policyRoot resource type
Namespace: microsoft.graph
Resource type exposing navigation properties for the policies singleton.
Methods
None
Properties
None
Relationships
| Relationship | Type | Description |
|---|---|---|
| accessReviewPolicy | accessReviewPolicy | The policy that contains directory-level access review settings. |
| activityBasedTimeoutPolicies | activityBasedTimeoutPolicy collection | The policy that controls the idle time-out for web sessions for applications. |
| adminConsentRequestPolicy | adminConsentRequestPolicy | The policy by which consent requests are created and managed for the entire tenant. |
| appManagementPolicies | appManagementPolicy collection | The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy. |
| authenticationFlowsPolicy | authenticationFlowsPolicy | The policy configuration of the self-service sign-up experience of guests. |
| authenticationMethodsPolicy | authenticationMethodsPolicy | The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication (MFA) in Microsoft Entra ID. |
| authenticationStrengthPolicies | authenticationStrengthPolicy collection | The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access. |
| authorizationPolicy | authorizationPolicy collection | The policy that controls Microsoft Entra authorization settings. |
| b2cAuthenticationMethodsPolicy | b2cAuthenticationMethodsPolicy | The Azure AD B2C policies that define how end users register via local accounts. |
| claimsMappingPolicies | claimsMappingPolicy collection | The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application. |
| conditionalAccessPolicies | conditionalAccessPolicy | The custom rules that define an access scenario. |
| crossTenantAccessPolicy | crossTenantAccessPolicy | The custom rules that define an access scenario when interacting with external Microsoft Entra tenants. |
| deviceRegistrationPolicy | deviceRegistrationPolicy | Represents the policy scope that controls quota restrictions, additional authentication, and authorization policies to register device identities to your organization. |
| defaultAppManagementPolicy | tenantAppManagementPolicy | The tenant-wide policy that enforces app management restrictions for all applications and service principals. |
| externalIdentitiesPolicy | externalIdentitiesPolicy | Represents the tenant-wide policy that controls whether guests can leave a Microsoft Entra tenant via self-service controls. |
| featureRolloutPolicies | featureRolloutPolicy collection | The feature rollout policy associated with a directory object. |
| federatedTokenValidationPolicy | federatedTokenValidationPolicy | Represents a policy to control enabling or disabling validation of federation authentication tokens. |
| homeRealmDiscoveryPolicies | homeRealmDiscoveryPolicy collection | The policy to control Microsoft Entra authentication behavior for federated users. |
| identitySecurityDefaultsEnforcementPolicy | identitySecurityDefaultsEnforcementPolicy | The policy that represents the security defaults that protect against common attacks. |
| mobileAppManagementPolicies | mobilityManagementPolicy collection | The policy that defines autoenrollment configuration for a mobility management (MDM or MAM) application. |
| permissionGrantPolicies | permissionGrantPolicy collection | The policy that specifies the conditions under which consent can be granted. |
| permissionGrantPreApprovalPolicies | permissionGrantPreApprovalPolicy collection | Policies that specify the conditions under which consent can be granted to a specific application. |
| roleManagementPolicies | unifiedRoleManagementPolicy collection | Represents the role management policies. |
| roleManagementPolicyAssignments | unifiedRoleManagementPolicyAssignment collection | Represents the role management policy assignments. |
| tokenIssuancePolicies | tokenIssuancePolicy collection | The policy that specifies the characteristics of SAML tokens issued by Microsoft Entra ID. |
| tokenLifetimePolicies | tokenLifetimePolicy collection | The policy that controls the lifetime of a JWT access token, an ID token, or a SAML 1.1/2.0 token issued by Microsoft Entra ID. |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.policyRoot"
}