when the operation was created. createdDateTime?: string; // Any error that causes the async operation to fail. error?: NullableOption; // Time when the async operation was last updated. lastActionDateTime?: string; // Denotes which type of operation is being described. operationType?: TeamsAsyncOperationType; // Operation status. status?: TeamsAsyncOperationStatus; // The ID of the object that's created or modified as result of this async operation, typically a team. targetResourceId?: NullableOption; /** * The location of the object that's created or modified as result of this async operation. This URL should be treated as * an opaque value and not parsed into its component paths. */ targetResourceLocation?: NullableOption; } export interface ResourceSpecificPermissionGrant extends DirectoryObject { // ID of the service principal of the Microsoft Entra app that has been granted access. Read-only. clientAppId?: NullableOption; // ID of the Microsoft Entra app that has been granted access. Read-only. clientId?: NullableOption; // The name of the resource-specific permission. Read-only. permission?: NullableOption; // The type of permission. Possible values are: Application, Delegated. Read-only. permissionType?: NullableOption; // ID of the Microsoft Entra app that is hosting the resource. Read-only. resourceAppId?: NullableOption; } export interface TeamworkTag extends Entity { /** * The description of the tag as it appears to the user in Microsoft Teams. A teamworkTag can't have more than 200 * teamworkTagMembers. */ description?: NullableOption; // The name of the tag as it appears to the user in Microsoft Teams. displayName?: NullableOption; // The number of users assigned to the tag. memberCount?: NullableOption; // The type of the tag. Default is standard. tagType?: NullableOption; // ID of the team in which the tag is defined. teamId?: NullableOption; // Users assigned to the tag. members?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface TeamsTemplate extends Entity {} export interface Schedule extends Entity { // Indicates whether the schedule is enabled for the team. Required. enabled?: NullableOption; // Indicates whether offer shift requests are enabled for the schedule. offerShiftRequestsEnabled?: NullableOption; // Indicates whether open shifts are enabled for the schedule. openShiftsEnabled?: NullableOption; // The status of the schedule provisioning. The possible values are notStarted, running, completed, failed. provisionStatus?: NullableOption; // Additional information about why schedule provisioning failed. provisionStatusCode?: NullableOption; // Indicates whether swap shifts requests are enabled for the schedule. swapShiftsRequestsEnabled?: NullableOption; // Indicates whether time clock is enabled for the schedule. timeClockEnabled?: NullableOption; // Indicates whether time off requests are enabled for the schedule. timeOffRequestsEnabled?: NullableOption; // Indicates the time zone of the schedule team using tz database format. Required. timeZone?: NullableOption; workforceIntegrationIds?: NullableOption; // The offer requests for shifts in the schedule. offerShiftRequests?: NullableOption; // The open shift requests in the schedule. openShiftChangeRequests?: NullableOption; // The set of open shifts in a scheduling group in the schedule. openShifts?: NullableOption; // The logical grouping of users in the schedule (usually by role). schedulingGroups?: NullableOption; // The shifts in the schedule. shifts?: NullableOption; // The swap requests for shifts in the schedule. swapShiftsChangeRequests?: NullableOption; // The set of reasons for a time off in the schedule. timeOffReasons?: NullableOption; // The time off requests in the schedule. timeOffRequests?: NullableOption; // The instances of times off in the schedule. timesOff?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface Compliance {} export interface GroupSetting extends Entity { // Display name of this group of settings, which comes from the associated template. displayName?: NullableOption; /** * Unique identifier for the tenant-level groupSettingTemplates object that's been customized for this group-level * settings object. Read-only. */ templateId?: NullableOption; /** * Collection of name-value pairs corresponding to the name and defaultValue properties in the referenced * groupSettingTemplates object. */ values?: SettingValue[]; } export interface Conversation extends Entity { /** * Indicates whether any of the posts within this Conversation has at least one attachment. Supports $filter (eq, ne) and * $search. */ hasAttachments?: boolean; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ lastDeliveredDateTime?: string; // A short summary from the body of the latest post in this conversation. Supports $filter (eq, ne, le, ge). preview?: string; // The topic of the conversation. This property can be set when the conversation is created, but it cannot be updated. topic?: string; // All the users that sent a message to this Conversation. uniqueSenders?: string[]; // A collection of all the conversation threads in the conversation. A navigation property. Read-only. Nullable. threads?: NullableOption; } export interface ConversationThread extends Entity { // The Cc: recipients for the thread. Returned only on $select. ccRecipients?: Recipient[]; // Indicates whether any of the posts within this thread has at least one attachment. Returned by default. hasAttachments?: boolean; // Indicates if the thread is locked. Returned by default. isLocked?: boolean; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.Returned by default. */ lastDeliveredDateTime?: string; // A short summary from the body of the latest post in this conversation. Returned by default. preview?: string; /** * The topic of the conversation. This property can be set when the conversation is created, but it cannot be updated. * Returned by default. */ topic?: string; // The To: recipients for the thread. Returned only on $select. toRecipients?: Recipient[]; // All the users that sent a message to this thread. Returned by default. uniqueSenders?: string[]; posts?: NullableOption; } export interface GroupLifecyclePolicy extends Entity { /** * List of email address to send notifications for groups without owners. Multiple email address can be defined by * separating email address with a semicolon. */ alternateNotificationEmails?: NullableOption; /** * Number of days before a group expires and needs to be renewed. Once renewed, the group expiration is extended by the * number of days defined. */ groupLifetimeInDays?: NullableOption; // The group type for which the expiration policy applies. Possible values are All, Selected or None. managedGroupTypes?: NullableOption; } export interface PlannerGroup extends Entity { // Read-only. Nullable. Returns the plannerPlans owned by the group. plans?: NullableOption; } // tslint:disable-next-line: interface-name export interface ItemAnalytics extends Entity { allTime?: NullableOption; itemActivityStats?: NullableOption; lastSevenDays?: NullableOption; } export interface ColumnDefinition extends Entity { // This column stores boolean values. boolean?: NullableOption; // This column's data is calculated based on other columns. calculated?: NullableOption; // This column stores data from a list of choices. choice?: NullableOption; // For site columns, the name of the group this column belongs to. Helps organize related columns. columnGroup?: NullableOption; // This column stores content approval status. contentApprovalStatus?: NullableOption; // This column stores currency values. currency?: NullableOption; // This column stores DateTime values. dateTime?: NullableOption; // The default value for this column. defaultValue?: NullableOption; // The user-facing description of the column. description?: NullableOption; // The user-facing name of the column. displayName?: NullableOption; // If true, no two list items may have the same value for this column. enforceUniqueValues?: NullableOption; // This column stores a geolocation. geolocation?: NullableOption; // Specifies whether the column is displayed in the user interface. hidden?: NullableOption; // This column stores hyperlink or picture values. hyperlinkOrPicture?: NullableOption; // Specifies whether the column values can be used for sorting and searching. indexed?: NullableOption; // Indicates whether this column can be deleted. isDeletable?: NullableOption; // Indicates whether values in the column can be reordered. Read-only. isReorderable?: NullableOption; // Specifies whether the column can be changed. isSealed?: NullableOption; // This column's data is looked up from another source in the site. lookup?: NullableOption; /** * The API-facing name of the column as it appears in the [fields][] on a [listItem][]. For the user-facing name, see * displayName. */ name?: NullableOption; // This column stores number values. number?: NullableOption; // This column stores Person or Group values. personOrGroup?: NullableOption; // If 'true', changes to this column will be propagated to lists that implement the column. propagateChanges?: NullableOption; // Specifies whether the column values can be modified. readOnly?: NullableOption; // Specifies whether the column value isn't optional. required?: NullableOption; // ContentType from which this column is inherited from. Present only in contentTypes columns response. Read-only. sourceContentType?: NullableOption; // This column stores taxonomy terms. term?: NullableOption; // This column stores text values. text?: NullableOption; // This column stores thumbnail values. thumbnail?: NullableOption; // For site columns, the type of column. Read-only. type?: NullableOption; // This column stores validation formula and message for the column. validation?: NullableOption; // The source column for the content type column. sourceColumn?: NullableOption; } export interface ContentType extends Entity { /** * List of canonical URLs for hub sites with which this content type is associated to. This will contain all hub sites * where this content type is queued to be enforced or is already enforced. Enforcing a content type means that the * content type will be applied to the lists in the enforced sites. */ associatedHubsUrls?: NullableOption; // The descriptive text for the item. description?: NullableOption; // Document Set metadata. documentSet?: NullableOption; /** * Document template metadata. To make sure that documents have consistent content across a site and its subsites, you can * associate a Word, Excel, or PowerPoint template with a site content type. */ documentTemplate?: NullableOption; // The name of the group this content type belongs to. Helps organize related content types. group?: NullableOption; // Indicates whether the content type is hidden in the list's 'New' menu. hidden?: NullableOption; /** * If this content type is inherited from another scope (like a site), provides a reference to the item where the content * type is defined. */ inheritedFrom?: NullableOption; // Specifies if a content type is a built-in content type. isBuiltIn?: NullableOption; // The name of the content type. name?: NullableOption; // Specifies the order in which the content type appears in the selection UI. order?: NullableOption; // The unique identifier of the content type. parentId?: NullableOption; /** * If true, any changes made to the content type will be pushed to inherited content types and lists that implement the * content type. */ propagateChanges?: NullableOption; // If true, the content type can't be modified unless this value is first set to false. readOnly?: NullableOption; /** * If true, the content type can't be modified by users or through push-down operations. Only site collection * administrators can seal or unseal content types. */ sealed?: NullableOption; // Parent contentType from which this content type is derived. base?: NullableOption; // The collection of content types that are ancestors of this content type. baseTypes?: NullableOption; // The collection of columns that are required by this content type. columnLinks?: NullableOption; // Column order information in a content type. columnPositions?: NullableOption; // The collection of column definitions for this contentType. columns?: NullableOption; } export interface List extends BaseItem { // The displayable title of the list. displayName?: NullableOption; // Contains more details about the list. list?: NullableOption; // Returns identifiers useful for SharePoint REST compatibility. Read-only. sharepointIds?: NullableOption; // If present, indicates that the list is system-managed. Read-only. system?: NullableOption; // The collection of field definitions for this list. columns?: NullableOption; // The collection of content types present in this list. contentTypes?: NullableOption; // Allows access to the list as a drive resource with driveItems. Only present on document libraries. drive?: NullableOption; // All items contained in the list. items?: NullableOption; // The collection of long-running operations on the list. operations?: NullableOption; // The set of subscriptions on the list. subscriptions?: NullableOption; } export interface LongRunningOperation extends Entity { /** * The start time of the operation. The Timestamp type represents date and time information using ISO 8601 format and is * always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ createdDateTime?: NullableOption; /** * The time of the last action in the operation. The Timestamp type represents date and time information using ISO 8601 * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ lastActionDateTime?: NullableOption; // URI of the resource that the operation is performed on. resourceLocation?: NullableOption; // The status of the operation. The possible values are: notStarted, running, succeeded, failed, unknownFutureValue. status?: NullableOption; // Details about the status of the operation. statusDetail?: NullableOption; } export interface RichLongRunningOperation extends LongRunningOperation { // Error that caused the operation to fail. error?: NullableOption; // A value between 0 and 100 that indicates the progress of the operation. percentageComplete?: NullableOption; // The unique identifier for the result. resourceId?: NullableOption; // The type of the operation. type?: NullableOption; } export interface Permission extends Entity { /** * A format of yyyy-MM-ddTHH:mm:ssZ of DateTimeOffset indicates the expiration time of the permission. DateTime.MinValue * indicates there's no expiration set for this permission. Optional. */ expirationDateTime?: NullableOption; grantedTo?: NullableOption; grantedToIdentities?: NullableOption; // For link type permissions, the details of