APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
Permission type
Least privileged permissions
Higher privileged permissions
Delegated (work or school account)
CustomSecAttributeDefinition.ReadWrite.All
Not available.
Delegated (personal Microsoft account)
Not supported.
Not supported.
Application
CustomSecAttributeDefinition.ReadWrite.All
Not available.
Important
In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. Attribute Definition Administrator is the only privileged role supported for this operation.
By default, Global Administrator and other administrator roles don't have permissions to read, define, or assign custom security attributes.
HTTP request
POST /directory/customSecurityAttributeDefinitions
Name of the attribute set. Case sensitive. Required.
description
String
Description of the custom security attribute. Can be up to 128 characters long and include Unicode characters. Can't contain spaces or special characters. Can be changed later. Optional.
isCollection
Boolean
Indicates whether multiple values can be assigned to the custom security attribute. Can't be changed later. If type is set to Boolean, isCollection can't be set to true. Required.
isSearchable
Boolean
Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute values. Can't be changed later. Required.
name
String
Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and include Unicode characters. Can't contain spaces or special characters. Can't be changed later. Case sensitive. Required.
status
String
Specifies whether the custom security attribute is active or deactivated. Acceptable values are Available and Deprecated. Can be changed later. Required.
type
String
Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Can't be changed later. Required.
usePreDefinedValuesOnly
Boolean
Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can later be changed from true to false, but can't be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly can't be set to true. Required.
The id property is auto generated and can't be set.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new CustomSecurityAttributeDefinition
{
AttributeSet = "Engineering",
Description = "Target completion date",
IsCollection = false,
IsSearchable = true,
Name = "ProjectDate",
Status = "Available",
Type = "String",
UsePreDefinedValuesOnly = false,
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.CustomSecurityAttributeDefinitions.PostAsync(requestBody);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewCustomSecurityAttributeDefinition()
attributeSet := "Engineering"
requestBody.SetAttributeSet(&attributeSet)
description := "Target completion date"
requestBody.SetDescription(&description)
isCollection := false
requestBody.SetIsCollection(&isCollection)
isSearchable := true
requestBody.SetIsSearchable(&isSearchable)
name := "ProjectDate"
requestBody.SetName(&name)
status := "Available"
requestBody.SetStatus(&status)
type := "String"
requestBody.SetType(&type)
usePreDefinedValuesOnly := false
requestBody.SetUsePreDefinedValuesOnly(&usePreDefinedValuesOnly)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
customSecurityAttributeDefinitions, err := graphClient.Directory().CustomSecurityAttributeDefinitions().Post(context.Background(), requestBody, nil)
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CustomSecurityAttributeDefinition customSecurityAttributeDefinition = new CustomSecurityAttributeDefinition();
customSecurityAttributeDefinition.setAttributeSet("Engineering");
customSecurityAttributeDefinition.setDescription("Target completion date");
customSecurityAttributeDefinition.setIsCollection(false);
customSecurityAttributeDefinition.setIsSearchable(true);
customSecurityAttributeDefinition.setName("ProjectDate");
customSecurityAttributeDefinition.setStatus("Available");
customSecurityAttributeDefinition.setType("String");
customSecurityAttributeDefinition.setUsePreDefinedValuesOnly(false);
CustomSecurityAttributeDefinition result = graphClient.directory().customSecurityAttributeDefinitions().post(customSecurityAttributeDefinition);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\CustomSecurityAttributeDefinition;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CustomSecurityAttributeDefinition();
$requestBody->setAttributeSet('Engineering');
$requestBody->setDescription('Target completion date');
$requestBody->setIsCollection(false);
$requestBody->setIsSearchable(true);
$requestBody->setName('ProjectDate');
$requestBody->setStatus('Available');
$requestBody->setType('String');
$requestBody->setUsePreDefinedValuesOnly(false);
$result = $graphServiceClient->directory()->customSecurityAttributeDefinitions()->post($requestBody)->wait();
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.custom_security_attribute_definition import CustomSecurityAttributeDefinition
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = CustomSecurityAttributeDefinition(
attribute_set = "Engineering",
description = "Target completion date",
is_collection = False,
is_searchable = True,
name = "ProjectDate",
status = "Available",
