What's new in Microsoft Graph
Microsoft Graph provides a unified programmability model that you can use to access data in Microsoft 365, Windows, and Enterprise Mobility + Security. This article provides information about what's new in Microsoft Graph APIs, documentation, SDKs, and more.
For more detailed API-level updates, see the Microsoft Graph API changelog.
For details about previous updates to Microsoft Graph, see Microsoft Graph what's new history.
Important
Features in preview status are subject to change without notice, and might not be promoted to generally available (GA) status. Don't use preview features in production apps.
January 2025: New and generally available
Files
Updated the endpoint of the fileStorageContainer: restore method.
Identity and access | Identity and sign-in
Added riskEventType entry for the Suspicious API Traffic detection for service principals.
Teamwork and communications | Calls and online meetings
Microsoft Teams custom meeting templates allow you to specify values for many of the meeting options available to meeting organizers. Use the meetingTemplateId property on onlineMeeting to create an online meeting with a meeting template.
Teamwork and communications | Messaging
- Get a chat message with an @mention for everyone.
- Get a chat message that has a forwarded message as an attachment.
January 2025: New in preview only
Device and app management | Cloud PC
- Retry a bulk action with selected Cloud PCs.
- Use the productType property on cloudPC to get the product type of a Cloud PC or to filter Cloud PCs by product type.
Files
Updated the endpoint of the fileStorageContainer: restore method.
Identity and access | Directory management
- Use the alternativeNames property on device to get or set alternative names for a device.
- Use the deviceTemplate resource and its associated methods to manage device templates for devices in Microsoft Entra ID.
- Use the mutualTlsOauthConfiguration resource and its associated methods to manage certificate authorities that are permitted to issue certificates for a specific set of objects used for mTLS.
Identity and access | Identity and sign-in
Added support for configuring a custom email provider for one-time passcodes (OTP) in Microsoft Entra External ID by using the following objects:
- The onOtpSendCustomExtension resource type to configure the custom authentication extension that contains configuration details of the external service that might be an Azure Function.
- The onEmailOtpSendListener resource type to configure the event listener that is triggered to send the OTP prompt to the user, based on the configuration details in the onOtpSendCustomExtension object.
The functionality also allows you to configure the default fallback option when the custom authentication extension isn't successfully called.
Industry data ETL
Use the start operation on the industryDataRun resource to perform an on-demand run, with throttling limits of up to five successful runs every 12 hours.
Tasks and plans
- Use the teamsChannel container type to create plans in shared channels in Microsoft Teams.
- List Planner plans owned by a shared channel in Teams.
December 2024: New and generally available
Reports
Microsoft Graph activity logs, which provide an audit trail of all HTTP requests that Microsoft Graph received and processed for your tenant, are now available in China operated by 21Vianet.
Security | Alerts and incidents
Enabled the description, displayName, resolvingComment, and severity properties as supported properties in an Update incident request.
Teamwork and communications | Calls and online meetings
- Use the following new methods for virtual events that are of the virtualEventTownhall type:
- Link external event information to a virtualEventTownhall or virtualEventWebinar by setting an externalEventId.
- Use the externalEventInformation on virtualEventTownhall and virtualEventWebinar to identify the external event information of a virtual event.
- Use the externalRegistrationInformation property on virtualEventRegistration to get or set the external information for a virtual event registration.
Teamwork and communications | Shift management
- Stage the deletion of an openShift, shift, or timeOff instance in a schedule in draft mode.
- Use the eligibilityFilteringEnabledEntities property on workforceIntegration to get or set support for viewing eligibility-filtered results.