the users to whom permission was granted. Read-only. grantedToIdentitiesV2?: NullableOption; // For user type permissions, the details of the users and applications for this permission. Read-only. grantedToV2?: NullableOption; /** * Indicates whether the password is set for this permission. This property only appears in the response. Optional. * Read-only. For OneDrive Personal only.. */ hasPassword?: NullableOption; // Provides a reference to the ancestor of the current permission, if it's inherited from an ancestor. Read-only. inheritedFrom?: NullableOption; // Details of any associated sharing invitation for this permission. Read-only. invitation?: NullableOption; // Provides the link details of the current permission, if it's a link type permission. Read-only. link?: NullableOption; // The type of permission, for example, read. See below for the full list of roles. Read-only. roles?: NullableOption; // A unique token that can be used to access this shared item via the shares API. Read-only. shareId?: NullableOption; } // tslint:disable-next-line: interface-name export interface IdentityApiConnector extends Entity { /** * The object which describes the authentication configuration details for calling the API. Basic and PKCS 12 client * certificate are supported. */ authenticationConfiguration?: NullableOption; // The name of the API connector. displayName?: NullableOption; // The URL of the API endpoint to call. targetUrl?: NullableOption; } // tslint:disable-next-line: interface-name export interface IdentityProviderBase extends Entity { // The display name of the identity provider. displayName?: NullableOption; } export interface AppleManagedIdentityProvider extends IdentityProviderBase { // The certificate data, which is a long string of text from the certificate. Can be null. certificateData?: NullableOption; // The Apple developer identifier. Required. developerId?: NullableOption; // The Apple key identifier. Required. keyId?: NullableOption; // The Apple service identifier. Required. serviceId?: NullableOption; } // tslint:disable-next-line: interface-name export interface IdentityUserFlow extends Entity { userFlowType?: UserFlowType; userFlowTypeVersion?: number; } export interface B2xIdentityUserFlow extends IdentityUserFlow { /** * Configuration for enabling an API connector for use as part of the self-service sign-up user flow. You can only obtain * the value of this object using Get userFlowApiConnectorConfiguration. */ apiConnectorConfiguration?: NullableOption; // The identity providers included in the user flow. identityProviders?: NullableOption; /** * The languages supported for customization within the user flow. Language customization is enabled by default in * self-service sign-up user flow. You can't create custom languages in self-service sign-up user flows. */ languages?: NullableOption; // The user attribute assignments included in the user flow. userAttributeAssignments?: NullableOption; userFlowIdentityProviders?: NullableOption; } // tslint:disable-next-line: interface-name export interface IdentityProvider extends Entity { /** * The client ID for the application. This is the client ID obtained when registering the application with the identity * provider. Required. Not nullable. */ clientId?: NullableOption; /** * The client secret for the application. This is the client secret obtained when registering the application with the * identity provider. This is write-only. A read operation will return . Required. Not nullable. */ clientSecret?: NullableOption; // The display name of the identity provider. Not nullable. name?: NullableOption; /** * The identity provider type is a required field. For B2B scenario: Google, Facebook. For B2C scenario: Microsoft, * Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat, OpenIDConnect. Not nullable. */ type?: NullableOption; } export interface UserFlowLanguageConfiguration extends Entity { // The language name to display. This property is read-only. displayName?: NullableOption; // Indicates whether the language is enabled within the user flow. isEnabled?: boolean; /** * Collection of pages with the default content to display in a user flow for a specified language. This collection * doesn't allow any kind of modification. */ defaultPages?: NullableOption; /** * Collection of pages with the overrides messages to display in a user flow for a specified language. This collection * only allows you to modify the content of the page, any other modification isn't allowed (creation or deletion of * pages). */ overridesPages?: NullableOption; } // tslint:disable-next-line: interface-name export interface IdentityUserFlowAttributeAssignment extends Entity { // The display name of the identityUserFlowAttribute within a user flow. displayName?: NullableOption; /** * Determines whether the identityUserFlowAttribute is optional. true means the user doesn't have to provide a value. * false means the user can't complete sign-up without providing a value. */ isOptional?: boolean; /** * Determines whether the identityUserFlowAttribute requires verification, and is only used for verifying the user's phone * number or email address. */ requiresVerification?: boolean; /** * The input options for the user flow attribute. Only applicable when the userInputType is radioSingleSelect, * dropdownSingleSelect, or checkboxMultiSelect. */ userAttributeValues?: NullableOption; /** * The input type of the user flow attribute. Possible values are: textBox, dateTimeDropdown, radioSingleSelect, * dropdownSingleSelect, emailBox, checkboxMultiSelect. */ userInputType?: IdentityUserFlowAttributeInputType; // The user attribute that you want to add to your user flow. userAttribute?: NullableOption; } export interface BuiltInIdentityProvider extends IdentityProviderBase { // The identity provider type. For a B2B scenario, possible values: AADSignup, MicrosoftAccount, EmailOTP. Required. identityProviderType?: NullableOption; } // tslint:disable-next-line: interface-name export interface IdentityUserFlowAttribute extends Entity { /** * The data type of the user flow attribute. This can't be modified after the custom user flow attribute is created. The * supported values for dataType are: string , boolean , int64 , stringCollection , dateTime, unknownFutureValue. Supports * $filter (eq, ne). */ dataType?: IdentityUserFlowAttributeDataType; // The description of the user flow attribute that's shown to the user at the time of sign-up. description?: NullableOption; // The display name of the user flow attribute. Supports $filter (eq, ne). displayName?: NullableOption; /** * The type of the user flow attribute. This is a read-only attribute that is automatically set. Depending on the type of * attribute, the values for this property are builtIn, custom, required, unknownFutureValue. Supports $filter (eq, ne). */ userFlowAttributeType?: IdentityUserFlowAttributeType; } // tslint:disable-next-line: interface-name no-empty-interface export interface IdentityBuiltInUserFlowAttribute extends IdentityUserFlowAttribute {} // tslint:disable-next-line: interface-name export interface IdentityContainer extends Entity { // Represents entry point for API connectors. apiConnectors?: NullableOption; // Represents entry point for B2X/self-service sign-up identity userflows. b2xUserFlows?: NullableOption; identityProviders?: NullableOption; // Represents entry point for identity userflow attributes. userFlowAttributes?: NullableOption; // the entry point for the Conditional Access (CA) object model. conditionalAccess?: NullableOption; } // tslint:disable-next-line: interface-name no-empty-interface export interface IdentityCustomUserFlowAttribute extends IdentityUserFlowAttribute {} export interface SocialIdentityProvider extends IdentityProviderBase { /** * The identifier for the client application obtained when registering the application with the identity provider. * Required. */ clientId?: NullableOption; /** * The client secret for the application that is obtained when the application is registered with the identity provider. * This is write-only. A read operation returns . Required. */ clientSecret?: NullableOption; /** * For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, * LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat. Required. */ identityProviderType?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface UserFlowLanguagePage extends Entity {} export interface DeviceLocalCredentialInfo extends Entity { // The credentials of the device's local administrator account backed up to Azure Active Directory. credentials?: DeviceLocalCredential[]; // Display name of the device that the local credentials are associated with. deviceName?: string; // When the local administrator account credential was backed up to Azure Active Directory. lastBackupDateTime?: string; // When the local administrator account credential will be refreshed and backed up to Azure Active Directory. refreshDateTime?: string; } export interface Directory extends Entity { // The credentials of the device's local administrator account backed up to Microsoft Entra ID. deviceLocalCredentials?: NullableOption; // Conceptual container for user and group directory objects. administrativeUnits?: NullableOption; // Group of related custom security attribute definitions. attributeSets?: NullableOption; // Schema of a custom security attributes (key-value pairs). customSecurityAttributeDefinitions?: NullableOption; // Recently deleted items. Read-only. Nullable. deletedItems?: NullableOption; /** * Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed * protocol. */ federationConfigurations?: NullableOption; // A container for on-premises directory synchronization functionalities that are available for the organization. onPremisesSynchronization?: NullableOption; } export interface AdministrativeUnit extends DirectoryObject { // An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search. description?: NullableOption; /** * Display name for the administrative unit. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null * values), $search, and $orderby. */ displayName?: NullableOption; /** * Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership. If not * set (value is null), the default behavior is public. When set to HiddenMembership, only members of the administrative * unit can list other members of the administrative unit. */ visibility?: NullableOption; // Users and groups that are members of this administrative unit. Supports $expand. members?: NullableOption; // Scoped-role members of this administrative unit. scopedRoleMembers?: NullableOption; // The collection of open extensions defined for this administrative unit. Nullable. extensions?: NullableOption; } export interface AttributeSet extends Entity { /** * Description of the attribute set. Can be up to 128 characters long and include Unicode characters. Can be changed * later. */ description?: NullableOption; /** * Maximum number of custom security attributes that can be defined in this attribute set. Default value is null. If not * specified, the administrator can add up to the maximum of 500 active attributes per tenant. Can be changed later. */ maxAttributesPerSet?: NullableOption; } export interface CustomSecurityAttributeDefinition extends Entity { // Name of the attribute set. Case insensitive. attributeSet?: string; /** * Description of the custom security attribute. Can be up to 128 characters long and include Unicode characters. Can be * changed later. */ description?: NullableOption; /** * Indicates whether multiple values can be assigned to the custom security attribute. Cannot be changed later. If type is * set to Boolean, isCollection cannot be set to true. */ isCollection?: boolean; /** * Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute * values. Cannot be changed later. */ isSearchable?: NullableOption; /** * Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and * include Unicode characters. Cannot contain spaces or special characters. Cannot be changed later. Case insensitive. */ name?: string; /** * Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and * Deprecated. Can be changed later. */ status?: string; /** * Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Cannot be * changed later. */ type?: string; /** * Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form * values are allowed. Can later be changed from true to false, but cannot be changed from false to true. If type is set * to Boolean, usePreDefinedValuesOnly cannot be set to true. */ usePreDefinedValuesOnly?: NullableOption; /** * Values that are predefined for this custom security attribute. This navigation property is not returned by default and * must be specified in an $expand query. For example, * /directory/customSecurityAttributeDefinitions?