type = "String",
use_pre_defined_values_only = False,
)
result = await graph_client.directory.custom_security_attribute_definitions.post(request_body)
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
POST https://graph.microsoft.com/beta/directory/customSecurityAttributeDefinitions
Content-Type: application/json
Content-length: 310
{
"attributeSet":"Engineering",
"description":"Active projects for user",
"isCollection":true,
"isSearchable":true,
"name":"Project",
"status":"Available",
"type":"String",
"usePreDefinedValuesOnly": true
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new CustomSecurityAttributeDefinition
{
AttributeSet = "Engineering",
Description = "Active projects for user",
IsCollection = true,
IsSearchable = true,
Name = "Project",
Status = "Available",
Type = "String",
UsePreDefinedValuesOnly = true,
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.CustomSecurityAttributeDefinitions.PostAsync(requestBody);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewCustomSecurityAttributeDefinition()
attributeSet := "Engineering"
requestBody.SetAttributeSet(&attributeSet)
description := "Active projects for user"
requestBody.SetDescription(&description)
isCollection := true
requestBody.SetIsCollection(&isCollection)
isSearchable := true
requestBody.SetIsSearchable(&isSearchable)
name := "Project"
requestBody.SetName(&name)
status := "Available"
requestBody.SetStatus(&status)
type := "String"
requestBody.SetType(&type)
usePreDefinedValuesOnly := true
requestBody.SetUsePreDefinedValuesOnly(&usePreDefinedValuesOnly)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
customSecurityAttributeDefinitions, err := graphClient.Directory().CustomSecurityAttributeDefinitions().Post(context.Background(), requestBody, nil)
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CustomSecurityAttributeDefinition customSecurityAttributeDefinition = new CustomSecurityAttributeDefinition();
customSecurityAttributeDefinition.setAttributeSet("Engineering");
customSecurityAttributeDefinition.setDescription("Active projects for user");
customSecurityAttributeDefinition.setIsCollection(true);
customSecurityAttributeDefinition.setIsSearchable(true);
customSecurityAttributeDefinition.setName("Project");
customSecurityAttributeDefinition.setStatus("Available");
customSecurityAttributeDefinition.setType("String");
customSecurityAttributeDefinition.setUsePreDefinedValuesOnly(true);
CustomSecurityAttributeDefinition result = graphClient.directory().customSecurityAttributeDefinitions().post(customSecurityAttributeDefinition);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\CustomSecurityAttributeDefinition;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CustomSecurityAttributeDefinition();
$requestBody->setAttributeSet('Engineering');
$requestBody->setDescription('Active projects for user');
$requestBody->setIsCollection(true);
$requestBody->setIsSearchable(true);
$requestBody->setName('Project');
$requestBody->setStatus('Available');
$requestBody->setType('String');
$requestBody->setUsePreDefinedValuesOnly(true);
$result = $graphServiceClient->directory()->customSecurityAttributeDefinitions()->post($requestBody)->wait();
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Import-Module Microsoft.Graph.Beta.Identity.DirectoryManagement
$params = @{
attributeSet = "Engineering"
description = "Active projects for user"
isCollection = $true
isSearchable = $true
name = "Project"
status = "Available"
type = "String"
usePreDefinedValuesOnly = $true
}
New-MgBetaDirectoryCustomSecurityAttributeDefinition -BodyParameter $params
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.custom_security_attribute_definition import CustomSecurityAttributeDefinition
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = CustomSecurityAttributeDefinition(
attribute_set = "Engineering",
description = "Active projects for user",
is_collection = True,
is_searchable = True,
name = "Project",
status = "Available",
type = "String",
use_pre_defined_values_only = True,
)
result = await graph_client.directory.custom_security_attribute_definitions.post(request_body)
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new CustomSecurityAttributeDefinition
{
AttributeSet = "Engineering",
Description = "Active projects for user",
IsCollection = true,
IsSearchable = true,
Name = "Project",
Status = "Available",
Type = "String",
UsePreDefinedValuesOnly = true,
AllowedValues = new List<AllowedValue>
{
new AllowedValue
{
Id = "Alpine",
IsActive = true,
},
new AllowedValue
{
Id = "Baker",
IsActive = true,
},
new AllowedValue
{
Id = "Cascade",
IsActive = true,
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.CustomSecurityAttributeDefinitions.PostAsync(requestBody);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewCustomSecurityAttributeDefinition()
attributeSet := "Engineering"
requestBody.SetAttributeSet(&attributeSet)
description := "Active projects for user"
requestBody.SetDescription(&description)
isCollection := true
requestBody.SetIsCollection(&isCollection)
isSearchable := true
requestBody.SetIsSearchable(&isSearchable)