Users
Published the following lesser privileged permissions for managing specific scenarios on the user object:
| Permission | Comments |
|---|---|
| User-Mail.ReadWrite.All | Least privileged permission to update the otherMails property. |
| User-PasswordProfile.ReadWrite.All | Least privileged permission to read and write password reset-related properties. |
| User-Phone.ReadWrite.All | Least privileged permission to update the businessPhones and mobilePhone properties. Previously, only the Directory.AccessAsUser.All permission was supported to update the properties for admin user. We recommend you move the lesser privileged permission instead. |
| User.EnableDisableAccount.All | Least privileged permission to update the accountEnabled property. Requires User.Read.All permission as well. Previously, only the Directory.AccessAsUser.All permission was supported to update the account status for admin users. We recommend you move the lesser privileged permission instead. |
| User.DeleteRestore.All | Least privileged permission to delete a user, restore a deleted user from the recycle bin, or permanently delete a deleted user from the recycle bin. Also allows retrieving deleted users via the /directory/deleteditems/microsoft.graph.user endpoint. |
December 2024: New in preview only
Backup Storage
Use the new restore bulk addition request API for more convenient, efficient, and scalable restore solutions. This API is designed to streamline the restore process by allowing direct submission of restoration resources in a bulk request. The following resources are supported:
- driveRestoreArtifactsBulkAdditionRequest
- mailboxRestoreArtifactsBulkAdditionRequest
- siteRestoreArtifactsBulkAdditionRequest
Device and app management | Cloud PC
- Use the disasterRecoveryType property on cloudPcCrossRegionDisasterRecoverySetting to get or set the type of disaster recovery to perform when a disaster occurs on a user's Cloud PC.
- Use the userInitiatedDisasterRecoveryAllowed property on cloudPcCrossRegionDisasterRecoverySetting to get or set whether the client allows the end user to initiate a disaster recovery activation.
- Deprecated the crossRegionDisasterRecoveryEnabled property of the cloudPcCrossRegionDisasterRecoverySetting resource. Going forward use the disasterRecoveryType property.
- Enabled
endpointConnectivityCheckVMAgentEndPointCommunicationErroras a supported error type in the errorType property of the cloudPcOnPremisesConnectionHealthCheck resource.
Identity and access | Directory management
While restoring soft-deleted users, you can now specify whether Microsoft Entra ID should replace the user's userPrincipalName with a new value.
Identity and access | Identity and sign-in
- Use Microsoft Graph APIs to stay informed about the latest product updates, including the product roadmap and change announcements, the programmatic alternative to the What's new tab on the Microsoft Entra admin center.
- You can now manage hardware OATH tokens for your organization and users programmatically via the following Microsoft Graph APIs:
- hardwareOathTokenAuthenticationMethodDevice resource type and its associated methods to manage the hardware tokens in your tenant, including assigning to users
- hardwareOathAuthenticationMethod resource type and its associated methods to manage tokens that are already assigned to users by activating or deactivating them
Reports | Microsoft 365 monitoring reports
The Microsoft 365 monitoring APIs provide telemetry data to monitor the health of various Microsoft services within a Microsoft 365 subscription for your organization. Use the new operations in the serviceActivity resource to get telemetry data for Exchange Online, Microsoft 365 Apps, and Microsoft Teams.
Security | Alerts and incidents
Enabled the description, displayName, and severity properties as supported properties in an Update incident request.
Sites and lists
- Create and manage a news link page in SharePoint.
- Archive or unarchive a SharePoint site.
Teamwork and communications | Calls and online meetings
The get and list operations of the callRecording and callTranscript resources support the retrieval of call recordings or call transcripts from private chat meetings and channel meetings.
Teamwork and communications | Messaging
Use the firstChannelName property on team to set the name of the first channel created in a team.
November 2024: New and generally available
Files
Use a range of new methods and resources for enhanced file storage management, including methods for managing columns and recycle bin items. You can also run operations like restore, lock, unlock, and more across the fileStorageContainer, fileStorage, and recycleBin resources.
Applications | Policies
Use the state property on keyCredentialConfiguration and passwordCredentialConfiguration to indicate whether a restriction is evaluated.
Security | Alerts and incidents
Enabled the active, pendingApproval, declined, unremediated, running, and partiallyRemediated statuses in the evidenceRemediationStatus enumeration. Use these new statuses via the remediationStatus property of the alertEvidence and its inherited types.