$expand=allowedValues. */ allowedValues?: NullableOption; } export interface OnPremisesDirectorySynchronization extends Entity { /** * Consists of configurations that can be fine-tuned and impact the on-premises directory synchronization process for a * tenant. */ configuration?: NullableOption; // Consists of directory synchronization features that can be enabled or disabled. features?: OnPremisesDirectorySynchronizationFeature; } export interface AllowedValue extends Entity { /** * Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be * assigned to any other supported directory objects. */ isActive?: NullableOption; } export interface AppScope extends Entity { /** * Provides the display name of the app-specific resource represented by the app scope. Provided for display purposes * since appScopeId is often an immutable, non-human-readable id. Read-only. */ displayName?: NullableOption; /** * Describes the type of app-specific resource represented by the app scope and is provided for display purposes, so a * user interface can convey to the user the kind of app specific resource represented by the app scope. Read-only. */ type?: NullableOption; } export interface CertificateBasedAuthConfiguration extends Entity { // Collection of certificate authorities which creates a trusted certificate chain. certificateAuthorities?: CertificateAuthority[]; } export interface Contract extends DirectoryObject { /** * Type of contract. Possible values are: SyndicationPartner, BreadthPartner, ResellerPartner. See more in the table * below. */ contractType?: NullableOption; /** * The unique identifier for the customer tenant referenced by this partnership. Corresponds to the id property of the * customer tenant's organization resource. */ customerId?: NullableOption; /** * A copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is * established. It isn't automatically updated if the customer tenant's default domain name changes. */ defaultDomainName?: NullableOption; /** * A copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. * It is not automatically updated if the customer tenant's display name changes. */ displayName?: NullableOption; } export interface CrossTenantAccessPolicyConfigurationDefault extends Entity { /** * Determines the default configuration for automatic user consent settings. The inboundAllowed and outboundAllowed * properties are always false and cannot be updated in the default configuration. Read-only. */ automaticUserConsentSettings?: NullableOption; /** * Defines your default configuration for users from other organizations accessing your resources via Microsoft Entra B2B * collaboration. */ b2bCollaborationInbound?: NullableOption; /** * Defines your default configuration for users in your organization going outbound to access resources in another * organization via Microsoft Entra B2B collaboration. */ b2bCollaborationOutbound?: NullableOption; /** * Defines your default configuration for users from other organizations accessing your resources via Microsoft Entra B2B * direct connect. */ b2bDirectConnectInbound?: NullableOption; /** * Defines your default configuration for users in your organization going outbound to access resources in another * organization via Microsoft Entra B2B direct connect. */ b2bDirectConnectOutbound?: NullableOption; /** * Determines the default configuration for trusting other Conditional Access claims from external Microsoft Entra * organizations. */ inboundTrust?: NullableOption; /** * If true, the default configuration is set to the system default configuration. If false, the default settings have been * customized. */ isServiceDefault?: NullableOption; } export interface CrossTenantAccessPolicyConfigurationPartner { /** * Determines the partner-specific configuration for automatic user consent settings. Unless specifically configured, the * inboundAllowed and outboundAllowed properties are null and inherit from the default settings, which is always false. */ automaticUserConsentSettings?: NullableOption; /** * Defines your partner-specific configuration for users from other organizations accessing your resources via Microsoft * Entra B2B collaboration. */ b2bCollaborationInbound?: NullableOption; /** * Defines your partner-specific configuration for users in your organization going outbound to access resources in * another organization via Microsoft Entra B2B collaboration. */ b2bCollaborationOutbound?: NullableOption; /** * Defines your partner-specific configuration for users from other organizations accessing your resources via Azure B2B * direct connect. */ b2bDirectConnectInbound?: NullableOption; /** * Defines your partner-specific configuration for users in your organization going outbound to access resources in * another organization via Microsoft Entra B2B direct connect. */ b2bDirectConnectOutbound?: NullableOption; /** * Determines the partner-specific configuration for trusting other Conditional Access claims from external Microsoft * Entra organizations. */ inboundTrust?: NullableOption; // Identifies whether the partner-specific configuration is a Cloud Service Provider for your organization. isServiceProvider?: NullableOption; // The tenant identifier for the partner Microsoft Entra organization. Read-only. Key. tenantId?: string; /** * Defines the cross-tenant policy for the synchronization of users from a partner tenant. Use this user synchronization * policy to streamline collaboration between users in a multitenant organization by automating the creation, update, and * deletion of users from one tenant to another. */ identitySynchronization?: NullableOption; } export interface CrossTenantIdentitySyncPolicyPartner { /** * Display name for the cross-tenant user synchronization policy. Use the name of the partner Microsoft Entra tenant to * easily identify the policy. Optional. */ displayName?: NullableOption; // Tenant identifier for the partner Microsoft Entra organization. Read-only. tenantId?: string; // Defines whether users can be synchronized from the partner tenant. Key. userSyncInbound?: NullableOption; } export interface Device extends DirectoryObject { /** * true if the account is enabled; otherwise, false. Required. Default is true. Supports $filter (eq, ne, not, in). Only * callers in Global Administrator and Cloud Device Administrator roles can set this property. */ accountEnabled?: NullableOption; // For internal use only. Not nullable. Supports $filter (eq, not, ge, le). alternativeSecurityIds?: AlternativeSecurityId[]; /** * The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null * values) and $orderby. */ approximateLastSignInDateTime?: NullableOption; /** * The timestamp when the device is no longer deemed compliant. The timestamp type represents date and time information * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. * Read-only. */ complianceExpirationDateTime?: NullableOption; // User-defined property set by Intune to automatically add devices to groups and simplify managing devices. deviceCategory?: NullableOption; /** * Unique identifier set by Azure Device Registration Service at the time of registration. This is an alternate key that * can be used to reference the device object. Supports $filter (eq, ne, not, startsWith). */ deviceId?: NullableOption; // For internal use only. Set to null. deviceMetadata?: NullableOption; // Ownership of the device. This property is set by Intune. Possible values are: unknown, company, personal. deviceOwnership?: NullableOption; // For internal use only. deviceVersion?: NullableOption; /** * The display name for the device. Required. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null * values), $search, and $orderby. */ displayName?: NullableOption; /** * Enrollment profile applied to the device. For example, Apple Device Enrollment Profile, Device enrollment - Corporate * device identifiers, or Windows Autopilot profile name. This property is set by Intune. */ enrollmentProfileName?: NullableOption; /** * true if the device complies with Mobile Device Management (MDM) policies; otherwise, false. Read-only. This can only be * updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, * not). */ isCompliant?: NullableOption; /** * true if the device is managed by a Mobile Device Management (MDM) app; otherwise, false. This can only be updated by * Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). */ isManaged?: NullableOption; // Application identifier used to register device into MDM. Read-only. Supports $filter (eq, ne, not, startsWith). mdmAppId?: NullableOption; /** * The last time at which the object was synced with the on-premises directory. The Timestamp type represents date and * time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z Read-only. Supports $filter (eq, ne, not, ge, le, in). */ onPremisesLastSyncDateTime?: NullableOption; /** * true if this object is synced from an on-premises directory; false if this object was originally synced from an * on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory * (default). Read-only. Supports $filter (eq, ne, not, in, and eq on null values). */ onPremisesSyncEnabled?: NullableOption; /** * The type of operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null * values). */ operatingSystem?: NullableOption; /** * The version of the operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq * on null values). */ operatingSystemVersion?: NullableOption; // For internal use only. Not nullable. Supports $filter (eq, not, ge, le, startsWith,/$count eq 0, /$count ne 0). physicalIds?: string[]; // The profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. profileType?: NullableOption; /** * Date and time of when the device was registered. The timestamp type represents date and time information using ISO 8601 * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ registrationDateTime?: NullableOption; // List of labels applied to the device by the system. Supports $filter (/$count eq 0, /$count ne 0). systemLabels?: string[]; /** * Type of trust for the joined device. Read-only. Possible values: Workplace (indicates bring your own personal devices), * AzureAd (Cloud only joined devices), ServerAd (on-premises domain joined devices joined to Microsoft Entra ID). For * more details, see Introduction to device management in Microsoft Entra ID. */ trustType?: NullableOption; // Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand. memberOf?: NullableOption; /** * The user that cloud joined the device or registered their personal device. The registered owner is set at the time of * registration. Read-only. Nullable. Supports $expand. */ registeredOwners?: NullableOption; /** * Collection of registered users of the device. For cloud joined devices and registered personal devices, registered * users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports * $expand. */ registeredUsers?: NullableOption; // Groups and administrative units that the device is a member of. This operation is transitive. Supports $expand. transitiveMemberOf?: NullableOption; // The collection of open extensions defined for the device. Read-only. Nullable. extensions?: NullableOption; } export interface DirectoryObjectPartnerReference extends DirectoryObject { // Description of the object returned. Read-only. description?: NullableOption; // Name of directory object being returned, like group or application. Read-only. displayName?: NullableOption; // The tenant identifier for the partner tenant. Read-only. externalPartnerTenantId?: NullableOption; // The type of the referenced object in the partner tenant. Read-only. objectType?: NullableOption; } export interface DirectoryRole extends DirectoryObject { // The description for the directory role. Read-only. Supports $filter (eq), $search, $select. description?: NullableOption; // The display name for the directory role. Read-only. Supports $filter (eq), $search, $select. displayName?: NullableOption; /** * The id of the directoryRoleTemplate that this role is based on. The property must be specified when activating a * directory role in a tenant with a POST operation. After the directory role has been activated, the property is read * only. Supports $filter (eq), $select. */ roleTemplateId?: NullableOption; // Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable. Supports $expand. members?: NullableOption; // Members of this directory role that are scoped to administrative units. Read-only. Nullable. scopedMembers?: NullableOption; } export interface DirectoryRoleTemplate extends DirectoryObject { // The description to set for the directory role. Read-only. description?: NullableOption; // The display name to set for the directory role. Read-only. displayName?: NullableOption; } export interface Domain extends Entity { /** * Indicates the configured authentication type for the domain. The value is either Managed or Federated. Managed * indicates a cloud managed domain where Microsoft Entra ID performs user authentication. Federated indicates * authentication is federated with an identity provider such as the tenant's on-premises Active Directory via Active * Directory Federation Services. Not nullable. */ authenticationType?: string; /** * This property is always null except when the verify action is used. When the verify action is used, a domain entity is * returned in the response. The availabilityStatus property of the domain entity in the response is either * AvailableImmediately or EmailVerifiedDomainTakeoverScheduled. */ availabilityStatus?: NullableOption; /** * The value of the property is false if the DNS record management of the domain has been delegated to Microsoft 365. * Otherwise, the value is true. Not nullable */ isAdminManaged?: boolean; /** * true if this is the default domain that is used for user creation. There is only one default domain per company. Not * nullable */ isDefault?: boolean; /** * true if this is the initial domain created by Microsoft Online Services (companyname.onmicrosoft.com). There is only * one initial domain per company. Not nullable */ isInitial?: boolean; // true if the domain is a verified root domain. Otherwise, false if the domain is a subdomain or unverified. Not nullable isRoot?: boolean; // true if the domain has completed domain ownership verification. Not nullable isVerified?: boolean; manufacturer?: NullableOption; model?: NullableOption; /** * Specifies the number of days before a user receives notification that their password will expire. If the property is * not set, a default value of 14 days will be used. */ passwordNotificationWindowInDays?: NullableOption; /** * Specifies the length of time that a password is valid before it must be changed. If the property is not set, a default * value of 90 days will be used. */ passwordValidityPeriodInDays?: NullableOption; // Status of asynchronous operations scheduled for the domain. state?: NullableOption; /** * The capabilities assigned to the domain. Can include 0, 1 or more of following values: Email, Sharepoint, * EmailInternalRelayOnly, OfficeCommunicationsOnline, SharePointDefaultDomain, FullRedelegation, SharePointPublic, * OrgIdAuthentication, Yammer, Intune. The values which you can add/remove using Graph API include: Email, * OfficeCommunicationsOnline, Yammer. Not nullable. */ supportedServices?: string[]; /** * The objects such as users and groups that reference the domain ID. Read-only, Nullable. Supports $expand and $filter by * the OData type of objects returned. For example /domains/{domainId}/domainNameReferences/microsoft.graph.user and * /domains/{domainId}/domainNameReferences/microsoft.graph.group. */ domainNameReferences?: NullableOption; // Domain settings configured by a customer when federated with Microsoft Entra ID. Supports $expand. federationConfiguration?: NullableOption; /** * DNS records the customer adds to the DNS zone file of the domain before the domain can be used by Microsoft Online * services. Read-only, Nullable. Supports $expand. */ serviceConfigurationRecords?: NullableOption; /** * DNS records that the customer adds to the DNS zone file of the domain before the customer can complete domain ownership * verification with Microsoft Entra ID. Read-only, Nullable. Supports $expand. */ verificationDnsRecords?: NullableOption; } export interface SamlOrWsFedProvider extends IdentityProviderBase { // Issuer URI of the federation server. issuerUri?: NullableOption; // URI of the metadata exchange endpoint used for authentication from rich client applications. metadataExchangeUri?: NullableOption; // URI that web-based clients are directed to when signing in to Microsoft Entra services. passiveSignInUri?: NullableOption; // Preferred authentication protocol. The possible