name := "Project"
requestBody.SetName(&name)
status := "Available"
requestBody.SetStatus(&status)
type := "String"
requestBody.SetType(&type)
usePreDefinedValuesOnly := true
requestBody.SetUsePreDefinedValuesOnly(&usePreDefinedValuesOnly)
allowedValue := graphmodels.NewAllowedValue()
id := "Alpine"
allowedValue.SetId(&id)
isActive := true
allowedValue.SetIsActive(&isActive)
allowedValue1 := graphmodels.NewAllowedValue()
id := "Baker"
allowedValue1.SetId(&id)
isActive := true
allowedValue1.SetIsActive(&isActive)
allowedValue2 := graphmodels.NewAllowedValue()
id := "Cascade"
allowedValue2.SetId(&id)
isActive := true
allowedValue2.SetIsActive(&isActive)
allowedValues := []graphmodels.AllowedValueable {
allowedValue,
allowedValue1,
allowedValue2,
}
requestBody.SetAllowedValues(allowedValues)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
customSecurityAttributeDefinitions, err := graphClient.Directory().CustomSecurityAttributeDefinitions().Post(context.Background(), requestBody, nil)
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CustomSecurityAttributeDefinition customSecurityAttributeDefinition = new CustomSecurityAttributeDefinition();
customSecurityAttributeDefinition.setAttributeSet("Engineering");
customSecurityAttributeDefinition.setDescription("Active projects for user");
customSecurityAttributeDefinition.setIsCollection(true);
customSecurityAttributeDefinition.setIsSearchable(true);
customSecurityAttributeDefinition.setName("Project");
customSecurityAttributeDefinition.setStatus("Available");
customSecurityAttributeDefinition.setType("String");
customSecurityAttributeDefinition.setUsePreDefinedValuesOnly(true);
LinkedList<AllowedValue> allowedValues = new LinkedList<AllowedValue>();
AllowedValue allowedValue = new AllowedValue();
allowedValue.setId("Alpine");
allowedValue.setIsActive(true);
allowedValues.add(allowedValue);
AllowedValue allowedValue1 = new AllowedValue();
allowedValue1.setId("Baker");
allowedValue1.setIsActive(true);
allowedValues.add(allowedValue1);
AllowedValue allowedValue2 = new AllowedValue();
allowedValue2.setId("Cascade");
allowedValue2.setIsActive(true);
allowedValues.add(allowedValue2);
customSecurityAttributeDefinition.setAllowedValues(allowedValues);
CustomSecurityAttributeDefinition result = graphClient.directory().customSecurityAttributeDefinitions().post(customSecurityAttributeDefinition);
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\CustomSecurityAttributeDefinition;
use Microsoft\Graph\Beta\Generated\Models\AllowedValue;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CustomSecurityAttributeDefinition();
$requestBody->setAttributeSet('Engineering');
$requestBody->setDescription('Active projects for user');
$requestBody->setIsCollection(true);
$requestBody->setIsSearchable(true);
$requestBody->setName('Project');
$requestBody->setStatus('Available');
$requestBody->setType('String');
$requestBody->setUsePreDefinedValuesOnly(true);
$allowedValuesAllowedValue1 = new AllowedValue();
$allowedValuesAllowedValue1->setId('Alpine');
$allowedValuesAllowedValue1->setIsActive(true);
$allowedValuesArray []= $allowedValuesAllowedValue1;
$allowedValuesAllowedValue2 = new AllowedValue();
$allowedValuesAllowedValue2->setId('Baker');
$allowedValuesAllowedValue2->setIsActive(true);
$allowedValuesArray []= $allowedValuesAllowedValue2;
$allowedValuesAllowedValue3 = new AllowedValue();
$allowedValuesAllowedValue3->setId('Cascade');
$allowedValuesAllowedValue3->setIsActive(true);
$allowedValuesArray []= $allowedValuesAllowedValue3;
$requestBody->setAllowedValues($allowedValuesArray);
$result = $graphServiceClient->directory()->customSecurityAttributeDefinitions()->post($requestBody)->wait();
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
Import-Module Microsoft.Graph.Beta.Identity.DirectoryManagement
$params = @{
attributeSet = "Engineering"
description = "Active projects for user"
isCollection = $true
isSearchable = $true
name = "Project"
status = "Available"
type = "String"
usePreDefinedValuesOnly = $true
allowedValues = @(
@{
id = "Alpine"
isActive = $true
}
@{
id = "Baker"
isActive = $true
}
@{
id = "Cascade"
isActive = $true
}
)
}
New-MgBetaDirectoryCustomSecurityAttributeDefinition -BodyParameter $params
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.custom_security_attribute_definition import CustomSecurityAttributeDefinition
from msgraph_beta.generated.models.allowed_value import AllowedValue
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = CustomSecurityAttributeDefinition(
attribute_set = "Engineering",
description = "Active projects for user",
is_collection = True,
is_searchable = True,
name = "Project",
status = "Available",
type = "String",
use_pre_defined_values_only = True,
allowed_values = [
AllowedValue(
id = "Alpine",
is_active = True,
),
AllowedValue(
id = "Baker",
is_active = True,
),
AllowedValue(
id = "Cascade",
is_active = True,
),
],
)
result = await graph_client.directory.custom_security_attribute_definitions.post(request_body)
Important
Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.