Security | Identities
The Defender for Identity sensors management API enables you to create detailed reports on the sensors in your workspace, providing information such as server name, sensor version, type, state, and health status. It also allows you to manage sensor settings, including adding descriptions, enabling or disabling delayed updates, and specifying the domain controller the sensor connects to for querying Entra ID. For more information, see sensor.
Teamwork and communications | Calls and online meetings
Use the administrativeUnitInfos property on participant and organizer to get the IDs of one or more administrative units for a call participant.
November 2024: New in preview only
Device and app management | Cloud PC
- Added new endpoints that support application permissions in the following methods of the cloudPC resource:
- Use the reservePercentage property in the [cloudPcProvisioningPolicy: apply] method to specify the percentage of Cloud PCs to keep available for frontline shared scenarios.
- Use the getCloudPCPerformanceReport method to get reports related to the performance of Cloud PCs.
- Use the reportName parameter with the getInaccessibleCloudPcReports method to specify the Cloud PC report type.
- Enabled the
performanceTrendReportandinaccessibleCloudPcTrendReportoptions for the reportName parameter in the Create cloudPcExportJob method.
Device and app management | Device updates
- Deploy a hotpatch quality update using Windows Autopatch.
- Use the isHotpatchUpdate property on productRevision to identify whether the content is hotpatchable.
- Use the isHotpatchEnabled property on userExperienceSettings to identify whether the update is offered as a hotpatch.
Files
Lock or unlock a fileStorageContainer.
Identity and access | Identity and sign-in
- Use the oidcIdentityProvider resource and its methods to interact with OpenID Connect identity providers in a Microsoft Entra external tenant.
- Added the certificateBasedAuthPki resource to manage the collection of public key infrastructure (PKI) instances for the certificate-based authentication method, and the certificateAuthorityDetail resource to access the properties of each certificate authority object within a certificateBasedAuthPki.
Identity and access | Network access
List, create, get, update, and delete fqdnFilteringRule and webCategoryFilteringRule resources that are derived types of filteringRule.
Reports | Identity and access reports
Use the sessionId property on signIn to get the identifier of the session that was generated during a sign-in.
Security | Discovered cloud apps
The new Microsoft Defender for Cloud apps API in Microsoft Graph is designed to provide an efficient and reliable way to query discovered apps information, making it easier for you to analyze the risks associated with the discovered apps. Use the following resources and their methods to get data and insights across the discovered SaaS apps ecosystem:
- cloudAppDiscoveryReport
- discoveredCloudAppDetail
- discoveredCloudAppInfo
- discoveredCloudAppUser
- discoveredCloudAppIPAddress
- discoveredCloudAppDevice
- endpointDiscoveredCloudAppDetail
Security | eDiscovery
Added application authentication for Microsoft Purview eDiscovery Graph APIs. For more information about setting up app-only access, see Set up application authentication.
Teamwork and communications | AI interactions
Use the getAllEnterpriseInteractions method to get Microsoft 365 Copilot interaction data, including user prompts to Copilot and Copilot responses.
Teamwork and communications | Calls and online meetings
- Link external event information to a virtualEventTownhall or virtualEventWebinar by setting an externalEventId.
- Use the externalEventInformation on virtualEventTownhall and virtualEventWebinar to identify the external event information of a virtual event.
- Use the allowedLobbyAdmitters property on onlineMeeting to get or set the users who can admit from the lobby.
- Use the allowedLobbyAdmitters property on onlineMeeting to get or set the users who can admit from the lobby.
- Get or set whether users of Microsoft 365 Copilot in Teams Meetings can receive responses to sentiment-related prompts.
Contribute to Microsoft Graph
Are there scenarios you'd like Microsoft Graph to support?
Suggest and vote for new features by using the Microsoft Graph Feedback Portal. Some new features originate as popular requests from the developer community. The Microsoft Graph team regularly evaluates customer needs and releases new features to the beta (
https://graph.microsoft.com/beta) and v1.0 (https://graph.microsoft.com/v1.0) endpoints.Join the weekly Microsoft 365 platform community call and become an active member of the Microsoft Graph community. To discover the full calendar of developer calls, visit the Microsoft 365 and Power Platform community page.
Join our research panel to provide your input on our developer experiences.