values are: wsFed, saml, unknownFutureValue. preferredAuthenticationProtocol?: NullableOption; /** * Current certificate used to sign tokens passed to the Microsoft identity platform. The certificate is formatted as a * Base64 encoded string of the public portion of the federated IdP's token signing certificate and must be compatible * with the X509Certificate2 class. This property is used in the following scenarios: if a rollover is required outside of * the autorollover update a new federation service is being set up if the new token signing certificate isn't present in * the federation properties after the federation service certificate has been updated. Microsoft Entra ID updates * certificates via an autorollover process in which it attempts to retrieve a new certificate from the federation service * metadata, 30 days before expiry of the current certificate. If a new certificate isn't available, Microsoft Entra ID * monitors the metadata daily and will update the federation settings for the domain when a new certificate is available. */ signingCertificate?: NullableOption; } // tslint:disable-next-line: interface-name export interface InternalDomainFederation extends SamlOrWsFedProvider { /** * URL of the endpoint used by active clients when authenticating with federated domains set up for single sign-on in * Microsoft Entra ID. Corresponds to the ActiveLogOnUri property of the Set-MsolDomainFederationSettings MSOnline v1 * PowerShell cmdlet. */ activeSignInUri?: NullableOption; /** * Determines whether Microsoft Entra ID accepts the MFA performed by the federated IdP when a federated user accesses an * application that is governed by a conditional access policy that requires MFA. The possible values are: * acceptIfMfaDoneByFederatedIdp, enforceMfaByFederatedIdp, rejectMfaByFederatedIdp, unknownFutureValue. For more * information, see federatedIdpMfaBehavior values. */ federatedIdpMfaBehavior?: NullableOption; /** * If true, when SAML authentication requests are sent to the federated SAML IdP, Microsoft Entra ID will sign those * requests using the OrgID signing key. If false (default), the SAML authentication requests sent to the federated IdP * aren't signed. */ isSignedAuthenticationRequestRequired?: NullableOption; /** * Fallback token signing certificate that can also be used to sign tokens, for example when the primary signing * certificate expires. Formatted as Base64 encoded strings of the public portion of the federated IdP's token signing * certificate. Needs to be compatible with the X509Certificate2 class. Much like the signingCertificate, the * nextSigningCertificate property is used if a rollover is required outside of the auto-rollover update, a new federation * service is being set up, or if the new token signing certificate isn't present in the federation properties after the * federation service certificate has been updated. */ nextSigningCertificate?: NullableOption; /** * Sets the preferred behavior for the sign-in prompt. The possible values are: translateToFreshPasswordAuthentication, * nativeSupport, disabled, unknownFutureValue. */ promptLoginBehavior?: NullableOption; // Provides status and timestamp of the last update of the signing certificate. signingCertificateUpdateStatus?: NullableOption; /** * URI that clients are redirected to when they sign out of Microsoft Entra services. Corresponds to the LogOffUri * property of the Set-MsolDomainFederationSettings MSOnline v1 PowerShell cmdlet. */ signOutUri?: NullableOption; } export interface DomainDnsRecord extends Entity { /** * If false, this record must be configured by the customer at the DNS host for Microsoft Online Services to operate * correctly with the domain. */ isOptional?: boolean; // Value used when configuring the name of the DNS record at the DNS host. label?: string; // Indicates what type of DNS record this entity represents. The value can be CName, Mx, Srv, or Txt. recordType?: NullableOption; /** * Microsoft Online Service or feature that has a dependency on this DNS record. Can be one of the following values: null, * Email, Sharepoint, EmailInternalRelayOnly, OfficeCommunicationsOnline, SharePointDefaultDomain, FullRedelegation, * SharePointPublic, OrgIdAuthentication, Yammer, Intune. */ supportedService?: string; // Value to use when configuring the time-to-live (ttl) property of the DNS record at the DNS host. Not nullable. ttl?: number; } export interface DomainDnsCnameRecord extends DomainDnsRecord { // The canonical name of the CNAME record. Used to configure the CNAME record at the DNS host. canonicalName?: NullableOption; } export interface DomainDnsMxRecord extends DomainDnsRecord { // Value used when configuring the answer/destination/value of the MX record at the DNS host. mailExchange?: string; // Value used when configuring the Preference/Priority property of the MX record at the DNS host. preference?: NullableOption; } export interface DomainDnsSrvRecord extends DomainDnsRecord { // Value to use when configuring the Target property of the SRV record at the DNS host. nameTarget?: NullableOption; // Value to use when configuring the port property of the SRV record at the DNS host. port?: NullableOption; // Value to use when configuring the priority property of the SRV record at the DNS host. priority?: NullableOption; // Value to use when configuring the protocol property of the SRV record at the DNS host. protocol?: NullableOption; // Value to use when configuring the service property of the SRV record at the DNS host. service?: NullableOption; // Value to use when configuring the weight property of the SRV record at the DNS host. weight?: NullableOption; } export interface DomainDnsTxtRecord extends DomainDnsRecord { // Value used when configuring the text property at the DNS host. text?: string; } export interface DomainDnsUnavailableRecord extends DomainDnsRecord { // Provides the reason why the DomainDnsUnavailableRecord entity is returned. description?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface ExternalDomainName extends Entity {} export interface GroupSettingTemplate extends DirectoryObject { // Description of the template. description?: NullableOption; /** * Display name of the template. The template named Group.Unified can be used to configure tenant-wide Microsoft 365 group * settings, while the template named Group.Unified.Guest can be used to configure group-specific settings. */ displayName?: NullableOption; /** * Collection of settingTemplateValues that list the set of available settings, defaults and types that make up this * template. */ values?: SettingTemplateValue[]; } export interface Organization extends DirectoryObject { // The collection of service plans associated with the tenant. Not nullable. assignedPlans?: AssignedPlan[]; /** * Telephone number for the organization. Although this is a string collection, only one number can be set for this * property. */ businessPhones?: string[]; // City name of the address for the organization. city?: NullableOption; // Country/region name of the address for the organization. country?: NullableOption; // Country or region abbreviation for the organization in ISO 3166-2 format. countryLetterCode?: NullableOption; /** * Timestamp of when the organization was created. The value cannot be modified and is automatically populated when the * organization is created. The Timestamp type represents date and time information using ISO 8601 format and is always in * UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ createdDateTime?: NullableOption; // Two-letter ISO 3166 country code indicating the default service usage location of an organization. defaultUsageLocation?: NullableOption; // The display name for the tenant. displayName?: NullableOption; // Not nullable. marketingNotificationEmails?: string[]; /** * The time and date at which the tenant was last synced with the on-premises directory. The Timestamp type represents * date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z. Read-only. */ onPremisesLastSyncDateTime?: NullableOption; /** * true if this object is synced from an on-premises directory; false if this object was originally synced from an * on-premises directory but is no longer synced. Nullable. null if this object has never been synced from an on-premises * directory (default). */ onPremisesSyncEnabled?: NullableOption; /** * The type of partnership this tenant has with Microsoft. The possible values are: microsoftSupport, syndicatePartner, * breadthPartner, breadthPartnerDelegatedAdmin, resellerPartnerDelegatedAdmin, valueAddedResellerPartnerDelegatedAdmin, * unknownFutureValue. Nullable. For more information about the possible types, see partnerTenantType values. */ partnerTenantType?: NullableOption; // Postal code of the address for the organization. postalCode?: NullableOption; // The preferred language for the organization. Should follow ISO 639-1 Code; for example, en. preferredLanguage?: NullableOption; // The privacy profile of an organization. privacyProfile?: NullableOption; // Not nullable. provisionedPlans?: ProvisionedPlan[]; // Not nullable. securityComplianceNotificationMails?: string[]; // Not nullable. securityComplianceNotificationPhones?: string[]; // State name of the address for the organization. state?: NullableOption; // Street name of the address for organization. street?: NullableOption; // Not nullable. technicalNotificationMails?: string[]; /** * Not nullable. The tenant type option that was selected when the tenant was created. The possible values are: AAD - An * enterprise identity access management (IAM) service that serves business-to-employee and business-to-business (B2B) * scenarios. AAD B2C A customer identity access management (CIAM) service that serves business-to-consumer (B2C) * scenarios. */ tenantType?: NullableOption; // The collection of domains associated with this tenant. Not nullable. verifiedDomains?: VerifiedDomain[]; // Mobile device management authority. Possible values are: unknown, intune, sccm, office365. mobileDeviceManagementAuthority?: MdmAuthority; // Branding for the organization. Nullable. branding?: NullableOption; /** * Navigation property to manage certificate-based authentication configuration. Only a single instance of * certificateBasedAuthConfiguration can be created in the collection. */ certificateBasedAuthConfiguration?: NullableOption; // The collection of open extensions defined for the organization. Read-only. Nullable. extensions?: NullableOption; } export interface OrganizationalBrandingProperties extends Entity { /** * Color that appears in place of the background image in low-bandwidth connections. We recommend that you use the primary * color of your banner logo or your organization color. Specify this in hexadecimal format, for example, white is * #FFFFFF. */ backgroundColor?: NullableOption; /** * Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and * not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. */ backgroundImage?: NullableOption; /** * A relative URL for the backgroundImage property that is combined with a CDN base URL from the cdnList to provide the * version served by a CDN. Read-only. */ backgroundImageRelativeUrl?: NullableOption; /** * A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger * than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. */ bannerLogo?: NullableOption; /** * A relative URL for the bannerLogo property that is combined with a CDN base URL from the cdnList to provide the * read-only version served by a CDN. Read-only. */ bannerLogoRelativeUrl?: NullableOption; /** * A list of base URLs for all available CDN providers that are serving the assets of the current resource. Several CDN * providers are used at the same time for high availability of read requests. Read-only. */ cdnList?: NullableOption; /** * A custom URL for resetting account credentials. This URL must be in ASCII format or non-ASCII characters must be URL * encoded, and not exceed 128 characters. */ customAccountResetCredentialsUrl?: NullableOption; /** * A string to replace the default 'Can't access your account?' self-service password reset (SSPR) hyperlink text on the * sign-in page. This text must be in Unicode format and not exceed 256 characters. */ customCannotAccessYourAccountText?: NullableOption; /** * A custom URL to replace the default URL of the self-service password reset (SSPR) 'Can't access your account?' * hyperlink on the sign-in page. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not * exceed 128 characters. DO NOT USE. Use customAccountResetCredentialsUrl instead. */ customCannotAccessYourAccountUrl?: NullableOption; // CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB. customCSS?: NullableOption; /** * A relative URL for the customCSS property that is combined with a CDN base URL from the cdnList to provide the version * served by a CDN. Read-only. */ customCSSRelativeUrl?: NullableOption; /** * A string to replace the default 'Forgot my password' hyperlink text on the sign-in form. This text must be in Unicode * format and not exceed 256 characters. */ customForgotMyPasswordText?: NullableOption; /** * A string to replace the default 'Privacy and Cookies' hyperlink text in the footer. This text must be in Unicode format * and not exceed 256 characters. */ customPrivacyAndCookiesText?: NullableOption; /** * A custom URL to replace the default URL of the 'Privacy and Cookies' hyperlink in the footer. This URL must be in ASCII * format or non-ASCII characters must be URL encoded, and not exceed 128 characters. */ customPrivacyAndCookiesUrl?: NullableOption; /** * A string to replace the default 'reset it now' hyperlink text on the sign-in form. This text must be in Unicode format * and not exceed 256 characters. DO NOT USE: Customization of the 'reset it now' hyperlink text is currently not * supported. */ customResetItNowText?: NullableOption; /** * A string to replace the the default 'Terms of Use' hyperlink text in the footer. This text must be in Unicode format * and not exceed 256 characters. */ customTermsOfUseText?: NullableOption; /** * A custom URL to replace the default URL of the 'Terms of Use' hyperlink in the footer. This URL must be in ASCII format * or non-ASCII characters must be URL encoded, and not exceed 128characters. */ customTermsOfUseUrl?: NullableOption; // A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant. favicon?: NullableOption; /** * A relative url for the favicon above that is combined with a CDN base URL from the cdnList to provide the version * served by a CDN. Read-only. */ faviconRelativeUrl?: NullableOption; // The RGB color to apply to customize the color of the header. headerBackgroundColor?: NullableOption; /** * A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × * 245 pixels. We recommend using a transparent image with no padding around the logo. */ headerLogo?: NullableOption; /** * A relative URL for the headerLogo property that is combined with a CDN base URL from the cdnList to provide the * read-only version served by a CDN. Read-only. */ headerLogoRelativeUrl?: NullableOption; // Represents the layout configuration to be displayed on the login page for a tenant. loginPageLayoutConfiguration?: NullableOption; // Represents the various texts that can be hidden on the login page for a tenant. loginPageTextVisibilitySettings?: NullableOption; /** * Text that appears at the bottom of the sign-in box. Use this to communicate additional information, such as the phone * number to your help desk or a legal statement. This text must be in Unicode format and not exceed 1024 characters. */ signInPageText?: NullableOption; /** * A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows * Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than * 10 KB in size. We recommend using a transparent image with no padding around the logo. */ squareLogo?: NullableOption; /** * A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows * Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than * 10 KB in size. We recommend using a transparent image with no padding around the logo. */ squareLogoDark?: NullableOption; /** * A relative URL for the squareLogoDark property that is combined with a CDN base URL from the cdnList to provide the * version served by a CDN. Read-only. */ squareLogoDarkRelativeUrl?: NullableOption; /** * A relative URL for the squareLogo property that is combined with a CDN base URL from the cdnList to provide the version * served by a CDN. Read-only. */ squareLogoRelativeUrl?: NullableOption; /** * A string that shows as the hint in the username textbox on the sign-in screen. This text must be a Unicode, without * links or code, and can't exceed 64 characters. */ usernameHintText?: NullableOption; } export interface OrganizationalBranding extends OrganizationalBrandingProperties { // Add different branding based on a locale. localizations?: NullableOption; } // tslint:disable-next-line: no-empty-interface export interface OrganizationalBrandingLocalization extends OrganizationalBrandingProperties {} export interface OrgContact extends DirectoryObject { // Postal addresses for this organizational contact. For now a contact can only have one physical address. addresses?: NullableOption; /** * Name of the company that this organizational contact belongs to. Supports $filter (eq, ne, not, ge, le, in, startsWith, * and eq for null values). */ companyName?: NullableOption; /** * The name for the department in which the contact works. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq * for null values). */ department?: NullableOption; /** * Display name for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null * values), $search, and $orderby. */ displayName?: NullableOption; /** * First name for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null * values). */ givenName?: NullableOption; /** * Job title for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null * values). */ jobTitle?: NullableOption; /** * The SMTP address for the contact, for example, 'jeff@contoso.onmicrosoft.com'. Supports $filter (eq, ne, not, ge, le, * in, startsWith, and eq for null values). */ mail?: NullableOption; /** * Email alias (portion of email address pre-pending the @ symbol) for this organizational contact. Supports $filter (eq, * ne, not, ge, le, in, startsWith, and eq for null values). */ mailNickname?: NullableOption; /** * Date and time when this organizational contact was last synchronized from on-premises AD. This date and time * information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z. Supports $filter (eq, ne, not, ge, le, in). */ onPremisesLastSyncDateTime?: NullableOption; /** * List of any synchronization provisioning errors for this organizational contact. Supports $filter (eq, not for category * and propertyCausingError), /$count eq 0, /$count ne 0. */ onPremisesProvisioningErrors?: NullableOption; /** * true if this object is synced from an on-premises directory; false if this object was originally synced from an * on-premises directory but is no longer synced and now mastered in Exchange; null if this object has never been synced * from an on-premises directory (default). Supports $filter (eq, ne, not, in, and eq for null values). */ onPremisesSyncEnabled?: NullableOption; /** * List of phones for this organizational contact. Phone types can be mobile, business, and businessFax. Only one of each * type can ever be present in the collection. */ phones?: NullableOption; /** * For example: 'SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com'. The any operator is required for filter * expressions on multi-valued properties. Supports $filter (eq, not, ge, le, startsWith, /$count eq 0, /$count ne 0). */ proxyAddresses?: string[]; serviceProvisioningErrors?: NullableOption; /** * Last name for this organizational contact. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq for null * values). */ surname?: NullableOption; /** * The contact's direct reports. (The users and contacts that have their manager property set to this contact.) Read-only. * Nullable. Supports $expand. */ directReports?: NullableOption; // The user or contact that is this contact's manager. Read-only. Supports $expand and $filter (eq) by id. manager?: NullableOption; // Groups that this contact is a member of. Read-only. Nullable. Supports $expand. memberOf?: NullableOption; // Groups that this contact is a member of, including groups that the contact is nested under. Read-only. Nullable. transitiveMemberOf?: NullableOption; } export interface PermissionGrantConditionSet extends Entity { /** * A list of appId values for the client applications to match with, or a list with the single value all to match any * client application. Default is the single value all. */ clientApplicationIds?: NullableOption; /** * A list of Microsoft Partner Network (MPN) IDs for verified publishers of the client application, or a list with the * single value all to match with client apps from any publisher. Default is the single value all. */ clientApplicationPublisherIds?: NullableOption; /** * Set to true to only match on client applications with a verified publisher. Set to false to match on any client app, * even if it doesn't have a verified publisher. Default is false. */ clientApplicationsFromVerifiedPublisherOnly?: NullableOption; /** * A list of Microsoft Entra tenant IDs in which the client application is registered, or a list with the single value all * to match with client apps registered in any tenant. Default is the single value all. */ clientApplicationTenantIds?: NullableOption; /** * The permission classification for the permission being granted, or all to match with any permission classification * (including permissions that aren't classified). Default is all. */ permissionClassification?: NullableOption; /** * The list of id values for the specific permissions to match with, or a list with the single value all to match with any * permission. The id of delegated permissions can be found in the oauth2PermissionScopes property of the API's * servicePrincipal object. The id of application permissions can be found in the appRoles property of the API's * servicePrincipal object. The id of resource-specific application permissions can be found in the * resourceSpecificApplicationPermissions property of the API's servicePrincipal object. Default is the single value all. */ permissions?: NullableOption; /** * The permission type of the permission being granted. Possible values: application for application permissions (for * example app roles), or delegated for delegated permissions. The value delegatedUserConsentable indicates delegated * permissions that haven't been configured by the API publisher to require admin consent—this value may be used in * built-in permission grant policies, but can't be used in custom permission grant policies. Required. */ permissionType?: NullableOption; /** * The appId of the resource application (for example the API) for which a permission is being granted, or any to match * with any resource application or API. Default is any. */ resourceApplication?: NullableOption; } export interface RbacApplication extends Entity { resourceNamespaces?: NullableOption; // Resource to grant access to users or groups. roleAssignments?: NullableOption; // Resource representing the roles allowed by RBAC providers and the permissions assigned to the roles. roleDefinitions?: NullableOption; // Instances for active role assignments. roleAssignmentScheduleInstances?: NullableOption; // Requests for active role assignments to principals through PIM. roleAssignmentScheduleRequests?: NullableOption; // Schedules for active role assignment operations. roleAssignmentSchedules?: NullableOption; // Instances for role eligibility requests. roleEligibilityScheduleInstances?: NullableOption; // Requests for role eligibilities for principals through PIM. roleEligibilityScheduleRequests?: NullableOption; // Schedules for role eligibility operations. roleEligibilitySchedules?: NullableOption; } export interface UnifiedRbacResourceNamespace extends Entity { name?: string; resourceActions?: NullableOption; } export interface UnifiedRoleAssignment extends Entity { /** * Identifier of the app-specific scope when the assignment scope is app-specific. Either this property or * directoryScopeId is required. App scopes are scopes that are defined and understood by this application only. Use / for * tenant-wide app scopes. Use directoryScopeId to limit the scope to particular directory objects, for example, * administrative units. Supports $filter (eq, in). */ appScopeId?: NullableOption; condition?: NullableOption; /** * Identifier of the directory object representing the scope of the assignment. Either this property or appScopeId is * required. The scope of an assignment determines the set of resources for which the principal has been granted access. * Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for * tenant-wide scope. Use appScopeId to limit the scope to an application only. Supports $filter (eq, in). */ directoryScopeId?: NullableOption; // Identifier of the principal to which the assignment is granted. Supports $filter (eq, in). principalId?: NullableOption; // Identifier of the role definition the assignment is for. Read only. Supports $filter (eq, in). roleDefinitionId?: NullableOption; /** * Read-only property with details of the app specific scope when the assignment scope is app specific. Containment * entity. Supports $expand. */ appScope?: NullableOption; // The directory object that is the scope of the assignment. Read-only. Supports $expand. directoryScope?: NullableOption; // Referencing the assigned principal. Read-only. Supports $expand. principal?: NullableOption; // The roleDefinition the assignment is for. Supports $expand. roleDefinition.Id will be auto expanded. roleDefinition?: NullableOption; } export interface UnifiedRoleDefinition extends Entity { // The description for the unifiedRoleDefinition. Read-only when isBuiltIn is true. description?: NullableOption; // The display name for the unifiedRoleDefinition. Read-only when isBuiltIn is true. Required. Supports $filter (eq, in). displayName?: NullableOption; /** * Flag indicating whether the role definition is part of the default set included in Microsoft Entra or a custom * definition. Read-only. Supports $filter (eq, in). */ isBuiltIn?: NullableOption; /** * Flag indicating whether the role is enabled for assignment. If false the role is not available for assignment. * Read-only when isBuiltIn is true. */ isEnabled?: NullableOption; /** * List of the scopes or permissions the role definition applies to. Currently only / is supported. Read-only when * isBuiltIn is true. DO NOT USE. This will be deprecated soon. Attach scope to role assignment. */ resourceScopes?: string[]; // List of permissions included in the role. Read-only when isBuiltIn is true. Required. rolePermissions?: UnifiedRolePermission[]; /** * Custom template identifier that can be set when isBuiltIn is false but is read-only when isBuiltIn is true. This * identifier is typically used if one needs an identifier to be the same across different directories. */ templateId?: NullableOption; // Indicates version of the role definition. Read-only when isBuiltIn is true. version?: NullableOption; /** * Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in * roles (isBuiltIn is true) support this attribute. Supports $expand. */ inheritsPermissionsFrom?: NullableOption; } export interface UnifiedRoleScheduleInstanceBase extends Entity { /** * Identifier of the app-specific scope when the assignment or role eligibility is scoped to an app. The scope of an * assignment or role eligibility determines the set of resources for which the principal has been granted access. App * scopes are scopes that are defined and understood by this application only. Use / for tenant-wide app scopes. Use * directoryScopeId to limit the scope to particular directory objects, for example, administrative units. */ appScopeId?: NullableOption; /** * Identifier of the directory object representing the scope of the assignment or role eligibility. The scope of an * assignment or role eligibility determines the set of resources for which the principal has been granted access. * Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for * tenant-wide scope. Use appScopeId to limit the scope to an application only. */ directoryScopeId?: NullableOption; // Identifier of the principal that has been granted the role assignment or that's eligible for a role. principalId?: NullableOption; /** * Identifier of the unifiedRoleDefinition object that is being assigned to the principal or that the principal is * eligible for. */ roleDefinitionId?: NullableOption; /** * Read-only property with details of the app-specific scope when the assignment or role eligibility is scoped to an app. * Nullable. */ appScope?: NullableOption; // The directory object that is the scope of the assignment or role eligibility. Read-only. directoryScope?: NullableOption; // The principal that's getting a role assignment or role eligibility through the request. principal?: NullableOption; // Detailed information for the roleDefinition object that is referenced through the roleDefinitionId property. roleDefinition?: NullableOption; } export interface UnifiedRoleAssignmentScheduleInstance extends UnifiedRoleScheduleInstanceBase { // Type of the assignment which can either be Assigned or Activated. Supports $filter (eq, ne). assignmentType?: NullableOption; // The end date of the schedule instance. endDateTime?: NullableOption; /** * How the assignments is inherited. It can either be Inherited, Direct, or Group. It can further imply whether the * unifiedRoleAssignmentSchedule can be managed by the caller. Supports $filter (eq, ne). */ memberType?: NullableOption; // The identifier of the role assignment in Microsoft Entra. Supports $filter (eq, ne). roleAssignmentOriginId?: NullableOption; /** * The identifier of the unifiedRoleAssignmentSchedule object from which this instance was created. Supports $filter (eq, * ne). */ roleAssignmentScheduleId?: NullableOption; // When this instance starts. startDateTime?: NullableOption; /** * If the request is from an eligible administrator to activate a role, this parameter will show the related eligible * assignment for that activation. Otherwise, it is null. Supports $expand. */ activatedUsing?: NullableOption; } export interface Request extends Entity { // The identifier of the approval of the request. approvalId?: NullableOption; // The request completion date time. completedDateTime?: NullableOption; // The principal that created the request. createdBy?: NullableOption; // The request creation date time. createdDateTime?: NullableOption; // Free text field to define any custom data for the request. Not used. customData?: NullableOption; /** * The status of the request. Not nullable. The possible values are: Canceled, Denied, Failed, Granted, * PendingAdminDecision, PendingApproval, PendingProvisioning, PendingScheduleCreation, Provisioned, Revoked, and * ScheduleCreated. Not nullable. */ status?: string; } export interface UnifiedRoleAssignmentScheduleRequest extends Request { /** * Represents the type of the operation on the role assignment request. The possible values are: adminAssign, adminUpdate, * adminRemove, selfActivate, selfDeactivate, adminExtend, adminRenew, selfExtend, selfRenew, unknownFutureValue. * adminAssign: For administrators to assign roles to principals.adminRemove: For administrators to remove principals from * roles. adminUpdate: For administrators to change existing role assignments.adminExtend: For administrators to extend * expiring assignments.adminRenew: For administrators to renew expired assignments.selfActivate: For principals to * activate their assignments.selfDeactivate: For principals to deactivate their active assignments.selfExtend: For * principals to request to extend their expiring assignments.selfRenew: For principals to request to renew their expired * assignments. */ action?: NullableOption; /** * Identifier of the app-specific scope when the assignment is scoped to an app. The scope of an assignment determines the * set of resources for which the principal has been granted access. App scopes are scopes that are defined and understood * by this application only. Use / for tenant-wide app scopes. Use directoryScopeId to limit the scope to particular * directory objects, for example, administrative units. Supports $filter (eq, ne, and on null values). */ appScopeId?: NullableOption; /** * Identifier of the directory object representing the scope of the assignment. The scope of an assignment determines the * set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the * directory that are understood by multiple applications. Use / for tenant-wide scope. Use appScopeId to limit the scope * to an application only. Supports $filter (eq, ne, and on null values). */ directoryScopeId?: NullableOption; /** * Determines whether the call is a validation or an actual call. Only set this property if you want to check whether an * activation is subject to additional rules like MFA before actually submitting the request. */ isValidationOnly?: NullableOption; // A message provided by users and administrators when create they create the unifiedRoleAssignmentScheduleRequest object. justification?: NullableOption; /** * Identifier of the principal that has been granted the assignment. Can be a user, role-assignable group, or a service * principal. Supports $filter (eq, ne). */ principalId?: NullableOption; // Identifier of the unifiedRoleDefinition object that is being assigned to the principal. Supports $filter (eq, ne). roleDefinitionId?: NullableOption; // The period of the role assignment. Recurring schedules are currently unsupported. scheduleInfo?: NullableOption; // Identifier of the schedule object that's linked to the assignment request. Supports $filter (eq, ne). targetScheduleId?: NullableOption; // Ticket details linked to the role assignment request including details of the ticket number and ticket system. ticketInfo?: NullableOption; /** * If the request is from an eligible administrator to activate a role, this parameter will show the related eligible * assignment for that activation. Otherwise, it's null. Supports $expand. */ activatedUsing?: NullableOption; /** * Read-only property with details of the app-specific scope when the assignment is scoped to an app. Nullable. Supports * $expand. */ appScope?: NullableOption; // The directory object that is the scope of the assignment. Read-only. Supports $expand. directoryScope?: NullableOption; // The principal that's getting a role assignment through the request. Supports $expand. principal?: NullableOption; /** * Detailed information for the unifiedRoleDefinition object that is referenced through the roleDefinitionId property. * Supports $expand. */ roleDefinition?: NullableOption; /** * The schedule for an eligible role assignment that is referenced through the targetScheduleId property. Supports * $expand. */ targetSchedule?: NullableOption; } export interface UnifiedRoleScheduleBase extends Entity { /** * Identifier of the app-specific scope when the assignment or eligibility is scoped to an app. The scope of an assignment * or eligibility determines the set of resources for which the principal has been granted access. App scopes are scopes * that are defined and understood by this application only. Use / for tenant-wide app scopes. Use directoryScopeId to * limit the scope to particular directory objects, for example, administrative units. */ appScopeId?: NullableOption; // When the schedule was created. createdDateTime?: NullableOption; // Identifier of the object through which this schedule was created. createdUsing?: NullableOption; /** * Identifier of the directory object representing the scope of the assignment or eligibility. The scope of an assignment * or eligibility determines the set of resources for which the principal has been granted access. Directory scopes are * shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. Use * appScopeId to limit the scope to an application only. */ directoryScopeId?: NullableOption; // When the schedule was last modified. modifiedDateTime?: NullableOption; // Identifier of the principal that has been granted the role assignment or eligibility. principalId?: NullableOption; /** * Identifier of the unifiedRoleDefinition object that is being assigned to the principal or that a principal is eligible * for. */ roleDefinitionId?: NullableOption; // The status of the role assignment or eligibility request. status?: NullableOption; /** * Read-only property with details of the app-specific scope when the role eligibility or assignment is scoped to an app. * Nullable. */ appScope?: NullableOption; // The directory object that is the scope of the role eligibility or assignment. Read-only. directoryScope?: NullableOption; // The principal that's getting a role assignment or that's eligible for a role through the request. principal?: NullableOption; // Detailed information for the roleDefinition object that is referenced through the roleDefinitionId property. roleDefinition?: NullableOption; } export interface UnifiedRoleAssignmentSchedule extends UnifiedRoleScheduleBase { // Type of the assignment which can either be Assigned or Activated. Supports $filter (eq, ne). assignmentType?: NullableOption; /** * How the assignments is inherited. It can either be Inherited, Direct, or Group. It can further imply whether the * unifiedRoleAssignmentSchedule can be managed by the caller. Supports $filter (eq, ne). */ memberType?: NullableOption; // The period of the role assignment. It can represent a single occurrence or multiple recurrences. scheduleInfo?: NullableOption; /** * If the request is from an eligible administrator to activate a role, this parameter will show the related eligible * assignment for that activation. Otherwise, it is null. Supports $expand. */ activatedUsing?: NullableOption; } export interface UnifiedRoleEligibilityScheduleInstance extends UnifiedRoleScheduleInstanceBase { // The end date of the schedule instance. endDateTime?: NullableOption; /** * How the role eligibility is inherited. It can either be Inherited, Direct, or Group. It can further imply whether the * unifiedRoleEligibilitySchedule can be managed by the caller. Supports $filter (eq, ne). */ memberType?: NullableOption; /** * The identifier of the unifiedRoleEligibilitySchedule object from which this instance was created. Supports $filter (eq, * ne). */ roleEligibilityScheduleId?: NullableOption; // When this instance starts. startDateTime?: NullableOption; } export interface UnifiedRoleEligibilityScheduleRequest extends Request { /** * Represents the type of operation on the role eligibility request. The possible values are: adminAssign, adminUpdate, * adminRemove, selfActivate, selfDeactivate, adminExtend, adminRenew, selfExtend, selfRenew, unknownFutureValue. * adminAssign: For administrators to assign eligible roles to principals.adminRemove: For administrators to remove * eligible roles from principals. adminUpdate: For administrators to change existing role eligibilities.adminExtend: For * administrators to extend expiring role eligibilities.adminRenew: For administrators to renew expired * eligibilities.selfActivate: For users to activate their assignments.selfDeactivate: For users to deactivate their * active assignments.selfExtend: For users to request to extend their expiring assignments.selfRenew: For users to * request to renew their expired assignments. */ action?: NullableOption; /** * Identifier of the app-specific scope when the role eligibility is scoped to an app. The scope of a role eligibility * determines the set of resources for which the principal is eligible to access. App scopes are scopes that are defined * and understood by this application only. Use / for tenant-wide app scopes. Use directoryScopeId to limit the scope to * particular directory objects, for example, administrative units. Supports $filter (eq, ne, and on null values). */ appScopeId?: NullableOption; /** * Identifier of the directory object representing the scope of the role eligibility. The scope of a role eligibility * determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes * stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. Use appScopeId to * limit the scope to an application only. Supports $filter (eq, ne, and on null values). */ directoryScopeId?: NullableOption; /** * Determines whether the call is a validation or an actual call. Only set this property if you want to check whether an * activation is subject to additional rules like MFA before actually submitting the request. */ isValidationOnly?: NullableOption; /** * A message provided by users and administrators when create they create the unifiedRoleEligibilityScheduleRequest * object. */ justification?: NullableOption; /** * Identifier of the principal that has been granted the role eligibility. Can be a user or a role-assignable group. You * can grant only active assignments service principals.Supports $filter (eq, ne). */ principalId?: NullableOption; // Identifier of the unifiedRoleDefinition object that is being assigned to the principal. Supports $filter (eq, ne). roleDefinitionId?: NullableOption; // The period of the role eligibility. Recurring schedules are currently unsupported. scheduleInfo?: NullableOption; // Identifier of the schedule object that's linked to the eligibility request. Supports $filter (eq, ne). targetScheduleId?: NullableOption; /** * Ticket details linked to the role eligibility request including details of the ticket number and ticket system. * Optional. */ ticketInfo?: NullableOption; /** * Read-only property with details of the app-specific scope when the role eligibility is scoped to an app. Nullable. * Supports $expand. */ appScope?: NullableOption; // The directory object that is the scope of the role eligibility. Read-only. Supports $expand. directoryScope?: NullableOption; // The principal that's getting a role eligibility through the request. Supports $expand. principal?: NullableOption; /** * Detailed information for the unifiedRoleDefinition object that is referenced through the roleDefinitionId property. * Supports $expand. */ roleDefinition?: NullableOption; // The schedule for a role eligibility that is referenced through the targetScheduleId property. Supports $expand. targetSchedule?: NullableOption; } export interface UnifiedRoleEligibilitySchedule extends UnifiedRoleScheduleBase { /** * How the role eligibility is inherited. It can either be Inherited, Direct, or Group. It can further imply whether the * unifiedRoleEligibilitySchedule can be managed by the caller. Supports $filter (eq, ne). */ memberType?: NullableOption; // The period of the role eligibility. scheduleInfo?: NullableOption; } export interface TargetDeviceGroup extends Entity { // Display name for the target device group. displayName?: NullableOption; } export interface RoleManagement { directory?: NullableOption; // Container for roles and assignments for entitlement management resources. entitlementManagement?: NullableOption; } export interface SamlOrWsFedExternalDomainFederation extends SamlOrWsFedProvider { // Collection of domain names of the external organizations that the tenant is federating with. Supports $filter (eq). domains?: NullableOption; } export interface SubscribedSku extends Entity { // The unique ID of the account this SKU belongs to. accountId?: NullableOption; // The name of the account this SKU belongs to. accountName?: NullableOption; // The target class for this SKU. Only SKUs with target class User are assignable. Possible values are: 'User', 'Company'. appliesTo?: NullableOption; /** * Enabled indicates that the prepaidUnits property has at least one unit that is enabled. LockedOut indicates that the * customer canceled their subscription. Possible values are: Enabled, Warning, Suspended, Deleted, LockedOut. */ capabilityStatus?: NullableOption; // The number of licenses that have been assigned. consumedUnits?: NullableOption; // Information about the number and status of prepaid licenses. prepaidUnits?: NullableOption; // Information about the service plans that are available with the SKU. Not nullable. servicePlans?: ServicePlanInfo[]; // The unique identifier (GUID) for the service SKU. skuId?: NullableOption; /** * The SKU part number; for example: 'AAD_PREMIUM' or 'RMSBASIC'. To get a list of commercial subscriptions that an * organization has acquired, see List subscribedSkus. */ skuPartNumber?: NullableOption; subscriptionIds?: NullableOption; } export interface TenantRelationship { // The customer who has a delegated admin relationship with a Microsoft partner. delegatedAdminCustomers?: NullableOption; // The details of the delegated administrative privileges that a Microsoft partner has in a customer tenant. delegatedAdminRelationships?: NullableOption; } export interface DelegatedAdminCustomer extends Entity { // The Microsoft Entra ID display name of the customer tenant. Read-only. Supports $orderby. displayName?: NullableOption; // The Microsoft Entra ID-assigned tenant ID of the customer. Read-only. tenantId?: string; // Contains the management details of a service in the customer tenant that's managed by delegated administration. serviceManagementDetails?: NullableOption; } export interface DelegatedAdminRelationship extends Entity { /** * The access details that contain the identifiers of the administrative roles that the partner admin is requesting in the * customer tenant. */ accessDetails?: DelegatedAdminAccessDetails; // The date and time in ISO 8601 format and in UTC time when the relationship became active. Read-only. activatedDateTime?: NullableOption; /** * The duration by which the validity of the relationship is automatically extended, denoted in ISO 8601 format. Supported * values are: P0D, PT0S, P180D. The default value is PT0S. PT0S indicates that the relationship expires when the * endDateTime is reached and it isn't automatically extended. */ autoExtendDuration?: NullableOption; // The date and time in ISO 8601 format and in UTC time when the relationship was created. Read-only. createdDateTime?: NullableOption; /** * The display name and unique identifier of the customer of the relationship. This is configured either by the partner at * the time the relationship is created or by the system after the customer approves the relationship. Can't be changed by * the customer. */ customer?: NullableOption; /** * The display name of the relationship used for ease of identification. Must be unique across all delegated admin * relationships of the partner and is set by the partner only when the relationship is in the created status and can't be * changed by the customer. */ displayName?: string; /** * The duration of the relationship in ISO 8601 format. Must be a value between P1D and P2Y inclusive. This is set by the * partner only when the relationship is in the created status and can't be changed by the customer. */ duration?: string; /** * The date and time in ISO 8601 format and in UTC time when the status of relationship changes to either terminated or * expired. Calculated as endDateTime = activatedDateTime + duration. Read-only. */ endDateTime?: NullableOption; // The date and time in ISO 8601 format and in UTC time when the relationship was last modified. Read-only. lastModifiedDateTime?: NullableOption; /** * The status of the relationship. Read Only. The possible values are: activating, active, approvalPending, approved, * created, expired, expiring, terminated, terminating, terminationRequested, unknownFutureValue. Supports $orderby. */ status?: NullableOption; // The access assignments associated with the delegated admin relationship. accessAssignments?: NullableOption; // The long running operations associated with the delegated admin relationship. operations?: NullableOption; // The requests associated with the delegated admin relationship. requests?: NullableOption; } export interface UnifiedRbacResourceAction extends Entity { actionVerb?: NullableOption; authenticationContextId?: NullableOption; description?: NullableOption; isAuthenticationContextSettable?: NullableOption; name?: string; resourceScopeId?: NullableOption; } export interface Admin { // A container for Microsoft Edge resources. Read-only. edge?: NullableOption; sharepoint?: NullableOption; // A container for service communications resources. Read-only. serviceAnnouncement?: NullableOption; // Represents a setting to control people-related admin settings in the tenant. people?: NullableOption; } export interface Edge extends Entity { // A container for Internet Explorer mode resources. internetExplorerMode?: NullableOption; } export interface Sharepoint extends Entity { settings?: NullableOption; } export interface ServiceAnnouncement extends Entity { /** * A collection of service health information for tenant. This property is a contained navigation property, it is nullable * and readonly. */ healthOverviews?: NullableOption; /** * A collection of service issues for tenant. This property is a contained navigation property, it is nullable and * readonly. */ issues?: NullableOption; /** * A collection of service messages for tenant. This property is a contained navigation property, it is nullable and * readonly. */ messages?: NullableOption; } export interface PeopleAdminSettings extends Entity { // Contains a collection of the properties an administrator has defined as visible on the Microsoft 365 profile card. profileCardProperties?: NullableOption; } export interface BrowserSharedCookie extends Entity { // The comment for the shared cookie. comment?: string; // The date and time when the shared cookie was created. createdDateTime?: string; // The date and time when the shared cookie was deleted. deletedDateTime?: NullableOption; // The name of the cookie. displayName?: string; // The history of modifications applied to the cookie. history?: BrowserSharedCookieHistory[]; // Controls whether a cookie is a host-only or domain cookie. hostOnly?: boolean; // The URL of the cookie. hostOrDomain?: string; // The user who last modified the cookie. lastModifiedBy?: NullableOption; // The date and time when the cookie was last modified. lastModifiedDateTime?: string; // The path of the cookie. path?: string; /** * Specifies how the cookies are shared between Microsoft Edge and Internet Explorer. The possible values are: * microsoftEdge, internetExplorer11, both, unknownFutureValue. */ sourceEnvironment?: BrowserSharedCookieSourceEnvironment; /** * The status of the cookie. The possible values are: published, pendingAdd, pendingEdit, pendingDelete, * unknownFutureValue. */ status?: BrowserSharedCookieStatus; } export interface BrowserSite extends Entity { /** * Controls the behavior of redirected sites. If true, indicates that the site will open in Internet Explorer 11 or * Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. */ allowRedirect?: boolean; // The comment for the site. comment?: string; /** * Controls what compatibility setting is used for specific sites or domains. The possible values are: default, * internetExplorer8Enterprise, internetExplorer7Enterprise, internetExplorer11, internetExplorer10, internetExplorer9, * internetExplorer8, internetExplorer7, internetExplorer5, unknownFutureValue. */ compatibilityMode?: BrowserSiteCompatibilityMode; // The date and time when the site was created. createdDateTime?: string; // The date and time when the site was deleted. deletedDateTime?: NullableOption; // The history of modifications applied to the site. history?: BrowserSiteHistory[]; // The user who last modified the site. lastModifiedBy?: NullableOption; // The date and time when the site was last modified. lastModifiedDateTime?: string; // The merge type of the site. The possible values are: noMerge, default, unknownFutureValue. mergeType?: BrowserSiteMergeType; /** * Indicates the status of the site. The possible values are: published, pendingAdd, pendingEdit, pendingDelete, * unknownFutureValue. */ status?: BrowserSiteStatus; /** * The target environment that the site should open in. The possible values are: internetExplorerMode, internetExplorer11, * microsoftEdge, configurable, none, unknownFutureValue.Prior to June 15, 2022, the internetExplorer11 option would allow * opening a site in the Internet Explorer 11 (IE11) desktop application. Following the retirement of IE11 on June 15, * 2022, the internetExplorer11 option will no longer open an IE11 window and will instead behave the same as the * internetExplorerMode option. */ targetEnvironment?: BrowserSiteTargetEnvironment; // The URL of the site. webUrl?: string; } export interface BrowserSiteList extends Entity { // The description of the site list. description?: string; // The name of the site list. displayName?: string; // The user who last modified the site list. lastModifiedBy?: NullableOption; // The date and time when the site list was last modified. lastModifiedDateTime?: string; // The user who published the site list. publishedBy?: NullableOption; // The date and time when the site list was published. publishedDateTime?: NullableOption; // The current revision of the site list. revision?: string; // The current status of the site list. The possible values are: draft, published, pending, unknownFutureValue. status?: BrowserSiteListStatus; // A collection of shared cookies defined for the site list. sharedCookies?: NullableOption; // A collection of sites defined for the site list. sites?: NullableOption; } // tslint:disable-next-line: interface-name export interface InternetExplorerMode extends Entity { // A collection of site lists to support Internet Explorer mode. siteLists?: NullableOption; } export interface EducationAssignment extends Entity { /** * Optional field to control the assignment behavior for students who are added after the assignment is published. If not * specified, defaults to none. Supported values are: none, assignIfOpen. For example, a teacher can use assignIfOpen to * indicate that an assignment should be assigned to any new student who joins the class while the assignment is still * open, and none to indicate that an assignment should not be assigned to new students. */ addedStudentAction?: NullableOption; /** * Optional field to control the assignment behavior for adding assignments to students' and teachers' calendars when the * assignment is published. The possible values are: none, studentsAndPublisher, studentsAndTeamOwners, * unknownFutureValue, and studentsOnly. Note that you must use the Prefer: include-unknown-enum-members request header to * get the following value(s) in this evolvable enum: studentsOnly. The default value is none. */ addToCalendarAction?: NullableOption; /** * Identifies whether students can submit after the due date. If this property isn't specified during create, it defaults * to true. */ allowLateSubmissions?: NullableOption; /** * Identifies whether students can add their own resources to a submission or if they can only modify resources added by * the teacher. */ allowStudentsToAddResourcesToSubmission?: NullableOption; /** * The date when the assignment should become active. If in the future, the assignment isn't shown to the student until * this date. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For * example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ assignDateTime?: NullableOption; /** * The moment that the assignment was published to students and the assignment shows up on the students timeline. The * Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ assignedDateTime?: NullableOption; // Which users, or whole class should receive a submission object once the assignment is published. assignTo?: NullableOption; // Class which this assignment belongs. classId?: NullableOption; /** * Date when the assignment will be closed for submissions. This is an optional field that can be null if the assignment * does not allowLateSubmissions or when the closeDateTime is the same as the dueDateTime. But if specified, then the * closeDateTime must be greater than or equal to the dueDateTime. The Timestamp type represents date and time information * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ closeDateTime?: NullableOption; // Who created the assignment. createdBy?: NullableOption; /** * Moment when the assignment was created. The Timestamp type represents date and time information using ISO 8601 format * and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ createdDateTime?: NullableOption; // Name of the assignment. displayName?: NullableOption; /** * Date when the students assignment is due. The Timestamp type represents date and time information using ISO 8601 format * and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ dueDateTime?: NullableOption; // Folder URL where all the feedback file resources for this assignment are stored. feedbackResourcesFolderUrl?: NullableOption; // How the assignment will be graded. grading?: NullableOption; // Instructions for the assignment. This along with the display name tell the student what to do. instructions?: NullableOption; // Who last modified the assignment. lastModifiedBy?: NullableOption; /** * Moment when the assignment was last modified. The Timestamp type represents date and time information using ISO 8601 * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ lastModifiedDateTime?: NullableOption; /** * Optional field to specify the URL of the channel to post the assignment publish notification. If not specified or null, * defaults to the General channel. This field only applies to assignments where the assignTo value is * educationAssignmentClassRecipient. Updating the notificationChannelUrl isn't allowed after the assignment has been * published. */ notificationChannelUrl?: NullableOption; // Folder URL where all the file resources for this assignment are stored. resourcesFolderUrl?: NullableOption; // Status of the Assignment. You can't PATCH this value. Possible values are: draft, scheduled, published, assigned. status?: NullableOption; // The deep link URL for the given assignment. webUrl?: NullableOption; // When set, enables users to easily find assignments of a given type. Read-only. Nullable. categories?: NullableOption; // Learning objects that are associated with this assignment. Only teachers can modify this list. Nullable. resources?: NullableOption; // When set, the grading rubric attached to this assignment. rubric?: NullableOption; // Once published, there is a submission object for each student representing their work and grade. Read-only. Nullable. submissions?: NullableOption; } export interface EducationCategory extends Entity { // Unique identifier for the category. displayName?: NullableOption; } export interface EducationAssignmentResource extends Entity { // Indicates whether this resource should be copied to each student submission for modification and submission. Required distributeForStudentWork?: NullableOption; // Resource object that has been associated with this assignment. resource?: NullableOption; } export interface EducationRubric extends Entity { // The user who created this resource. createdBy?: NullableOption; /** * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ createdDateTime?: NullableOption; // The description of this rubric. description?: NullableOption; // The name of this rubric. displayName?: NullableOption; /** * The grading type of this rubric -- null for a no-points rubric, or educationAssignmentPointsGradeType for a points * rubric. */ grading?: NullableOption; // The last user to modify the resource. lastModifiedBy?: NullableOption; /** * Moment in time when the resource was last modified. The Timestamp type represents date and time information using ISO * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ lastModifiedDateTime?: NullableOption; // The collection of levels making up this rubric. levels?: NullableOption; // The collection of qualities making up this rubric. qualities?: NullableOption; } export interface EducationSubmission extends Entity { // User who moved the status of this submission to reassigned. reassignedBy?: NullableOption; /** * Moment in time when the submission was reassigned. The Timestamp type represents date and time information using ISO * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ reassignedDateTime?: NullableOption; // Who this submission is assigned to. recipient?: NullableOption; // Folder where all file resources for this submission need to be stored. resourcesFolderUrl?: NullableOption; // User who moved the status of this submission to returned. returnedBy?: NullableOption; /** * Moment in time when the submission was returned. The Timestamp type represents date and time information using ISO 8601 * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ returnedDateTime?: NullableOption; /** * Read-only. Possible values are: working, submitted, returned, and reassigned. Note that you must use the Prefer: * include-unknown-enum-members request header to get the following value(s) in this evolvable enum: reassigned. */ status?: NullableOption; // User who moved the resource into the submitted state. submittedBy?: NullableOption; /** * Moment in time when the submission was moved into the submitted state. The Timestamp type represents date and time * information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z */ submittedDateTime?: NullableOption; // User who moved the resource from submitted into the working state. unsubmittedBy?: NullableOption; /** * Moment in time when the submission was moved from submitted into the working state. The Timestamp type represents date * and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is * 2014-01-01T00:00:00Z */ unsubmittedDateTime?: NullableOption; outcomes?: NullableOption; resources?: NullableOption; submittedResources?: NullableOption; } export interface EducationAssignmentDefaults extends Entity { /** * Class-level default behavior for handling students who are added after the assignment is published. Possible values * are: none, assignIfOpen. */ addedStudentAction?: NullableOption; /** * Optional field to control adding assignments to students' and teachers' calendars when the assignment is published. The * possible values are: none, studentsAndPublisher, studentsAndTeamOwners, unknownFutureValue, and studentsOnly. Note that * you must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this evolvable * enum: studentsOnly. The default value is none. */ addToCalendarAction?: NullableOption; // Class-level default value for due time field. Default value is 23:59:00. dueTime?: NullableOption; // Default Teams channel to which notifications will be sent. Default value is null. notificationChannelUrl?: NullableOption; } export interface EducationAssignmentSettings extends Entity { /** * Indicates whether turn-in celebration animation is shown. A value of true indicates that the animation isn't shown. * Default value is false. */ submissionAnimationDisabled?: NullableOption; } export interface EducationClass extends Entity { // Class code used by the school to identify the class. classCode?: NullableOption; course?: NullableOption; // Entity who created the class createdBy?: NullableOption; // Description of the class. description?: NullableOption; // Name of the class. displayName?: string; // ID of the class from the syncing system. externalId?: NullableOption; // Name of the class in the syncing system. externalName?: NullableOption; // How this class was created. Possible values are: sis, manual. externalSource?: NullableOption; // The name of the external source this resources was generated from. externalSourceDetail?: NullableOption; // Grade level of the class. grade?: NullableOption; // Mail name for sending email to all members, if this is enabled. mailNickname?: string; // Term for this class. term?: NullableOption; // All categories associated with this class. Nullable. assignmentCategories?: NullableOption; // Specifies class-level defaults respected by new assignments created in the class. assignmentDefaults?: NullableOption; // All assignments associated with this class. Nullable. assignments?: NullableOption; // Specifies class-level assignments settings. assignmentSettings?: NullableOption; // The underlying Microsoft 365 group object. group?: NullableOption; // All users in the class. Nullable. members?: NullableOption; // All schools that this class is associated with. Nullable. schools?: NullableOption; // All teachers in the class. Nullable. teachers?: NullableOption; } export interface EducationUser extends Entity { // Related records associated with the user. Read-only. relatedContacts?: NullableOption; // True if the account is enabled; otherwise, false. This property is required when a user is created. Supports $filter. accountEnabled?: NullableOption; // The licenses that are assigned to the user. Not nullable. assignedLicenses?: AssignedLicense[]; // The plans that are assigned to the user. Read-only. Not nullable. assignedPlans?: AssignedPlan[]; /** * The telephone numbers for the user. Note: Although this is a string collection, only one number can be set for this * property. */ businessPhones?: string[]; // The entity who created the user. createdBy?: NullableOption; // The name for the department in which the user works. Supports $filter. department?: NullableOption; /** * The name displayed in the address book for the user. This is usually the combination of the user's first name, middle * initial, and last name. This property is required when a user is created and it cannot be cleared during updates. * Supports $filter and $orderby. */ displayName?: NullableOption; // Where this user was created from. Possible values are: sis, manual. externalSource?: NullableOption; // The name of the external source this resource was generated from. externalSourceDetail?: NullableOption; // The given name (first name) of the user. Supports $filter. givenName?: NullableOption; // The SMTP address for the user, for example, jeff@contoso.onmicrosoft.com. Read-Only. Supports $filter. mail?: NullableOption; // The mail address of the user. mailingAddress?: NullableOption; // The mail alias for the user. This property must be specified when a user is created. Supports $filter. mailNickname?: NullableOption; // The middle name of the user. middleName?: NullableOption; // The primary cellular telephone number for the user. mobilePhone?: NullableOption; officeLocation?: NullableOption; // Additional information used to associate the Microsoft Entra user with its Active Directory counterpart. onPremisesInfo?: NullableOption; /** * Specifies password policies for the user. This value is an enumeration with one possible value being * DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration * can also be specified. The two can be specified together; for example: DisablePasswordExpiration, * DisableStrongPassword. */ passwordPolicies?: NullableOption; /** * Specifies the password profile for the user. The profile contains the user's password. This property is required when a * user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies * property. By default, a strong password is required. */ passwordProfile?: NullableOption; // The preferred language for the user that should follow the ISO 639-1 code, for example, en-US. preferredLanguage?: NullableOption; /** * Default role for a user. The user's role might be different in an individual class. Possible values are: student, * teacher, none, unknownFutureValue. */ primaryRole?: EducationUserRole; // The plans that are provisioned for the user. Read-only. Not nullable. provisionedPlans?: ProvisionedPlan[]; refreshTokensValidFromDateTime?: NullableOption; // The address where the user lives. residenceAddress?: NullableOption; /** * True if the Outlook Global Address List should contain this user; otherwise, false. If not set, this will be treated as * true. For users invited through the invitation manager, this property will be set to false. */ showInAddressList?: NullableOption; // If the primary role is student, this block will contain student specific data. student?: NullableOption; // The user's surname (family name or last name). Supports $filter. surname?: NullableOption; // If the primary role is teacher, this block will contain teacher specific data. teacher?: NullableOption; /** * A two-letter country code (ISO standard 3166). Required for users who will be assigned licenses due to a legal * requirement to check for availability of services in countries or regions. Examples include: US, JP, and GB. Not * nullable. Supports $filter. */ usageLocation?: NullableOption; /** * The user principal name (UPN) of the user. The UPN is an internet-style login name for the user based on the internet * standard RFC 822. By convention, this should map to the user's email name. The general format is alias@domain, where * domain must be present in the tenant's collection of verified domains. This property is required when a user is * created. The verified domains for the tenant can be accessed from the verifiedDomains property of the organization. * Supports $filter and $orderby. */ userPrincipalName?: NullableOption; // A string value that can be used to classify user types in your directory, such as Member and Guest. Supports $filter. userType?: NullableOption; // Assignments belonging to the user. assignments?: NullableOption; // When set, the grading rubric attached to the assignment. rubrics?: NullableOption; // Classes to which the user belongs. Nullable. classes?: NullableOption; // Schools to which the user belongs. Nullable. schools?: NullableOption; // Classes for which the user is a teacher. taughtClasses?: NullableOption; // The directory user that corresponds to this user. user?: NullableOption; } export interface EducationOrganization extends Entity { // Organization description. description?: NullableOption; // Organization display name. displayName?: string; // Source where this organization was created from. Possible values are: sis, manual. externalSource?: NullableOption; // The name of the external source this resource was generated from. externalSourceDetail?: NullableOption; } export interface EducationSchool extends EducationOrganization { // Address of the school. address?: NullableOption; // Entity who created the school. createdBy?: NullableOption; // ID of school in syncing system. externalId?: NullableOption; // ID of principal in syncing system. externalPrincipalId?: NullableOption; fax?: NullableOption; // Highest grade taught. highestGrade?: NullableOption; // Lowest grade taught. lowestGrade?: NullableOption; // Phone number of school. phone?: NullableOption; // Email address of the principal. principalEmail?: NullableOption; // Name of the principal. principalName?: NullableOption; // School Number. schoolNumber?: NullableOption; // The underlying administrativeUnit for this school. administrativeUnit?: NullableOption; // Classes taught at the school. Nullable. classes?: NullableOption; // Users in the school. Nullable. users?: NullableOption; } export interface EducationOutcome extends Entity { // The individual who updated the resource. lastModifiedBy?: NullableOption; /** * The moment in time when the resource was last modified. The Timestamp type represents date and time information using * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2021 is 2021-01-01T00:00:00Z. */ lastModifiedDateTime?: NullableOption; } export interface EducationFeedbackOutcome extends EducationOutcome { // Teacher's written feedback to the student. feedback?: NullableOption; // A copy of the feedback property that is made when the grade is released to the student. publishedFeedback?: NullableOption; } export interface EducationFeedbackResourceOutcome extends EducationOutcome { // The actual feedback resource. feedbackResource?: NullableOption; /** * The status of the feedback resource. The possible values are: notPublished, pendingPublish, published, failedPublish, * unknownFutureValue. */ resourceStatus?: NullableOption; } export interface EducationPointsOutcome extends EducationOutcome { // The numeric grade the teacher has given the student for this assignment. points?: NullableOption; // A copy of the points property that is made when the grade is released to the student. publishedPoints?: NullableOption; } export interface EducationRoot { classes?: NullableOption; me?: NullableOption; schools?: NullableOption; users?: NullableOption; } export interface EducationRubricOutcome extends EducationOutcome { // A copy of the rubricQualityFeedback property that is made when the grade is released to the student. publishedRubricQualityFeedback?: NullableOption; // A copy of the rubricQualitySelectedLevels property that is made when the grade is released to the student. publishedRubricQualitySelectedLevels?: NullableOption; // A collection of specific feedback for each quality of this rubric. rubricQualityFeedback?: NullableOption; // The level that the teacher has selected for each quality while grading this assignment. rubricQualitySelectedLevels?: NullableOption; } export interface EducationSubmissionResource extends Entity { // Pointer to the assignment from which the resource was copied, and if null, the student uploaded the resource. assignmentResourceUrl?: NullableOption; // Resource object. resource?: NullableOption; } export interface DriveItem extends BaseItem { // Audio metadata, if the item is an audio file. Read-only. Read-only. Only on OneDrive Personal. audio?: NullableOption